Observer Matrix : Matrix CLI : Matrix CLI : create connection
   
create connection
The command create connection creates a new connection in the currently loaded layout which can reference an existing Rule by name or ID.
New rules and filters can optionally be created with this command if they are referenced by the connection. To create a new rule, a RuleName must be specified in the command along with the option 'create-rule=RuleName'. Additional rule creation options can be specified at this time. If the FilterString of the new rule references a filter with a filter variable (${FilterVariable}) and that filter does not exist on the system, a create-filter=FilterName option must also be present in the command.
New connections are attributes of the loaded layout. The layout must be saved in order for them to be made permanent. The saved layout can then be activated and used by the hardware.
 
Usage
create connection <ConnectionName> <NetworkPortID|NetworkPortList> <ToolPortID|ToolPortList> <("RuleName"|RID|0)> [create-filter="FilterName","FilterString"[,"FilterDesc"]]...[create-rule="RuleName"[,"RuleDesc"] [value="FilterString"] [balance=(enable|disable) [balance-type=(packet|conversation)]] [trailer=(enable|disable)] [trim=(enable|disable) [trimlen=(64|128|192|256|384|512)]] [dedup=(enable|disable)]]]
 
 
Parameters
Parameter
Description
ConnectionName
The case-sensitive name of the connection. This name is only used in the CLI and does not appear in the web UI. The name must be unique within a layout. You may use the same name in different layouts. Spaces are not allowed.
NetworkPortID
The ID of a single network port. For example, 10.
NetworkPortList
Network (ingress) ports. A comma-separated list of physical ports or a range of ports. For example, 1,4,6-8. No spaces are allowed.
ToolPortID
The ID of a single tool port. For example, 10.
ToolPortListList
Tool (egress) ports. A comma-separated list of physical ports or a range of ports. For example, 1,4,6-8. No spaces are allowed.
RuleName
The case-sensitive name of the rule. Consider the purpose of the rule when creating a name.
RID
The ID of the rule. The ID is a numeric value associated with the name. When referencing the rule, you may use either the name or the ID.
0
0 for no rule. This means that all data received on the network ports is integrated and replicated without modification or advanced processing logic to any associated tool ports.
create-filter=FilterName,"FilterString"[,"FilterDesc"]
FilterName
The case-sensitive name of the filter.
If it contains a space character, the entire string must be enclosed in quotes.
FilterString
A filter that conforms to the BPF syntax. See help filter for more details about BPF. If it contains a space character, the entire string must be enclosed in quotes.
FilterDesc
The filter description is optional and appears in the Filters list.
create-rule=RuleName[,"RuleDesc"] [value="FilterString"] [balance=(enable|disable)] [trailer=(enable|disable)] [trim=(enable|disable) [trimlen=(64|128|192|256|384|512)]] [dedup=(enable|disable)]]
RuleName
The case-sensitive name of the rule. Consider the purpose of the rule when creating a name.
If it contains a space character, the entire string must be enclosed in quotes.
RuleDesc
Rule descriptions are optional and displayed in the Rules list.
If it contains a space character, the entire string must be enclosed in quotes.
value=<"FilterString">
A filter that conforms to the BPF syntax. See help filter for more details about BPF. If it contains a space character, the entire string must be enclosed in quotes.
balance=(enable|disable)
Enables load balancing.
If selected, load balancing changes how traffic is moved from network ports to tool ports.
balance-type=(packet|conversation)
packet: Packets are equally distributed to tool ports using a round-robin method. By dividing the packet volume equally, link utilization is decreased between tool ports and connected tools by a factor of how many tool ports are connected to the rule. Network conversations are severed by using this type, so ensure that any connected tools can operate effectively without intact conversations.
conversation: Packets with identical characteristics, such as an identical IP pair, are forwarded exclusively to one tool port. By keeping these packets together, an intact conversation is likely being forwarded. Other unique conversations might be forwarded to the same or different tool port, creating a balanced distribution of conversations to all tool ports connected to the rule. Load balancing of this type is useful when connected tools need to perform analysis on complete network conversations.
conversation-type=(ip|L4port|mac|vlan)
Sets the conversation behavior to load balance. If choosing multiple conversation types, use a comma separated list with no spaces. For example, ip,L4port,vlan.
Conversations are traffic streams that must be kept together and forwarded intact to a tool port. How the system determines a conversation must be specified. For example, selecting only 'Include IP pair' indicates all connections between a unique IP pair must be kept intact and forwarded to the same tool port.
trailer=(enable|disable)
Specifies if additional information is added to the packets.
If selected, an identifying trailer is appended to ingress packets as they arrive. Each trailer contains a timestamp and the Group ID, Box ID, and Port ID identifying where the packet arrived.
trailer-uplink=(enable|disable
If selected, an identifying trailer is appended to ingress packets as they arrive. Each trailer contains a timestamp and the Group ID, Box ID, and Port ID identifying where the packet arrived.
dedup=(enable|disable)
If selected, hardware-accelerated packet deduplication removes duplicate ingress packets in real time.
enable
Specifies if packet trimming is enabled.
disable
Specifies if packet trimming is disabled.
trimlen=(64|128|192|256|384|512)
Only the first N-bytes of each ingress packet are forwarded to tool ports. A new 4-byte CRC value is affixed to each trimmed packet. Valid values are: 64, 128, 192, 256, 384, and 512.
 
 
Examples
matrix_host(layout_name)# create connection conn1 1,2 19 0 Creates a new connection called 'conn1' between network ports 1 and 2 to tool port 19 without an associated rule.
matrix_host(layout_name)# create connection conn2 1-3 20 rule1 Create a new connection called 'conn2' between network ports 1,2 and 3 to tool port 20 with saved rule 'rule1'.
matrix_host(layout_name)# create connection conn3 4 21 rule-new create-rule=rule-new,"Description of rule-new" Create a new connection called 'conn3' between network ports 4 and tool port 21 with a new rule called 'rule-new'.
matrix_host(layout_name)# create connection conn4 5 22 rule2 create-rule=rule2 value="tcp port 80 and ${localnet}" create-filter=localnet,"net 10.0.64.0/24" Create a new connection 'conn4', a new rule and a new filter in one command. This creates a new connection which references 'rule2'. Rule 'rule2' references a new filter named localnet. The new rule and filter will be saved and can be reused by other connections and rules.