- Computers & electronics
- Software
- Networking software
- Terminal emulation software
- Thomson
- ST 546
- User manual
- 792 Pages
Thomson ST 516, ST 536, ST 546 broadband router CLI Reference Guide
Technicolor - Thomson ST516 is a powerful device that provides a wide range of features and capabilities. With its advanced ADSL and ATM commands, you can configure and manage your network with ease. The ping and traceroute commands allow you to test your network connectivity and identify any potential issues. Additionally, the comprehensive CLI reference guide provides detailed information on all the available commands, making it easy to get the most out of your device. Here are some key features of the Technicolor - Thomson ST516:
ADSL configuration and management ATM configuration and management Network connectivity testing Comprehensive CLI reference guide.
advertisement
Assistant Bot
Need help? Our chatbot has already read the manual and is ready to assist you. Feel free to ask any questions about the device, but providing details will make the conversation more productive.
Power
Ethernet
DSL
Internet
Thomson ST516/536/546
CLI Reference Guide
Thomson ST516/536/546
CLI Reference Guide
R6.2
Copyright
Copyright ©1999-2007 THOMSON. All rights reserved.
Distribution and copying of this document, use and communication of its contents is not permitted without written authorization from THOMSON. The content of this document is furnished for informational use only, may be subject to change without notice, and should not be construed as a commitment by THOMSON. THOMSON assumes no responsibility or liability for any errors or inaccuracies that may appear in this document.
Thomson Telecom Belgium
Prins Boudewijnlaan, 47
B-2650 Edegem
Belgium http://www.thomson-broadband.com
Trademarks
The following trademarks are used in this document:
>
DECT is a trademark of ETSI.
>
Bluetooth® word mark and logos are owned by the Bluetooth SIG, Inc.
>
Ethernet™ is a trademark of Xerox Corporation.
>
Wi-Fi® and the Wi-Fi logo are registered trademarks of the Wi-Fi Alliance. "Wi-Fi CERTIFIED", "Wi-Fi ZONE", "Wi-Fi Alliance", their respective logos and "Wi-Fi Protected Access" are trademarks of the Wi-Fi Alliance.
>
UPnP™ is a certification mark of the UPnP™ Implementers Corporation.
>
Microsoft®, MS-DOS®, Windows® and Windows NT® are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.
>
Apple® and Mac OS® are registered trademarks of Apple Computer, Incorporated, registered in the United States and other countries.
>
UNIX® is a registered trademark of UNIX System Laboratories, Incorporated.
>
Adobe®, the Adobe logo, Acrobat and Acrobat Reader are trademarks or registered trademarks of Adobe Systems, Incorporated, registered in the United States and/or other countries.
Other brands and product names may be trademarks or registered trademarks of their respective holders.
Document Information
Status: v2.0 (May 2007)
Reference: E-DOC-CTC-20061027-0003
Short Title: CLI Reference Guide ST516/536/546 R6.2
Software Build: R 6.2.H.5
Contents
About this CLI Reference Guide ................................................ 1
1 Root Commands .......................................................................... 3
2 ADSL Commands......................................................................... 7
3 ATM Commands ........................................................................ 17
E-DOC-CTC-20061027-0003 v2.0
i
Contents
ii
4 AutoPVC Commands................................................................. 69
5 Config Commands ..................................................................... 73
E-DOC-CTC-20061027-0003 v2.0
Contents
6 Connection Commands............................................................. 81
7 CWMP Commands................................................................... 101
8 Debug Commands ................................................................... 105
9 DHCP Commands .................................................................... 107
E-DOC-CTC-20061027-0003 v2.0
iii
Contents
iv
E-DOC-CTC-20061027-0003 v2.0
Contents
10 DNS Commands ...................................................................... 183
E-DOC-CTC-20061027-0003 v2.0
v
Contents
vi
11 DSD Commands....................................................................... 209
12 DynDNS Commands................................................................ 227
13 Env Commands........................................................................ 243
E-DOC-CTC-20061027-0003 v2.0
Contents
14 Eth Commands ........................................................................ 249
E-DOC-CTC-20061027-0003 v2.0
vii
viii
Contents
E-DOC-CTC-20061027-0003 v2.0
Contents
15 Expr Commands ...................................................................... 327
16 Firewall Commands................................................................. 343
17 GRP Commands....................................................................... 375
E-DOC-CTC-20061027-0003 v2.0
ix
Contents
