/* 
    Sample file for progam AnetTest.
    Run program as
        anettest -c trace1.pcap -c trace2.pcap -c trace3.pcap -f compare_mode.fws
 
    Program will search all the packets defined below in trace-files.
    and will output info about packets for which search results don't correspond packet'
s requests (ACCEPT   PARAMETERS: {accept | drop | any }
Request specification. The request that the packet must be received. Analog of SEND   PARAMETERS: {accept | drop | any }
In common regime generates the packet defined above. In other regimes (testing packet filter, see command FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

 and option -c) may simply separate packets one from another, so by this command the current content of buffer will be fixed and the new packet will be registered. The requests after command don't make sense in common regime (only while testing packet filter).

 ACCEPT   PARAMETERS: {accept | drop | any }
Request specification. The request that the packet must be received. Analog of SEND   PARAMETERS: {accept | drop | any }
In common regime generates the packet defined above. In other regimes (testing packet filter, see command FASTTEST and option -c) may simply separate packets one from another, so by this command the current content of buffer will be fixed and the new packet will be registered. The requests after command don't make sense in common regime (only while testing packet filter).

 ACCEPT   PARAMETERS: {accept | drop | any }
Request specification. The request that the packet must be received. Analog of SEND ACCEPT. It may be processed as command while testing packet filter only (command FASTTEST or option -c). In common regime it may be among parameters to command only.

. It may be processed as command while testing packet filter only (command FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

 or option -c). In common regime it may be among parameters to command only.

. It may be processed as command while testing packet filter only (command FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

".

 or option -c). In common regime it may be among parameters to command only.

 or DROP   PARAMETERS: {accept | drop | any }
Request specification. The request that the packet must not be received. May be used as command - replacement for "SEND   PARAMETERS: {accept | drop | any }
In common regime generates the packet defined above. In other regimes (testing packet filter, see command FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

 and option -c) may simply separate packets one from another, so by this command the current content of buffer will be fixed and the new packet will be registered. The requests after command don't make sense in common regime (only while testing packet filter).

 DROP   PARAMETERS: {accept | drop | any }
Request specification. The request that the packet must not be received. May be used as command - replacement for "SEND   PARAMETERS: {accept | drop | any }
In common regime generates the packet defined above. In other regimes (testing packet filter, see command FASTTEST and option -c) may simply separate packets one from another, so by this command the current content of buffer will be fixed and the new packet will be registered. The requests after command don't make sense in common regime (only while testing packet filter).

 DROP   PARAMETERS: {accept | drop | any }
Request specification. The request that the packet must not be received. May be used as command - replacement for "SEND DROP". It may be processed as command while testing packet filter only (command FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

 or option -c). In common regime it may be among parameters to command only.

". It may be processed as command while testing packet filter only (command FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

".

 or option -c). In common regime it may be among parameters to command only.

". It may be processed as command while testing packet filter only (command FASTTEST   PARAMETERS: no parameters
Enables FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

 regime for packet filter test. See "samples/FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

".

".

 or option -c). In common regime it may be among parameters to command only.

)
 */

// packet 1 - any packet with value of "srcip"
 equal to 192.168.0.3

srcip   192.168.0.3     SEND   PARAMETERS: {accept | drop | any }
In common regime generates the packet defined above. In other regimes (testing packet filter, see command FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

".

 and option -c) may simply separate packets one from another, so by this command the current content of buffer will be fixed and the new packet will be registered. The requests after command don't make sense in common regime (only while testing packet filter).

 ACCEPT   PARAMETERS: {accept | drop | any }
Request specification. The request that the packet must be received. Analog of SEND   PARAMETERS: {accept | drop | any }
In common regime generates the packet defined above. In other regimes (testing packet filter, see command FASTTEST and option -c) may simply separate packets one from another, so by this command the current content of buffer will be fixed and the new packet will be registered. The requests after command don't make sense in common regime (only while testing packet filter).

 ACCEPT   PARAMETERS: {accept | drop | any }
Request specification. The request that the packet must be received. Analog of SEND ACCEPT. It may be processed as command while testing packet filter only (command FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

 or option -c). In common regime it may be among parameters to command only.

