Unofficial - F5 Certification Exam Prep Material > F5 301A - BIG-IP LTM Specialist Labs - Created 11/01/19 > Lab 6 - Virtual Servers and Packet Processing Review Source | Edit on
Packet Filter Lab¶
You are going to test how packet filters impact packet processing by creating a packet filter to block ftp connections to 10.1.10.100.
Create a packet filter¶
Go to Network > Packet Filters > Rules and Create a filter using the following:
| Name | block_ftp |
|---|---|
| Order | First |
| Action | Discard |
| Destination Hosts and Networks | 10.1.10.100 |
| Destination Port List | 21 (FTP) |
| Logging | Enabled |
Make sure you select Add after entering a host/network or a port.
Test the FTP packet filter¶
Ensure ftp connection is currently established to 10.1.10.100.
Go to Network > Packet Filters > General and select Enable and then Update.
Q1. Was the existing ftp connection in the connection table affected? Why?
Quit ftp and clear virtual server statistics by going to Local Traffic > Virtual Servers > Statistic, select the virtual server and hit Reset.
Attempt to establish an ftp connection to 10.1.10.100. Watch tcpdump capture you built in Window1.
Q2. Was ftp connection successful? Why?
Q3. What did tcpdump reveal? Did the connection timeout or reset?
Q4. What did virtual server statistics for ftp_vs reveal? Why are counters not incrementing?
Q5. Prioritize the packet processing order below from 1-7:
Virtual Server___ SNAT___ AFM/Pkt Filter___ NAT___ Existing Connections___ Self IP___ Drop ___
Review the Packet Filter Logs and Packet Filter Statistics, then disable the Packet Filters.
Go to Network > Packet Filters > Statistics and review the information.
Go to System > Logs > Packet Filters and review the information.
Go to Network > Packet Filters > General and select Disable and then Update