x
18 Hostmgr Commands ............................................................... 387
19 IDS Commands ........................................................................ 395
20 IGMP Commands..................................................................... 409
E-DOC-CTC-20061027-0003 v2.0
Contents
21 Interface Commands ............................................................... 427
22 IP Commands ........................................................................... 431
E-DOC-CTC-20061027-0003 v2.0
xi
Contents
xii
23 IPQoS Commands.................................................................... 473
24 Label Commands ..................................................................... 487
25 Language Commands ............................................................. 513
E-DOC-CTC-20061027-0003 v2.0
Contents
26 MBUS Commands ................................................................... 517
27 MEMM Commands.................................................................. 535
28 MLP Commands ...................................................................... 543
E-DOC-CTC-20061027-0003 v2.0
xiii
Contents
xiv
29 NAT Commands....................................................................... 565
30 PPP Commands........................................................................ 583
E-DOC-CTC-20061027-0003 v2.0
Contents
31 PPTP Commands ..................................................................... 611
32 Script Commands .................................................................... 619
33 Service Commands.................................................................. 627
E-DOC-CTC-20061027-0003 v2.0
xv
Contents
xvi
34 SNMP Commands ................................................................... 649
35 SNTP Commands..................................................................... 665
36 Software Commands .............................................................. 671
37 System Commands ................................................................. 675
E-DOC-CTC-20061027-0003 v2.0
Contents
38 Systemlog Commands............................................................ 691
39 Upgrade Commands ............................................................... 701
40 UPnP Commands..................................................................... 717
41 User Commands ...................................................................... 721
E-DOC-CTC-20061027-0003 v2.0
xvii
xviii
Contents
42 Abbreviations........................................................................... 731
43 System Logging Messages..................................................... 735
44 Supported Key Names ............................................................ 745
E-DOC-CTC-20061027-0003 v2.0
About this CLI Reference Guide
About this CLI Reference Guide
Used Symbols
i
A
note
provides additional information about a topic.
!
A
caution
warns you about potential problems or specific precautions that need to be taken.
Terminology
Generally, the Thomson ST516/536/546 will be referred to as Thomson ST in this CLI Reference Guide.
Typographical Conventions
Following typographical convention is used throughout this manual:
>
Sample text indicates a hyperlink to a Web site.
Example: For more information, visit us at www.thomson-broadband.com
.
>
Sample text indicates an internal cross-reference.
Example: If you want to know more about guide, see “1 Introduction” on page 7”.
>
Sample text
indicates an important content-related word.
Example: To enter the network, you
must
authenticate yourself.
>
Sample text
indicates a CLI command to be input after the CLI prompt.
Example: To obtain a list of all available command groups, type
help
at the top level.
>
Sample text indicates input in the CLI interface.
>
Sample text indicates comment explaining output in the CLI interface.
Documentation and software updates
THOMSON continuously develops new solutions, but is also committed to improving its existing products.
For suggestions regarding this document, please contact [email protected]
.
For more information on THOMSON's latest technological innovations, documents and software releases, visit us at http://www.thomson-broadband.com
.
E-DOC-CTC-20061027-0003 v2.0
1
About this CLI Reference Guide
2
E-DOC-CTC-20061027-0003 v2.0
Root Commands
1 Root Commands
From the root prompt, you can choose one of the following commands:
Command
help
?
menu exit
..
saveall
i
Description
Displays the help information.
Displays the menu.
Exits the shell.
Exits group selection.
Saves current configuration.
Send ICMP ECHO_REQUEST packets.
Send ICMP/UDP packets to trace the ip path.
To obtain help on a specific command group:
>
type
help
, followed by the name of the command group, and then press ENTER, or
>
type the name of the command group, press ENTER, and then type
help
.
EXAMPLE:
<Administrator>=>help firewall
Following commands are available : config list clear
: Display/Modify firewall configuration.
: Display firewall configuration.
