FMADIO System has 16 half duplex Pre-Capture filters built into the FPGA. These filters can apply the following ACL like (Access Control List) rule set on each and every packet
Accept
Drop
Slice
At the high end FMADIO 200G system (FMADIO-5514, FMADIO-3514, FMADIO-5524, etc) can process 297M packets per second (64B line rate @ 100Gbps x 2 ports). In addition it process these 16 filter rules without any packet loss of any effect on the systems performance. This means FMADIO Packet Capture systems are processing packets at 297M x 16 = 4752M packets per second, or 4.7B packets per second. This demonstrates the performance of FMADIO Capture Packet Capture Hardware.
.png?sv=2022-11-02&spr=https&st=2025-06-14T06%3A07%3A09Z&se=2025-06-14T06%3A19%3A09Z&sr=c&sp=r&sig=eLjCy%2B2j0Hj9SNGCam6n7hdIBrAjG494AVOAwffpHvY%3D)
Configuration
To configure the Pre-Capture Filter rules
Step 1) Go to the Capture Page
On the GUI select the Capture tab
.png?sv=2022-11-02&spr=https&st=2025-06-14T06%3A07%3A09Z&se=2025-06-14T06%3A19%3A09Z&sr=c&sp=r&sig=eLjCy%2B2j0Hj9SNGCam6n7hdIBrAjG494AVOAwffpHvY%3D)
Scroll to the bottom of the page and click on “Advance Capture Options<“
.png?sv=2022-11-02&spr=https&st=2025-06-14T06%3A07%3A09Z&se=2025-06-14T06%3A19%3A09Z&sr=c&sp=r&sig=eLjCy%2B2j0Hj9SNGCam6n7hdIBrAjG494AVOAwffpHvY%3D)
Step 2) Configure the default policy
By default the FMADIO system opts for a ACCEPT policy, such as shown below
.png?sv=2022-11-02&spr=https&st=2025-06-14T06%3A07%3A09Z&se=2025-06-14T06%3A19%3A09Z&sr=c&sp=r&sig=eLjCy%2B2j0Hj9SNGCam6n7hdIBrAjG494AVOAwffpHvY%3D)
There are a number of options as shown below
.png?sv=2022-11-02&spr=https&st=2025-06-14T06%3A07%3A09Z&se=2025-06-14T06%3A19%3A09Z&sr=c&sp=r&sig=eLjCy%2B2j0Hj9SNGCam6n7hdIBrAjG494AVOAwffpHvY%3D)
ACCEPT - accepts all packets as the default policy
DROP - drops all packets as the default policy
SLICE - slices all packets as the default policy
Step 3) Configure Rules
Click on the “Examples” text to expand out some example rules
.png?sv=2022-11-02&spr=https&st=2025-06-14T06%3A07%3A09Z&se=2025-06-14T06%3A19%3A09Z&sr=c&sp=r&sig=eLjCy%2B2j0Hj9SNGCam6n7hdIBrAjG494AVOAwffpHvY%3D)
This provides some examples and the syntax of the rules, as shown below
.png?sv=2022-11-02&spr=https&st=2025-06-14T06%3A07%3A09Z&se=2025-06-14T06%3A19%3A09Z&sr=c&sp=r&sig=eLjCy%2B2j0Hj9SNGCam6n7hdIBrAjG494AVOAwffpHvY%3D)
Rules are applied Realtime, this is helpful when debugging a rule, as when the rules match the counters increase and tick over
.png?sv=2022-11-02&spr=https&st=2025-06-14T06%3A07%3A09Z&se=2025-06-14T06%3A19%3A09Z&sr=c&sp=r&sig=eLjCy%2B2j0Hj9SNGCam6n7hdIBrAjG494AVOAwffpHvY%3D)
Step 4) Enable a Rules
By default the Status of the rule is Disabled. This allows experimenting with filters without effecting the capture. Once the filter expression is confirmed, set the Status to Enable and the rule will be be applied immediately. Example is shown below to DROP all ICMP (IPv4 Protocol 1 ) traffic.
.png?sv=2022-11-02&spr=https&st=2025-06-14T06%3A07%3A09Z&se=2025-06-14T06%3A19%3A09Z&sr=c&sp=r&sig=eLjCy%2B2j0Hj9SNGCam6n7hdIBrAjG494AVOAwffpHvY%3D)
Capture Port IP Address
By default FMADIO devices capture ports operate without any MAC or IP information. It receives and records any and all ethernet traffic on the wire. Its essentially a black hole high speed data recorder.
However there are some situations where the Capture interfaces need an IP MAC address, this is for ERSPAN IP targets, and also having the capture ports directly join Mulitcast groups. The follow demonstrates how to setup IP MAC Address,
Using FMAIO DPI Engine we can filter out low bandwidth traffic such as ARP/ICMP requests without any effect on the 100Gbps / 149Mpps packet capture performance. As seen below using a few of the PreCapture filter rules and forwarding a few packets to our ARP/ICMP/IGMP software network stack running on the x86 Server. This allows full ARP and ICMP protocol support on the capture interfaces.
By default FMADIO devices capture ports operate without any MAC or IP information. It receives and records any and all ethernet traffic on the wire. Its essentially a black hole high speed data recorder.
.png?sv=2022-11-02&spr=https&st=2025-06-14T06%3A07%3A09Z&se=2025-06-14T06%3A19%3A09Z&sr=c&sp=r&sig=eLjCy%2B2j0Hj9SNGCam6n7hdIBrAjG494AVOAwffpHvY%3D)
NOTE: Enabling this feature reduces the total number of Pre Capture filter rules, It requires
Rule Number
Description
15 - MAC Broadcast ARP Requests
14 - Capture Port 0 MAC filter
13 - Capture Port 1 MAC Filter
Depending on the capture port port configuration (2 ports or 8 ports), a maximum of 9 pre-capture filter rules may be used.