Example 4
Scenario:
You are an administrator of your corporate Lotus Notes server (e.g., the server has the IP address 216.106.88.42). The server accepts incoming connections (Lotus Notes and SMTP) from other servers and initiates outgoing connection (Lotus Notes and SMTP). You want to monitor and count the Lotus Notus traffic and SMTP mail traffic. Let's assume, that the Lotus Notes traffic uses TCP port 1352 and the SMTP protocol uses TCP port number 25.
Solution:
You need to create four filters.
Filter No. 1.
Name: The outgoing Lotus Notes connections.
| Rules of the filter: | |||||||
| Rule number |
Mirrored flag |
Protocol type |
Source address |
Source port |
Destination address |
Destination port |
|
| 1 | Yes | TCP | 216.106.88.42 | Any | Any IP address | 1352 | |
Filter No. 2.
Name: The incoming Lotus Notes connections.
| Rules of the filter: | |||||||
| N | Mirrored flag |
Protocol type |
Source address |
Source port |
Destination address |
Destination port |
|
| 1 | Yes | TCP | 216.106.88.42 | 25 | Any IP address | Any | |
Filter No. 3.
The outgoing SMTP mail.
| Rules of the filter: | |||||||
| Rule number |
Mirrored flag |
Protocol type |
Source address |
Source port |
Destination address |
Destination port |
|
| 1 | Yes | TCP | 216.106.88.42 | Any | Any IP address | 25 | |
Filter No. 4.
The incoming SMTP mail.
| Rules of the filter: | |||||||
| N | Mirrored flag |
Protocol type |
Source address |
Source port |
Destination address |
Destination port |
|
| 1 | Yes | TCP | 216.106.88.42 | 25 | Any IP address | Any | |