: Clear firewall configuration.
Following command groups are available : chain debug level rule
<Administrator>=>
E-DOC-CTC-20061027-0003 v2.0
3
Root Commands
ping
Send ICMP ECHO_REQUEST packets.
SYNTAX:
ping proto = <{ip|atm}> addr = <ip-address> dest = <string>
[count = <number{0-1000000}>]
[size = <number{28-20028}>]
[interval(ms) = <number{100-1000000}>]
[DF-bit = <{disabled|enabled}>] [srcaddr = <ip-address>] where: proto addr dest count size interval
DF-bit scraddr
The interface type to be used.
Choose between:
>
ip
>
atm
The destination IP address.
The destination address for the request.
A number between 1 and 1000000.
Represents the number of pings to send.
The default is
5
.
A number between 0 and 20000.
Represents the size of the ping payload(s).
A number between 100 and 1000000.
Represents the interval in milliseconds between packets.
The default is
100
.
Set the Don't Fragment bit (or leave unset) in the IP header of ping.
The default is
disabled
.
The IP source address to use.
REQUIRED
REQUIRED
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
EXAMPLE:
=>:ping proto=ip addr=192.168.1.70
Legend : Ping successful(!)
Ping Timeout(.)
Hit ctrl-g to abort...
!!!!!
--- ping statistics ---
5 packet(s) transmitted, 5 successful, 0% loss rtt min/avg/max = 1 / 2 / 4 ms
=>
E-DOC-CTC-20061027-0003 v2.0
4
Root Commands
traceroute
Send ICMP/UDP packets to trace the IP path.
SYNTAX:
traceroute addr = <ip-address>
[count = <number{1-10}>]
[size = <number{1-20000}>]
[interval = <number{1000-60000}>]
[maxhops = <number{1-255}>]
[dstport = <number{1-65535}>]
[maxfail = <number{0-255}>]
[type = <{icmp | udp}>]
[utime = <{disabled | enabled}>] where: addr count size interval maxhops dstport maxfail type utime
The destination IP address.
A number between 1 and 10.
Represents the number of times to reissue a traceroute request with the same TTL.
The default is
3
.
A number between 1 and 20000 (bytes).
Represents the size of the traceroute packet(s).
The default is
1
.
A number between 1000 and 60000 (milliseconds).
Represents the intermediate interval between two packets.
The default is
1000
.
A number between 1 and 255.
Represents the maximum number of routers through which a packet can pass.
The default is
30
.
A number between 1 and 65535.
Represents the UDP destination port number to send to.
A number between 0 and 255.
Represents the maximum number of consecutive timeouts allowed before terminating a traceroute request.
The default is
5
.
The type of traceroute packet(s).
Choose between:
>
icmp
>
udp
.
The default is
icmp
.
Display time in useconds (enabled) or not (disabled).
The default is
enabled
.
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
5
Root Commands
EXAMPLE:
=>traceroute addr = 192.193.195.250 count=3 size=1 interval=1000 maxhops=30 dstport=33433 maxfail=5 type=icmp utime=yes
:traceroute addr=192.193.195.250
ttl=1 192.193.195.250 676 us 1351 us 648 us
=>
6
E-DOC-CTC-20061027-0003 v2.0
ADSL Commands
2 ADSL Commands
Introduction
This chapter describes the commands of the adsl command group.
Contents
This chapter covers the following commands:
Show/set the Asymmetric Digital Subscriber Line (ADSL) configuration.
Display the ADSL statistics and information about the DSL line status.
Displays the number of bits per tone.
Enable/disable the Dual Ended Line Testing Interface (DELT)
Display Dual Ended Line Testing Interface (DELT) results
Displays the modem options bitmap
Configure the modem options bitmap
Configure the ADSL tracelevel.
E-DOC-CTC-20061027-0003 v2.0
7
ADSL Commands
adsl config
Show/set the Asymmetric Digital Subscriber Line (ADSL) configuration.
SYNTAX:
adsl config [opermode = <{multimode | multi_adsl2 | multi_readsl2
| multi_adsl2plus}>]
[trace = <{disabled | enabled}>] where: opermode OPTIONAL trace
The operational mode of the Thomson ST.
