[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: classification level filter objects
This is a good point. RFC2401 point 8.2 clearly talks about a RANGE
of sensitivity labels. So, the IPSOFilterEntry should
be changed to add a range (plus possibly ==).
BTW, I assumed that you are talking about the DMTF IPSOFilterEntry
because I cannot find ClassificationLevelFilterEntry in the current
At 10:28 21/02/01 -0800, Wes Hardaker wrote:
>The ClassificationLevelFilterEntry class defines a Level parameter
>that the filter must match against. I take it this is an exact match?
>IE, if the packet's Classification level is not exactly equal to the
>ClassificationLevelFilterEntry.Level value then it doesn't match? (A
>< or > operator might make some sense here, possibly as a separate
>property dictating which to use (<, >, !=, ==).
Distinguished Engineer Cisco Systems EMEA
Phone: +32-2-778.4677 Fax: +32-2-778.4300
E-mail: evyncke@xxxxxxxxx Mobile: +32-475-312.458 (CHANGED)
PGP fingerprint: D35F BEF9 643F 656F 90F5 76C5 9CA1 C289 D398 B141