16
Note:
The router always chooses the first matching rule from the
list. So if the more general rule comes first, and the more specific
is later, then the first one will be applied and the last one - ignored.
Thus the specific rule has to be inserted
before
the general one,
as in following example:
ipchains add -s 215.16.11.0/24 deny
ipchains insert -s 215.16.11.5 accept
Commands above inhibit the access for the whole 215.16.11.0/24
subnet
except
the 215.16.11.5 address.
More examples:
ipchains add d 0.0.0.0/0 80-80 p tcp deny
Inhibits access to the port 80 on all external servers.
ipchains add s 192.168.0.0/16 masq
Enables masquerade for the 192.168.0.0/16 subnet (other
addresses are passed unchanged)
3.3.14.
lang
Selects the language used to display messages during the telnet
or console connection and on the LCD:
¡
lang 0 -
Polish
¡
lang 1
- English
3.3.15.
masq
The “masq” command displays a list of masqueraded
connections. The list consists of source and destination addresses, the
port assigned by the router, the time remaining to the removal of an entry
Note:
The specific
“accept” rule (concerning one IP address) has
to be inserted
before
the general one (concerning the whole
subnet), either using the “insert” command as in the example
above or by adding the specific rule first and then the general one.
Otherwise the router will always apply the first rule and will never
reach the second one, as the packet coming from 215.16.11.5 fits
both of them and if the general one is first, then it will be applied.
17
in case of connection inactivity and the amount of remaining free table
entries that may be used for new connections. Both ports and IP
addresses are printed as hexadecimal numbers.
3.3.16.
mem
“Mem” shows the memory usage statistics. The “free” entry is the
most important - it shows how much free memory is left.
3.3.17.
netstat
Shows a list of active TCP connections.
3.3.18.
ping
Checks the availability of a device with selected IP address. For
example:
ping 10.0.0.2
gives the time necessary to send packet to the 10.0.0.2 station
and back or reports its unavailability. Press Ctrl+C to stop the pinging
process.
3.3.19.
ppp
The “ppp” command sets up the PPP parameters when the G.703
link works in the synchronous PPP mode. Following options are available
(the <port> parameter should be set to “ppp0”):
¡
ppp <port> defroute on
¡
ppp <port> defroute off
- the command enables and disables,
respectively, adding of the default route through the PPP interface
after the connection is established
¡
ppp <port> mtu <value>
- sets the maximum packet size that
the router may send through the PPP interface (the final MTU
setting depends also on the MRU setting on the remote router)
¡
ppp <port> mru <value>
- sets the maximum packet size that
the router will accept to receive
¡
ppp
<port>
ip <local address>[:<remote address>]
-
sets the IP addresses used during the PPP connection negotiation
¡
ppp <port> up1 <command>
¡
ppp <port> up2 <command>
¡
ppp <port> up3 <command>
¡
ppp <port> up4 <command> -
the “up1” to “up4” options
Summary of Contents for 1701
Page 1: ...G 703 Ethernet Routers series TAHOE 1700 FREEDOM OF COMMUNICATION USER MANUAL ...
Page 2: ......
Page 28: ...24 ...
Page 31: ......