Choose between:
>
multimode
>
multi_adsl2
>
multi_readsl2
>
multi_adsl2plus
The default is
multi_adsl2plus
.
Enable or disable ADSL tracing.
The default is
enabled
.
OPTIONAL
EXAMPLE:
The example below shows the default configuration for a Thomson ST ADSL/POTS variant:
=>adsl config
ADSL configuration:
opermode = multi_adsl2plus
trace = on
modemoption = 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
=>
E-DOC-CTC-20061027-0003 v2.0
8
ADSL Commands
adsl info
Display the ADSL statistics and information about the DSL line status.
Although the same command is used for both Thomson ST ADSL/POTS and Thomson ST ADSL/ISDN variants, the command features specific output parameters and counters per variant.
SYNTAX:
adsl info
E-DOC-CTC-20061027-0003 v2.0
9
EXAMPLE (for a Thomson ST ADSL/POTS variant):
=>adsl info
Modemstate
Operation Mode
Channel Mode
Number of resets
Vendor
Country
Vendor
VendorSpecific :
StandardRevisionNr :
:
:
: up
: G.992.1 Annex A
: interleaved
: 1
Local
0f
TMMB
0000
00
Margin
Attenuation
OutputPower [dBm]
Available Bandwidth
Downstream
Upstream
[dB]
[dB]
:
:
:
:
:
Downstream
26.0
0.0
4.0
Cells/s
14490
1509
Transfer statistics
Errors
Received FEC
Received CRC
Received HEC :
Transmitted FEC :
:
:
Transmitted CRC :
Tranmsitted HEC :
Near end failures since reset
Loss of frame: 0 failures
Loss of signal: 0 failures
Loss of power:
Errored seconds:
0 failures
0 seconds
Near end failures last 15 minutes
Loss of frame:
Loss of signal:
Loss of power:
0 seconds
0 seconds
0 seconds
Errored seconds: 0 seconds
Near end failures current day
Errored seconds: 0 seconds
Near end failures previous day
Errored seconds: 0 seconds
0
0
0
0
0
0
=>
Remote
00
0000
00
Upstream
18.0
2.0
11.5
Kbit/s
6144
640
ADSL Commands
E-DOC-CTC-20061027-0003 v2.0
10
ADSL Commands
adsl debug bitloadinginfo
Displays the number of bits per tone.
Syntax
adsl debug bitloadinginfo
E-DOC-CTC-20061027-0003 v2.0
11
ADSL Commands
adsl debug deltconfig
Enable/disable the Dual Ended Line Testing Interface (DELT)
Syntax
adsl debug deltconfig where: state
[state = <{disabled|enabled}>] enable or disable DELT REQUIRED
12
E-DOC-CTC-20061027-0003 v2.0
ADSL Commands
adsl debug deltinfo
Display Dual Ended Line Testing Interface (DELT) results
Syntax
adsl debug deltinfo
E-DOC-CTC-20061027-0003 v2.0
13
adsl debug modemoptioninfo
Displays the modem options bitmap
Syntax
adsl debug modemoptioninfo
ADSL Commands
14
E-DOC-CTC-20061027-0003 v2.0
ADSL Commands
adsl debug modemoption
Configure the modem options bitmap
Syntax
adsl debug modemoption [config = <hexbitmap>] where: config The modem options bitmap REQUIRED
E-DOC-CTC-20061027-0003 v2.0
15
ADSL Commands
adsl debug traceconfig
Configure the ADSL tracelevel.
Syntax
adsl debug traceconfig [level = <number{0-2}>] where: level Trace Level:
>
0=disable tracing;
>
1=enable dsl manager tracing;
>
2=enable dsl driver tracing)
REQUIRED
16
E-DOC-CTC-20061027-0003 v2.0
ATM Commands
3 ATM Commands
Introduction
This chapter describes the commands of the atm command group.
Contents
This chapter covers the following commands:
Flush all Asynchronous Transfer Mode (ATM) interfaces.
Create a new ATM interface.
Attach a ATM interface.
Configure an ATM interface.
Delete an ATM interface.
Detach an ATM interface.
Display the ATM interfaces.
