14
Moreover the access to the server may be limited by typing:
http host <IP address>
Then the server is only reachable from the given IP address. To
remove the limitation a 0.0.0.0 address should be entered.
3.3.12.
ifconfig
The command allows configuring the network interfaces.
Following interfaces are available:
¡
eth0
- Ethernet interface
¡
eth0:0, eth0:1,
etc
.
- eth0 interface aliases (one physical
interface may support several IP subnets)
¡
eth0.1, eth0.2,
etc. - VLAN networks (LAN networks separated
from each other, although using the same cabling)
¡
eth0.1:0, eth0.1:1
, etc. - VLAN interface aliases
¡
fr1, fr2,
etc. - Frame Relay PVCs (the number after “fr” is the
DLCI of a given PVC)
¡
ppp0
- PPP interface used when the G.703 link works in the PPP
mode
¡
hdlc0
- HDLC interface used when the G.703 link works in the
®
Cisco HDLC mode
This command has similar syntax as the Linux “ifconfig”:
ifconfig <interface name> [<IP address>] [netmask
<network mask>] [bcast <broadcast address>] [ static
| dynamic ] [bridge { on | off } ]
The “ifconfig” alone displays information about the active
interfaces. Entering “ifconfig <interface name>” shows information
about a certain interface. An information about interface’s IP address,
number of packets and bytes send and received, number of transmission
errors and other important data is displayed..
An IP address may be assigned to an interface, together with
subnet mask and broadcast address. A dynamic ARP may also be
enabled or disabled.
The “bridge” parameter allows to include or exclude certain
protocol from bridging, when the router works in the bridge mode.
15
3.3.13.
ipchains
The command is used to control the firewall and the network
address translation (NAT, called also “masquerade” - that is giving a
network an access to the Internet using only one real IP address).
¡
ipchains add
-
adds an entry at the end of the list
¡
ipchains insert
- adds an entry at the beginning of the list
¡
ipchains del
- removes an entry
¡
ipchains list
-
displays current settings
¡
ipchains flush
-
removes all entries from the list
After the “add”, “insert” or “del” option following parameters
should be given:
¡
-s
<source subnet>/<netmask> [port range]
Defines the source addresses which this entry concerns. If this
parameter is omitted, then the entry concerns all source addresses.
¡
-d
<destination subnet>/<netmask> [port range]
Defines the destination addresses which this entry concerns. If
this parameter is omitted, then the entry concerns all destination
addresses.
¡
-p
<protocol> (optional)
Optionally the application of this rule may be limited to a certain
protocol.
¡
-y
(optional)
The rule may be applied to the TCP SYN packets only (i.e. the
packets that initiate the TCP connection). It allows inhibiting the
incoming connections while the returning packets for the outgoing ones
will be passed.
¡
-m
<IP address>
By default during the masquerade an outgoing interface’s IP
address is used. The option above allows forcing use of another address.
¡
accept / deny / masq
- information, what to do with a packet,
that conforms to a given rule (accept / discard / masquerade)
Summary of Contents for 1701
Page 1: ...G 703 Ethernet Routers series TAHOE 1700 FREEDOM OF COMMUNICATION USER MANUAL ...
Page 2: ......
Page 28: ...24 ...
Page 31: ......