. It may be processed as command while testing packet filter only (command FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

".

 or option -c). In common regime it may be among parameters to command only.

 ACCEPT   PARAMETERS: {accept | drop | any }
Request specification. The request that the packet must be received. Analog of SEND   PARAMETERS: {accept | drop | any }
In common regime generates the packet defined above. In other regimes (testing packet filter, see command FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

 and option -c) may simply separate packets one from another, so by this command the current content of buffer will be fixed and the new packet will be registered. The requests after command don't make sense in common regime (only while testing packet filter).

 ACCEPT   PARAMETERS: {accept | drop | any }
Request specification. The request that the packet must be received. Analog of SEND   PARAMETERS: {accept | drop | any }
In common regime generates the packet defined above. In other regimes (testing packet filter, see command FASTTEST and option -c) may simply separate packets one from another, so by this command the current content of buffer will be fixed and the new packet will be registered. The requests after command don't make sense in common regime (only while testing packet filter).

 ACCEPT   PARAMETERS: {accept | drop | any }
Request specification. The request that the packet must be received. Analog of SEND ACCEPT. It may be processed as command while testing packet filter only (command FASTTEST or option -c). In common regime it may be among parameters to command only.

. It may be processed as command while testing packet filter only (command FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

 or option -c). In common regime it may be among parameters to command only.

. It may be processed as command while testing packet filter only (command FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

".

 or option -c). In common regime it may be among parameters to command only.

 DROP   PARAMETERS: {accept | drop | any }
Request specification. The request that the packet must not be received. May be used as command - replacement for "SEND   PARAMETERS: {accept | drop | any }
In common regime generates the packet defined above. In other regimes (testing packet filter, see command FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

 and option -c) may simply separate packets one from another, so by this command the current content of buffer will be fixed and the new packet will be registered. The requests after command don't make sense in common regime (only while testing packet filter).

 DROP   PARAMETERS: {accept | drop | any }
Request specification. The request that the packet must not be received. May be used as command - replacement for "SEND   PARAMETERS: {accept | drop | any }
In common regime generates the packet defined above. In other regimes (testing packet filter, see command FASTTEST and option -c) may simply separate packets one from another, so by this command the current content of buffer will be fixed and the new packet will be registered. The requests after command don't make sense in common regime (only while testing packet filter).

 DROP   PARAMETERS: {accept | drop | any }
Request specification. The request that the packet must not be received. May be used as command - replacement for "SEND DROP". It may be processed as command while testing packet filter only (command FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

 or option -c). In common regime it may be among parameters to command only.

". It may be processed as command while testing packet filter only (command FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

".

 or option -c). In common regime it may be among parameters to command only.

". It may be processed as command while testing packet filter only (command FASTTEST   PARAMETERS: no parameters
Enables FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

 regime for packet filter test. See "samples/FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

".

".

 or option -c). In common regime it may be among parameters to command only.



// packet 2 - any packet with value of "srcip"
 equal to 192.168.0.1

srcip   192.168.0.1     SEND   PARAMETERS: {accept | drop | any }
In common regime generates the packet defined above. In other regimes (testing packet filter, see command FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

".

 and option -c) may simply separate packets one from another, so by this command the current content of buffer will be fixed and the new packet will be registered. The requests after command don't make sense in common regime (only while testing packet filter).

 ACCEPT   PARAMETERS: {accept | drop | any }
Request specification. The request that the packet must be received. Analog of SEND   PARAMETERS: {accept | drop | any }
In common regime generates the packet defined above. In other regimes (testing packet filter, see command FASTTEST and option -c) may simply separate packets one from another, so by this command the current content of buffer will be fixed and the new packet will be registered. The requests after command don't make sense in common regime (only while testing packet filter).

 ACCEPT   PARAMETERS: {accept | drop | any }
Request specification. The request that the packet must be received. Analog of SEND ACCEPT. It may be processed as command while testing packet filter only (command FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

 or option -c). In common regime it may be among parameters to command only.