Add a new bundle of interfaces.
Attach a bundle of interfaces.
Modify a bundle of interfaces.
Delete a bundle of interfaces.
Detach a bundle of interfaces.
Configure an interface from a bundle.
Remove an interface from a bundle.
Configure the ATM connection admission control.
Display all the CAC parameters.
Configure ATM overbooking parameters.
Display ATM Adaptation Layer 5 (AAL5) port specific ATM statistics.
Display ATM global statistics.
Display port specific ATM statistics.
Modify the ATM Operation and Maintenance (OAM) settings.
Modify the ATM OAM data blocking mode.
Display Continuity Check (CC) configuration.
Send CC activate/deactivate to connection.
E-DOC-CTC-20061027-0003 v2.0
17
Create a loopback connection for VC.
Delete a loopback connection for VC.
List all VC loopback connections.
Add a new phonebook entry.
Show the auto PVCs.
Delete an existing phonebook entry.
Flush all the phonebook entries.
Display the current phonebook.
Add a new QoS book entry.
Modify the QoS book configuration.
Add a Connection Traffic Descriptor (CTD).
Delete a CTD.
Display all CTDs.
Flush all the QoS book entries.
Display the QoS book.
ATM Commands
18
E-DOC-CTC-20061027-0003 v2.0
ATM Commands
atm flush
Flush all Asynchronous Transfer Mode (ATM) interfaces.
SYNTAX:
atm flush
E-DOC-CTC-20061027-0003 v2.0
19
ATM Commands
atm ifadd
Create a new ATM interface.
SYNTAX:
atm ifadd where: intf intf = <string>
The name for the new ATM interface.
Note
If not specified, the destination parameter must be specified. In this case the name of the destination will double as interface name.
REQUIRED
EXAMPLE:
=>atm iflist atm_0_35 : dest : atm_pvc_0_35
Retry : 10 QoS : default Encaps : vcmux Fcs : disabled Ulp : mac
Connection State : connected
=>
=>atm ifadd intf = RtPPPoA_atm
=>
=>atm iflist atm_0_35 : dest : atm_pvc_0_35
Retry : 10 QoS : default Encaps : vcmux Fcs : disabled Ulp : mac
Connection State : connected
RtPPPoA_atm: dest : (none)
Retry : 10 QoS : default Encaps : llc Fcs : disabled Ulp : ip
Connection State : not-connected
=>
RELATED COMMANDS:
Delete an ATM interface.
Display the ATM interfaces.
E-DOC-CTC-20061027-0003 v2.0
20
ATM Commands
atm ifattach
Attach a ATM interface.
SYNTAX:
atm ifattach where: intf intf = <string>
The name of the ATM interface to be attached.
EXAMPLE:
=>atm iflist atm_0_35 : dest : atm_pvc_0_35
Retry : 10 QoS : default Encaps : vcmux Fcs : off Ulp : mac
Connection State : connected
RtPPPoA_atm: dest : RtPPPoA
Retry : 10 QoS : default Encaps : vcmux Fcs : off Ulp : ppp
Connection State : not-connected
=>atm ifattach intf=RtPPPoA_atm
=>
=>atm iflist atm_0_35 : dest : atm_pvc_0_35
Retry : 10 QoS : default Encaps : vcmux Fcs : off Ulp : mac
Connection State : connected
RtPPPoA_atm: dest : RtPPPoA
Retry : 10 QoS : default Encaps : vcmux Fcs : off Ulp : ppp
Connection State : connected
=>
RELATED COMMANDS:
Detach an ATM interface.
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
21
ATM Commands
atm ifconfig
Configure an ATM interface.
i
The interface to be configured must not be connected at the time of configuration. If this should be the case, use the command
:atm ifdetach before using the command :atm ifconfig.
SYNTAX:
atm ifconfig intf = <string>
[dest = <string>]
[qos = <string>]
[clp = <{0|1|classification}>]
[clpthresh = <number{0-15}>]
[encaps = <{llc | vcmux}>]
[retry = <number{0-65535}>]
[fcs = <{disabled | enabled | auto}>]
[ulp = <{ip | mac | ppp}>] where: intf dest qos clp clpthresh encaps fcs retry
The name of the ATM interface to be configured.
