// Copyright (c) 2005 DMTF.  All rights reserved.
   [Version ( "2.8.0" ), 
    UMLPackagePath ( "CIM::Policy" ), 
    Description ( 
       "PacketFilterCondition specifies packet selection criteria (via "
       "association to FilterLists) for firewall policies, IPsec "
       "policies and similar uses. It is used as an anchor point to "
       "associate various types of filters with policy rules via the "
       "FilterOfPacketCondition association. By definition, policy "
       "rules that aggregate PacketFilterCondition are assumed to "
       "operate against every packet received and/or transmitted from "
       "an ingress and/or egress point. (Whether policy condition "
       "evaluation occurs at ingress or egress is specified by the "
       "Direction property in the associated FilterList.) "
       "PacketFilterCondition MAY also be used to define the specific "
       "CredentialManagementService that validates the credentials "
       "carried in a packet. This is accomplished using the "
       "association, AcceptCredentialFrom. \n"
       "\n"
       "Associated objects (such as FilterListsor Credential "
       "ManagementServices) represent components of the condition that "
       "MAY or MAY NOT apply at a given rule evaluation. For example, "
       "an AcceptCredentialFrom evaluation is only performed when a "
       "credential is available to be evaluated and compared against "
       "the list of trusted credential management services. Similarly, "
       "a PeerIDPayloadFilterEntry MAY only be evaluated when an ID "
       "payload is available for checking. Condition components that "
       "do not have applicability at rule evaluation time, MUST be "
       "evaluated to TRUE." ), 
    MappingStrings { "IPSP Policy Model.IETF|SACondition" }]
class CIM_PacketFilterCondition : CIM_PolicyCondition {


};