. It may be processed as command while testing packet filter only (command FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

".

 or option -c). In common regime it may be among parameters to command only.

 DROP   PARAMETERS: {accept | drop | any }
Request specification. The request that the packet must not be received. May be used as command - replacement for "SEND   PARAMETERS: {accept | drop | any }
In common regime generates the packet defined above. In other regimes (testing packet filter, see command FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

 and option -c) may simply separate packets one from another, so by this command the current content of buffer will be fixed and the new packet will be registered. The requests after command don't make sense in common regime (only while testing packet filter).

 DROP   PARAMETERS: {accept | drop | any }
Request specification. The request that the packet must not be received. May be used as command - replacement for "SEND   PARAMETERS: {accept | drop | any }
In common regime generates the packet defined above. In other regimes (testing packet filter, see command FASTTEST and option -c) may simply separate packets one from another, so by this command the current content of buffer will be fixed and the new packet will be registered. The requests after command don't make sense in common regime (only while testing packet filter).

 DROP   PARAMETERS: {accept | drop | any }
Request specification. The request that the packet must not be received. May be used as command - replacement for "SEND DROP". It may be processed as command while testing packet filter only (command FASTTEST or option -c). In common regime it may be among parameters to command only.

". It may be processed as command while testing packet filter only (command FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

 or option -c). In common regime it may be among parameters to command only.

". It may be processed as command while testing packet filter only (command FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

".

 or option -c). In common regime it may be among parameters to command only.

 ACCEPT   PARAMETERS: {accept | drop | any }
Request specification. The request that the packet must be received. Analog of SEND   PARAMETERS: {accept | drop | any }
In common regime generates the packet defined above. In other regimes (testing packet filter, see command FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

 and option -c) may simply separate packets one from another, so by this command the current content of buffer will be fixed and the new packet will be registered. The requests after command don't make sense in common regime (only while testing packet filter).

 ACCEPT   PARAMETERS: {accept | drop | any }
Request specification. The request that the packet must be received. Analog of SEND   PARAMETERS: {accept | drop | any }
In common regime generates the packet defined above. In other regimes (testing packet filter, see command FASTTEST and option -c) may simply separate packets one from another, so by this command the current content of buffer will be fixed and the new packet will be registered. The requests after command don't make sense in common regime (only while testing packet filter).

 ACCEPT   PARAMETERS: {accept | drop | any }
Request specification. The request that the packet must be received. Analog of SEND ACCEPT. It may be processed as command while testing packet filter only (command FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

 or option -c). In common regime it may be among parameters to command only.

. It may be processed as command while testing packet filter only (command FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

".

 or option -c). In common regime it may be among parameters to command only.

. It may be processed as command while testing packet filter only (command FASTTEST   PARAMETERS: no parameters
Enables FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

 regime for packet filter test. See "samples/FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

".

".

 or option -c). In common regime it may be among parameters to command only.



CLEARMASK   PARAMETERS: no parameters
The mask of packet (the set of previously defined conditions) will be cleared. New mask will correspond to any packet. This command is usually contained in headers to make the mask correspond to all packets of given type (ex: TCP packets).

                   // resets packet's mask to 0, it will correspond to any packet
                        // otherwise the field "SRCIP"
 will stay in mask, but we don't want it to apply for next packet

// another way to exclude the field from mask: "srcip = any"


// packet 3 -  any packet with value of "srcport"
 equal to 22

srcport 22              SEND   PARAMETERS: {accept | drop | any }
In common regime generates the packet defined above. In other regimes (testing packet filter, see command FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

".

 and option -c) may simply separate packets one from another, so by this command the current content of buffer will be fixed and the new packet will be registered. The requests after command don't make sense in common regime (only while testing packet filter).

 DROP   PARAMETERS: {accept | drop | any }
Request specification. The request that the packet must not be received. May be used as command - replacement for "SEND   PARAMETERS: {accept | drop | any }
In common regime generates the packet defined above. In other regimes (testing packet filter, see command FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

 and option -c) may simply separate packets one from another, so by this command the current content of buffer will be fixed and the new packet will be registered. The requests after command don't make sense in common regime (only while testing packet filter).