The WAN destination for this ATM interface.
Typically, an ATM phonebook entry.
The name of the Quality of Service (QoS) book entry to apply on this ATM interface.
The default is
default
.
The mode used to determine the CLP bit value
Priority class threshold where CLP becomes 0 (for all classes >= threshold)
The type of encapsulation to be used for this ATM interface.
Choose between:
>
llc
: Logical Link Control (LLC) / Sub Network Access Protocol (SNAP)
>
vcmux
: Virtual Channel MUltipleXing (VCMUX).
The default is
llc
.
Enable or disable the inclusion of the Ethernet Frame Check Sequence
(FCS) in the packet header on the WAN side (only used for llc encapsulation for mac).
The default is
disabled
.
Note
This parameter is normally left disabled.
A number between 0 and 65535.
Represents the number of times the Thomson ST retries to set up a WAN connection before giving up.
The default is
10
.
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
22
ATM Commands ulp Select the Upper Layer Protocol (ULP) for this interface.
Choose between:
>
ip
(for a Routed IPoA interface).
>
mac
(for a Bridged Ethernet, Routed ETHoA, Bridged PPP over
Ethernet (PPPoE), Routed PPPoE or a PPPoE Relay interface).
>
ppp
(for a Routed PPP over ATM (PPPoA) interface).
The default is
ip
.
EXAMPLE:
=>atm iflist atm_0_35 : dest : atm_pvc_0_35
Retry : 10 QoS : default Encaps : llc Fcs : disabled Ulp : mac
Connection State : connected atm_8_35 : dest : atm_pvc_8_35
Retry : 10 QoS : default Encaps : llc Fcs : disabled Ulp : mac
Connection State : not-connected
=>
=>atm ifconfig intf=atm_8_35 dest=atm_pvc_8_35 encaps=vcmux ulp=ppp
=>
=>atm iflist atm_0_35 : dest : atm_pvc_0_35
Retry : 10 QoS : default Encaps : llc Fcs : disabled Ulp : mac
Connection State : connected atm_8_35 : dest : RtPPPoA
Retry : 10 QoS : default Encaps : vcmux Fcs : disabled Ulp : ppp
Connection State : not-connected
=>
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
23
ATM Commands
atm ifdelete
Delete an ATM interface.
SYNTAX:
atm ifdelete where: intf intf = <string>
The name of the ATM interface to be deleted.
EXAMPLE:
=>atm iflist atm_0_35 : dest : atm_pvc_0_35
Retry : 10 QoS : default Encaps : vcmux Fcs : off Ulp : mac
Connection State : connected
RtPPPoA_atm: dest : RtPPPoA
Retry : 10 QoS : default Encaps : vcmux Fcs : off Ulp : ppp
Connection State : connected
=>
=>atm ifdelete intf=RtPPPoA_atm
=>
=>atm iflist atm_0_35 : dest : atm_pvc_0_35
Retry : 10 QoS : default Encaps : vcmux Fcs : off Ulp : mac
Connection State : connected
=>
RELATED COMMANDS:
Create a new ATM interface.
Display the ATM interfaces.
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
24
ATM Commands
atm ifdetach
Detach an ATM interface.
SYNTAX:
atm ifdetach where: intf intf = <string>
The name of the ATM interface to be detached.
EXAMPLE:
=>atm iflist atm_0_35 : dest : atm_pvc_0_35
Retry : 10 QoS : default Encaps : vcmux Fcs : off Ulp : mac
Connection State : connected
RtPPPoA_atm: dest : RtPPPoA
Retry : 10 QoS : default Encaps : vcmux Fcs : off Ulp : ppp
Connection State : connected
=>
=>atm ifdetach intf=RtPPPoA_atm
=>
=>atm iflist atm_0_35 : dest : atm_pvc_0_35
Retry : 10 QoS : default Encaps : vcmux Fcs : off Ulp : mac
Connection State : connected
RtPPPoA_atm: dest : RtPPPoA
Retry : 10 QoS : default Encaps : vcmux Fcs : off Ulp : ppp
Connection State : not-connected
=>
RELATED COMMANDS:
Attach a ATM interface.
