Maccd

From Wiki of WFilter NG Firewall
(Difference between revisions)
Jump to: navigation, search
(测试)
 
(One intermediate revision by one user not shown)
Line 1: Line 1:
{{DISPLAYTITLE:Maccd}}
+
{{DISPLAYTITLE:MAC Detector}}
== 介绍 ==
+
== MAC Detector ==
<p>“MAC地址收集器”通过snmpwalk从可网管设备获取客户机的实际mac地址,从而使WFilter可以基于mac地址应用策略和记录上网行为。</p>
+
  
==轮询间隔==
+
"MAC Detector" can gather client's physical MAC addresses via SNMP protocol. With "MAC Detector" enabled, you can:
<p>隔多久执行一次SNMP配置中的命令列表</p>
+
* Set access policy by MAC addresses.
 +
* Set IP-MAC binding in a multiple-segments network.
 +
* Show real MAC addresses in "Real-time Bandwidth".
 +
* Show real MAC addresses in "Internet Usage".
  
==SNMP配置==
+
== Settings ==
 +
== SNMP Commands ==
 +
"MAC Detector" use snmpwalk commands to send SNMP query to  manageable devices. Usually, the snmpwalk commands are sent to routing devices, for example: core three-layer switch, or manageable wireless AP.
 +
* "SNMP Commands": snmpwalk commands be sent to the manageable devices. Multiple commands are supported.
 +
* "Result Format": a regular expression which matches ONE record row.
  
<p>SNMP 查询命令:向可网管设备发送的snmpwalk查询命令。一般来说,snmpwalk命令都发往支持路由功能的设备,比如:核心三层交换机、支持snmp协议的AP等。</p>
+
=== Example ===
<p>返回格式:正则表达式,匹配一条查询结果。</p>
+
Suppose the core three layer switch has ip address "192.168.1.2", the "SNMP Command" is:
<p>举例来说,假设三层交换机的IP地址是192.168.1.2,查询命令为:snmpwalk -v 2c -c public 192.168.1.2 ipNetToMediaPhysAddress</p>
+
<p>实际的返回格式:</p>
+
<p>IP-MIB::ipNetToMediaPhysAddress.9.192.168.1.1 = STRING: 0:6:f6:bf:8b:cc </p>
+
<p>IP-MIB::ipNetToMediaPhysAddress.9.192.168.1.11 = STRING: ae:15:53:a0:9b:7f
+
...</p>
+
<p>返回格式为:IP-MIB::ipNetToMediaPhysAddress\.\d+.*</p>
+
<p>“MAC地址收集器”会在结果中使用“返回格式”的正则表达式匹配出每一条返回记录,并且取出其中的mac地址和ip地址信息。</p>
+
<p>如图示:</p>
+
[[File:Maccd00.jpg]]
+
  
==测试==
+
''snmpwalk -v 2c -c public 192.168.1.2 ipNetToMediaPhysAddress''
<p>点击测试,显示SNMP配置中命令列表的运行结果。如图:</p>
+
 
[[File:Maccd01.jpg]]
+
 
 +
The real return message is:
 +
 
 +
''IP-MIB::ipNetToMediaPhysAddress.9.192.168.1.1 = STRING: 0:6:f6:bf:8b:cc''
 +
 
 +
''IP-MIB::ipNetToMediaPhysAddress.9.192.168.1.11 = STRING: ae:15:53:a0:9b:7f''
 +
...
 +
 
 +
 
 +
To match every return rows, we configure the "result format" as:
 +
 
 +
''IP-MIB::ipNetToMediaPhysAddress\.\d+.*''
 +
 
 +
 
 +
The "MAC Detector" will use the "result format" to get every record and retrieve the mac and ip information.
 +
 
 +
[[File:Maccd00.jpg|750px]]
 +
 
 +
=== Test ===
 +
 
 +
You may click "test" to test the SNMP commands in the list.
 +
 
 +
[[File:Maccd01.jpg|750px]]
 +
 
 +
== FAQ ==

Latest revision as of 18:35, 24 December 2015

Contents

[edit] 1 MAC Detector

"MAC Detector" can gather client's physical MAC addresses via SNMP protocol. With "MAC Detector" enabled, you can:

  • Set access policy by MAC addresses.
  • Set IP-MAC binding in a multiple-segments network.
  • Show real MAC addresses in "Real-time Bandwidth".
  • Show real MAC addresses in "Internet Usage".

[edit] 2 Settings

[edit] 3 SNMP Commands

"MAC Detector" use snmpwalk commands to send SNMP query to manageable devices. Usually, the snmpwalk commands are sent to routing devices, for example: core three-layer switch, or manageable wireless AP.

  • "SNMP Commands": snmpwalk commands be sent to the manageable devices. Multiple commands are supported.
  • "Result Format": a regular expression which matches ONE record row.

[edit] 3.1 Example

Suppose the core three layer switch has ip address "192.168.1.2", the "SNMP Command" is:

snmpwalk -v 2c -c public 192.168.1.2 ipNetToMediaPhysAddress


The real return message is:

IP-MIB::ipNetToMediaPhysAddress.9.192.168.1.1 = STRING: 0:6:f6:bf:8b:cc

IP-MIB::ipNetToMediaPhysAddress.9.192.168.1.11 = STRING: ae:15:53:a0:9b:7f ...


To match every return rows, we configure the "result format" as:

IP-MIB::ipNetToMediaPhysAddress\.\d+.*


The "MAC Detector" will use the "result format" to get every record and retrieve the mac and ip information.

Maccd00.jpg

[edit] 3.2 Test

You may click "test" to test the SNMP commands in the list.

Maccd01.jpg

[edit] 4 FAQ

Personal tools
Namespaces

Variants
Actions
Navigation
Tools