/* Sample file for progam AnetTest. Run program as anettest -c trace1.pcap -c trace2.pcap -c trace3.pcap -f compare_mode.fws Program will search all the packets defined below in trace-files. and will output info about packets for which search results don't correspond packet's requests (ACCEPT or DROP) */ // packet 1 - any packet with value of "srcip" equal to 192.168.0.3 srcip 192.168.0.3 SEND ACCEPT ACCEPT DROP // packet 2 - any packet with value of "srcip" equal to 192.168.0.1 srcip 192.168.0.1 SEND ACCEPT DROP ACCEPT CLEARMASK // resets packet's mask to 0, it will correspond to any packet // otherwise the field "SRCIP" will stay in mask, but we don't want it to apply for next packet // another way to exclude the field from mask: "srcip = any" // packet 3 - any packet with value of "srcport" equal to 22 srcport 22 SEND DROP ACCEPT ACCEPT /****** Analog *************** srcip 192.168.0.3 >> >> << srcip 192.168.0.1 >> << >> CLEARMASK srcport 22 << >> >> */ /* Result: Packet on line 12 (compare_mode.fws) : droped (dev 2) Packet on line 16 (compare_mode.fws) : droped (dev 1) Packet on line 16 (compare_mode.fws) : accepted (dev 2) Packet on line 16 (compare_mode.fws) : droped (dev 3) Packet on line 26 (compare_mode.fws) : droped (dev 2) */