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
25
ATM Commands
atm iflist
Display the ATM interfaces.
SYNTAX:
atm iflist where: intf
[intf = <string>]
The name of the ATM interface to be shown.
Note
If not specified, all the ATM interfaces are shown.
EXAMPLE:
=>atm iflist atm_0_35 : dest : atm_pvc_0_35
Retry : 10 QoS : default Encaps : vcmux Fcs : off Ulp : mac
Connection State : connected
RtPPPoA_atm: dest : RtPPPoA
Retry : 10 QoS : default Encaps : vcmux Fcs : off Ulp : ppp
Connection State : connected
=>atm iflist intf=RtPPPoA_atm
RtPPPoA_atm: dest : RtPPPoA
Retry : 10 QoS : default Encaps : vcmux Fcs : off Ulp : ppp
Connection State : connected
=>
RELATED COMMANDS:
Create a new ATM interface.
Delete an ATM interface.
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
26
ATM Commands
atm bundle add
Add a new bundle of interfaces.
SYNTAX:
atm bundle add where: name name = <string>
The name of the new bundle.
EXAMPLE:
=>atm bundle add name=myBundle
=>atm bundle list myBundle: Connection state : not-connected
Retry: 10 Policy: priority Propagate: disabled
TX requested bytes: 0
TX bytes: 0
RX bytes: 0 requested frames: 0 frames: 0 frames: 0
=>
RELATED COMMANDS:
Delete a bundle of interfaces.
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
27
ATM Commands
atm bundle attach
Attach a bundle of interfaces.
SYNTAX:
atm bundle attach where: name name = <string>
The name of the bundle to be attached.
EXAMPLE:
=>atm bundle attach name=myBundle
=>atm bundle list myBundle: Connection state : connected
Retry: 10
TX requested bytes: 0
TX bytes: 0
RX bytes: 0
=>
Policy: priority Propagate: disabled requested frames: 0 frames: 0 frames: 0
RELATED COMMANDS:
atm bundle detach Detach a bundle of interfaces.
REQUIRED
28
E-DOC-CTC-20061027-0003 v2.0
ATM Commands
atm bundle config
Modify a bundle of interfaces.
i
The bundle of interfaces to be configured must not be connected at the time of configuration. If this should be the case, use the command
:atm bundle detach before using the command :atm bundle config.
SYNTAX:
atm bundle config name = <string>
[policy = <{priority | connection}>]
[propagate = <{disabled | enabled}>]
[retry = <number{0-65535}>] where: name policy propagate retry
The name of the bundle to be configured.
The traffic handling policy of the bundle.
Choose between:
>
priority
: lower layer ATM interfaces can be configured for a certain priority range, marked packets will be sent on the corresponding interface.
>
connection
: all the packets of the same connection will be sent via the same interface.
The default is
priority
.
Enable or disable propagation of packets.
When propagation is enabled, packets are sent via the first interface configured for that traffic. If the interface goes down, the next interface in the bundle will be used.
The default is
disabled
.
A number between 0 and 65535.
Represents the number of connection setup retries before giving up.
The default is
10
.
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
EXAMPLE:
=>atm bundle list myBundle: Connection state : not-connected
Retry: 10
TX requested bytes: 0
Policy: priority Propagate: disabled requested frames: 0
TX bytes: 0
RX bytes: 0 frames: 0 frames: 0
=>atm bundle config name=myBundle policy=connection retry=15
=>atm bundle list myBundle: Connection state : not-connected
Retry: 15 Policy: connection Propagate: disabled
TX requested bytes: 0 requested frames: 0
TX bytes: 0
RX bytes: 0 frames: 0 frames: 0
=>
E-DOC-CTC-20061027-0003 v2.0
29
ATM Commands
atm bundle clear
Clear the bundle statistics.
SYNTAX:
atm bundle clear where: name
[name = <string>]
The name of the bundle for which the statistics must be cleared.
Note
If not specified, the statistics for all the bundles will be cleared.
OPTIONAL
30
E-DOC-CTC-20061027-0003 v2.0
ATM Commands
atm bundle delete
Delete a bundle of interfaces.
