# Element \ It can be used in \\ replace default port like P0,P1,..etc. And output id=1 -> O1, refer to Example ## Attribute
AttributeDescriptionTypeDefault (* must have)Support
idSpecifies a unique id for an elementInterger*
typeoutput typeStringmix
nameSpecifies a name for an elementString
mtuMaximum Transmission UnitInterger0(unlimited)
stlSecond To LiveInterger0(unlimited)
minbpsMinimum bandwidth reservedInterger0(unlimited)v3.7
maxbpsMaximum bandwidth reservedInterger0(unlimited)v3.7
arp_dstip_macarp request for dstip macyes/nono
## Example ```xml P0 vlan P1 O1 ``` ## Elements in Output ### \ Defines output port(must have). It has a start tag \ and an end tag \. ```xml P0 ``` ### \ Defines gateway It has a start tag \ and an end tag \. The ouptut will send arp request to gateway for mac address, than use this mac to replace destination mac address on packet. ```xml P0 192.168.1.1 ``` ### \ Defines vlan tagging. It has a start tag \ and an end tag \. ```xml P0 10 ``` ### \ Defines vlan layer 2 tagging. It has a start tag \ and an end tag \. ```xml P0 20 ``` ### \ Defines stripping. It has a start tag \ and an end tag \. #### support type * payload * vlan * mpls * gre * vxlan * gre-erspan * gtp * grism * mpls-in-udp * mpls-in-gre ```xml P0 vlan ``` ### \ Defines modify source ip address It has a start tag \ and an end tag \.
AttributeDescriptionTypeDefault (* must have)
natNAT support, don't forget to set args->nat to trueyes/nono
```xml P0 10.1.1.0 ``` ### \ Defines modify destination ip address It has a start tag \ and an end tag \. ```xml P0 10.1.1.0 ``` ### \ Defines modify source mac address It has a start tag \ and an end tag \. ```xml P0 d8:fe:e3:a4:d3:78 ``` ### \ Defines modify source mac address use port default mac address (ver. 3.8) ```xml P0 ``` ### \ Defines modify destination mac address It has a start tag \ and an end tag \. ```xml P0 d8:fe:e3:a4:d3:78 ``` ### \ Defines swap source mac address and destination mac address (v4.9) ```xml P0 ``` ### \ Modify TCP syn or syn+ack option mss field (v5.1) ```xml P0 1300 ``` ### \ Defines tagging. It has a start tag \ and an end tag \. #### support type * timestamp * gtp * gtp2 * l2gre (ver 4.8) * vxlan (ver 5.1) * grism ```xml P0 l2gre ``` ### \ Defines packet max length. It has a start tag \ and an end tag \. ```xml P0 64 ``` ### Save to Pcap file #### \ Defines output dir in Hard disk. Save packet to pcap files. It has a start tag \ and an end tag \.
AttributeDescriptionTypeDefault (* must have)
timeouttimeout to next pcap fileseconds0 (No timeout)
max_split_sizemax pcap sizeinteger(bytes)104857600 (100M)
categorycategory for pcap files by month, day, hour or minutestringnone
```xml H1 test ``` ### NVGRE encapsulation #### \ Defines output to gre tunnel dest ip. It has a start tag \ and an end tag \. #### \ Defines output to gre tunnel source ip. It has a start tag \ and an end tag \. #### \ Defines output to gre tunnel dest mac. It has a start tag \ and an end tag \. #### \ Defines output to gre tunnel type eth or ip, default is eth . It has a sart tag \ and an end tag \. #### Example if interface sip set already ```xml P7 192.168.1.201 ``` #### Example ```xml P7 eth 192.168.1.10 192.168.1.201 00:0c:bd:0b:fd:36 ``` ### VXLAN encapsulation #### \ Defines output to vxlan source ip. It has a start tag \ and an end tag \ #### \ Defines output to vxlan destination ip. It has a start tag \ and an end tag \ #### \ Defines output to vxlan source port. It has a start tag \ and an end tag \ #### \ Defines output to vxlan destination port. It has a start tag \ and an end tag \ #### \ Defines output to vxlan vni. It has a start tag \ and an end tag \ ### \ Defines output reply arp target mac address. It has a start tag \ and an end tag \. ```xml P0 00:0f:bb:ef:8a:25 ``` Example for for inline (P6 <-> P7) reply target mac 02:00:00:00:00:00 when arp request ip 192.168.1.10 ```xml P6 02:00:00:00:00:00 P6 F1 O1 P7 P7 P6 ``` ### \ Defines output reply arp default port mac address. (v3.8) ```xml P6 ``` ### \ Defines output response IPv4 address when dns query domain (not support EDNS yet). It has a start tag \ and an end tag \. #### dns\_response\_ipv4 Attribute
AttributeDescriptionTypeDefault (* must have)
noswapmacdo'nt swap mac addressyes or nono
```xml P0 192.168.1.150 ``` Example for inline (P6 <-> P7) response ip 192.168.1.201 when dns query google.com ```xml P6 192.168.1.201 P6 F1,F2 O1 P7 P7 P6 ``` ### \ Defines output response IPv6 address when dns query domain (not support EDNS yet). It has a start tag \ and an end tag \. #### dns\_response\_ipv6 Attribute
AttributeDescriptionTypeDefault (* must have)
noswapmacdo'nt swap mac addressyes or nono
```xml P0 ::ffff:7a74:e554 ``` Example for inline (P6 <-> P7) response ipv4 122.116.229.84 or ipv6 ::ffff:7a74:e554 when dns query block list ```xml P7 122.116.229.84 P7 ::ffff:7a74:e554 P7 F1 F2 F3 O2 F4 O3 P6 P6 P7 ``` ### \ Defines output reply ICMP fragmentation needed packet (v3.10)
AttributeDescriptionTypeDefault (* must have)
mtuMTU of next hopUINT16*
```markup P6 172.16.10.10 P6 F4 O6 P7 P7 P6 ``` ### type : httprequesthijack Defines output http request hijack (and redirect to safeweb). #### redirect2safeweb Attribute
AttributeDescriptionTypeDefault (* must have)
noswapmacdo'nt swap mac addressyes or nono
redirectPortredirect to Portport (ex.P7)
Example for inline (P6 <-> P7) redirect http request url [www.com/](http://www.com/) to ```xml P7 >https://safeweb.secure365.hinet.net/ P6 F1 O1 P7 P7 P6 ``` ### type : udpencap Defines output pcap header+packet throught UDP encapsulation. Example ```xml P7 192.168.1.201 3060 3060 P6 O1 ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://arraynetworks.gitbook.io/array-xml/readme/output.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.