By adding a protocol here, WFilter will be able to detect and block it by the "Matching Rule". Certain reports will also be available.

1. Protocol Profile

Protocol profile describes the basic information of this protocol, including "Protocol Name", "Protocol Desc", "Protocol Type".

Please choose a correct protocol type which will affect the bandwidth report.

2. Pattern Matching Rule

This defines the rules for WFilter to match this protocol. Each protocol might has several patterns.

Pattern name and desc for description.

WFilter matches a protocol based on the first several packets of a connection.

1. "TCP SEND" will match the first sent packet of all tcp connections.
2. "TCP RECV" will match the first received packet of all tcp connections.
3. "TCP ALL" will match the first sent and received packet of all tcp connections.
4. "UDP SEND" will match the first sent packet of all udp connections.
5. "UDP RECV" will match the first received packet of all udp connections .
6. "UDP ALL" will match the first sent and received packet of all udp connections.
7. "HTTP SEND" will match the first sent http header of all http connections.
8. "HTTP RECV" will match the first received http header of all http connections.

Begin position of the packet. Please input a decimal pattern offset(example: 0 means matching from the start byte)

Character of the begin byte in capitalization HEX. Leave it blank if the begin byte is not fixed. Example: 0F.

Format of the pattern. Supported pattern formats: "0" - regular expression, "1" - port or ports range. If you are using a HTTP pattern, the format will be the http mime header name.

1. Regular expression. Example: "^\x02[\x00-\xff]*\x03$".
2. Port or ports range. Example: "9090", "9090,9091", "9090-9010".
3. HTTP mime header value(Regular expression).For example: the format is "User-Agent", content is "Web Messenger".

Example