 DROP   PARAMETERS: {accept | drop | any }
Request specification. The request that the packet must not be received. May be used as command - replacement for "SEND   PARAMETERS: {accept | drop | any }
In common regime generates the packet defined above. In other regimes (testing packet filter, see command FASTTEST and option -c) may simply separate packets one from another, so by this command the current content of buffer will be fixed and the new packet will be registered. The requests after command don't make sense in common regime (only while testing packet filter).

 DROP   PARAMETERS: {accept | drop | any }
Request specification. The request that the packet must not be received. May be used as command - replacement for "SEND DROP". It may be processed as command while testing packet filter only (command FASTTEST or option -c). In common regime it may be among parameters to command only.

". It may be processed as command while testing packet filter only (command FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

 or option -c). In common regime it may be among parameters to command only.

". It may be processed as command while testing packet filter only (command FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

".

 or option -c). In common regime it may be among parameters to command only.

 ACCEPT   PARAMETERS: {accept | drop | any }
Request specification. The request that the packet must be received. Analog of SEND   PARAMETERS: {accept | drop | any }
In common regime generates the packet defined above. In other regimes (testing packet filter, see command FASTTEST and option -c) may simply separate packets one from another, so by this command the current content of buffer will be fixed and the new packet will be registered. The requests after command don't make sense in common regime (only while testing packet filter).

 ACCEPT   PARAMETERS: {accept | drop | any }
Request specification. The request that the packet must be received. Analog of SEND ACCEPT. It may be processed as command while testing packet filter only (command FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

 or option -c). In common regime it may be among parameters to command only.

. It may be processed as command while testing packet filter only (command FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

".

 or option -c). In common regime it may be among parameters to command only.

 ACCEPT   PARAMETERS: {accept | drop | any }
Request specification. The request that the packet must be received. Analog of SEND   PARAMETERS: {accept | drop | any }
In common regime generates the packet defined above. In other regimes (testing packet filter, see command FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

 and option -c) may simply separate packets one from another, so by this command the current content of buffer will be fixed and the new packet will be registered. The requests after command don't make sense in common regime (only while testing packet filter).

 ACCEPT   PARAMETERS: {accept | drop | any }
Request specification. The request that the packet must be received. Analog of SEND   PARAMETERS: {accept | drop | any }
In common regime generates the packet defined above. In other regimes (testing packet filter, see command FASTTEST and option -c) may simply separate packets one from another, so by this command the current content of buffer will be fixed and the new packet will be registered. The requests after command don't make sense in common regime (only while testing packet filter).

 ACCEPT   PARAMETERS: {accept | drop | any }
Request specification. The request that the packet must be received. Analog of SEND ACCEPT. It may be processed as command while testing packet filter only (command FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

 or option -c). In common regime it may be among parameters to command only.

. It may be processed as command while testing packet filter only (command FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

".

 or option -c). In common regime it may be among parameters to command only.

. It may be processed as command while testing packet filter only (command FASTTEST   PARAMETERS: no parameters
Enables FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

 regime for packet filter test. See "samples/FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/FASTTEST   PARAMETERS: no parameters
Enables fasttest regime for packet filter test. See "samples/fasttest".

".

".

 or option -c). In common regime it may be among parameters to command only.



 /******   Analog  ***************
 
 srcip   192.168.0.3     >> >> <<
 srcip   192.168.0.1     >> << >>
 CLEARMASK   PARAMETERS: no parameters
The mask of packet (the set of previously defined conditions) will be cleared. New mask will correspond to any packet. This command is usually contained in headers to make the mask correspond to all packets of given type (ex: TCP packets).


 srcport 22              << >> >>
 
 */


 /*
 
 Result:
 
 Packet on line 12 (compare_mode.fws) : droped (dev 2)
 Packet on line 16 (compare_mode.fws) : droped (dev 1)
 Packet on line 16 (compare_mode.fws) : accepted (dev 2)
 Packet on line 16 (compare_mode.fws) : droped (dev 3)
 Packet on line 26 (compare_mode.fws) : droped (dev 2)
 
 */