Enhanced Application Session Filtering

Enhanced Application Session Filtering (ASF) allows you to filter a specific application field from the incoming traffic. Enhanced Application Session Filtering supports the following session capabilities:

• Applications SSL —Supports SNI field in a hello packet.

• HTTP—Supports HOST and User-agent field in a request packet

You can use the matching pattern in a regrex profile using the regular expression format. Rules are applied based on the order in which it was created.

When a rule matches, the corresponding pass or drop action is taken on the packets. In a session, when a packet matches a pass rule, the packet and its subsequent packets belonging to the same session are forwarded to and processed by the next GS application belong to the same GSOP.

When a packet of a session matches a pass rule, the packet and the subsequent packets belonging to the same session are forwarded to and processed by the next GigaSMART application that belongs to the same GSOP. If there is no GigaSMART application in the downstream application chain in the GSOP, the packet and the subsequent packets belonging to the same session are forwarded to the tool port defined in the Map.

When a packet of a session matches a drop rule, the packet and the subsequent packets belonging to the same session are dropped.

When a packet of a session does not match a rule, it will be examined by the next rule. When a packet does not match any rules defined in the Enhanced ASF profile, the packet will be forwarded to and processed by the GSOP configured in the next Map belonging to the same VPORT.

For more information about the commands, refer to apps enhanced asf in the GigaVUE-OS CLI Reference Guide.