function::tcpmib_filter_key - Linux
Overview
The tcpmib_filter_key
command is employed with the Traffic Control (tc) framework in the Linux kernel to filter IPFIX/sFlow traffic by specific IP Flow Information Export (IPFIX) fields. It allows for selective filtering of IPFIX data, enabling efficient collection and analysis of network traffic data.
Syntax
tcpmib_filter_key [ FILTER_SPEC ] ...
Options/Flags
| Flag | Description | Default Value |
|—|—|—|
| -p
| -P
| -v
| -s <report_size> | Sets the maximum size of each IPFIX report in bytes | 1280 |
| –interval
Examples
Example 1: Filter IPFIX traffic based on source IP address:
tc filter add dev eth0 ingress protocol ip6 pref 1 handle 123 \
tcpmib_filter_key -S 2001:db8:85a3:08d3:1319:8a2e:0370:7334
Common Issues
- Error: Invalid argument: Ensure that the IPFIX field specified in the
FILTER_SPEC
is valid and supported by the command. - No IPFIX data collected: Verify that the IPFIX collector is listening on the specified port and that the IPFIX source is exporting data.
Integration
The tcpmib_filter_key
command can be combined with other tc commands to create complex traffic filtering and management policies. For example, it can be used in conjunction with the tc filter
command to filter and classify traffic based on specific criteria.
Related Commands
tc
– The main command for managing traffic control in Linuxipfix
– A tool for collecting and analyzing IPFIX datasflowtool
– A tool for collecting and analyzing sFlow data