Pass by deployment
From WFilter Documents and Tutorials
(Difference between revisions)
(5 intermediate revisions by one user not shown) | |||
Line 8: | Line 8: | ||
##*n pass-by mode, WFilter sends RST packets to terminate tcp connections. But it can not block udp traffic, so you also need to block certain udp ports in your router or firewall. Please check:[[depolyment_blockudp|How to block certain UDP ports in router/firewall?]] | ##*n pass-by mode, WFilter sends RST packets to terminate tcp connections. But it can not block udp traffic, so you also need to block certain udp ports in your router or firewall. Please check:[[depolyment_blockudp|How to block certain UDP ports in router/firewall?]] | ||
#Router Examples | #Router Examples | ||
− | # | + | ##Network topology diagram(the router shall support "port mirroring" feature):<br>[[image:passby_router_topology.png]]<br> |
− | # | + | ##Examples: |
##*[[Cisco_RVS4000|Cisco RVS4000]] | ##*[[Cisco_RVS4000|Cisco RVS4000]] | ||
#Switch Examples | #Switch Examples | ||
− | # | + | ##Network topology diagram(the switch shall support "port mirroring" feature):<br>[[image:passby_switch_topology.png]]<br> |
− | # | + | ##Examples: |
− | + | ##*[[switch_Huawei_Quidway_S5012P|Huawei Quidway S5012P]] | |
##*[[switch_Cisco_2950|Cisco 2950]] | ##*[[switch_Cisco_2950|Cisco 2950]] | ||
##*[[switch_DLink_3226|DLink 3226]] | ##*[[switch_DLink_3226|DLink 3226]] | ||
Line 24: | Line 24: | ||
##*[[switch_Dell_Powerconnect_2848|Dell Powerconnect 2848]] | ##*[[switch_Dell_Powerconnect_2848|Dell Powerconnect 2848]] | ||
#Others | #Others | ||
+ | #*[[deployment_tomato|Deploy WFilter with tomato router]] | ||
+ | #*[[deployment_iptables|Setup port-mirroring with iptables]] | ||
+ | #*[[deployment_network_tab|Dry a network tap to deploy WFilter]] |
Latest revision as of 14:22, 15 July 2014
- Pros and Cons
- Pros
- Integrated with your current hardware, network topology can remain unchanged.
- No influence to your network performance. In pass-by mode, WFilter analyse copies of network packets and does not delay the original packets. So your internet speed will not be affected.
- Internet access is still available even if the WFilter computer crash or power off.
- Cons
- Requires "port mirroring" feature of your switch or router.
- n pass-by mode, WFilter sends RST packets to terminate tcp connections. But it can not block udp traffic, so you also need to block certain udp ports in your router or firewall. Please check:How to block certain UDP ports in router/firewall?
- Pros
- Router Examples
- Switch Examples
- Others