SYNTAX:
atm bundle delete where: name name = <string>
The name of the bundle to be deleted.
RELATED COMMANDS:
Add a new bundle of interfaces.
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
31
ATM Commands
atm bundle detach
Detach a bundle of interfaces.
SYNTAX:
atm bundle detach where: intf intf = <string>
The name of the bundle to be detached.
RELATED COMMANDS:
atm bundle attach Attach a bundle of interfaces.
REQUIRED
32
E-DOC-CTC-20061027-0003 v2.0
ATM Commands
atm bundle flush
Flush all bundles.
SYNTAX:
atm bundle flush
E-DOC-CTC-20061027-0003 v2.0
33
ATM Commands
atm bundle ifadd
Add an interface on a bundle.
i
Up to 8 interfaces or (sub-)bundles can be added to one bundle.
SYNTAX:
atm bundle ifadd name = <string> intf = <string>
[index = <number{0-6}>] where: name intf index
The name of the bundle to which an ATM interface must be added.
The name of the ATM interface to be added.
A number between 0 and 6.
Represents the index of the ATM interface.
EXAMPLE:
=>atm bundle ifadd name=myBundle intf=myATMintf
=>atm bundle list myBundle: Connection state : not-connected
Retry: 15 Policy: connection
TX requested bytes: 0
TX bytes: 0
RX bytes: 0
Interface: myATMintf requested frames: 0 frames: 0 frames: 0
State: enabled Selector: 0-15
TX bytes: 0
RX bytes: 0
RX discarded bytes: 0
Disconnects: 0 frames: 0 frames: 0 discarded frames: 0
=>
RELATED COMMANDS:
atm bundle ifdelete Remove an interface from a bundle.
REQUIRED
REQUIRED
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
34
ATM Commands
atm bundle ifconfig
Configure an interface from a bundle.
i
The interface to be configured must not be connected at the time of configuration. If this should be the case, use the command
:atm bundle ifdetach before using the command :atm bundle ifconfig.
SYNTAX:
atm bundle ifconfig name = <string> intf = <string>
[state = <{disabled | enabled}>]
[low = <number{0-15}>]
[high = <number{0-15}>] where: name intf state low high
The name of the bundle from which an ATM interface must be configured.
The name of the ATM interface to be configured.
Enable or disable the ATM interface.
The default is
enabled
.
A number between 0 and 15.
Represents the low selector value.
Note
This parameter must only be configured when the policy of the bundle is set to
priority
(see
“ atm bundle config” on page 29 ).
A number between 0 and 15.
Represents the high selector value.
Note
This parameter must only be configured when the policy of the bundle is set to
priority
(see
“ atm bundle config” on page 29 ).
REQUIRED
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
35
ATM Commands
atm bundle ifdelete
Remove an interface from a bundle.
SYNTAX:
atm bundle ifdelete where: name intf name = <string> intf = <string>
The name of the bundle from which an ATM interface must be removed.
The name of the ATM interface to be removed.
REQUIRED
REQUIRED
EXAMPLE:
=>atm bundle iflist
Test : dest : (none)
Retry : 10 QoS : default Encaps : llc Fcs : off Ulp : ip
Connection State : not-connected
=>atm bundle ifdelete intf=Test
=>atm bundle iflist
=>
RELATED COMMANDS:
atm bundle ifadd Add an interface on a bundle.
36
E-DOC-CTC-20061027-0003 v2.0
ATM Commands
atm bundle list
Display the current bundles.
SYNTAX:
atm bundle list
EXAMPLE:
=>atm bundle list
Test : Connection state : not-connected
Retry: 10
TX requested bytes: 0
Policy: priority requested frames: 0
TX bytes: 0
RX bytes: 0
Interface: Test State: enabled
TX bytes: 0 frames: 0 frames: 0
Selector: 0-15 frames: 0
RX bytes: 0
RX discarded bytes: 0
Disconnects: 0 frames: 0 discarded frames: 0
=>
RELATED COMMANDS:
Add a new bundle of interfaces.
Delete a bundle of interfaces.
E-DOC-CTC-20061027-0003 v2.0
37
ATM Commands
atm cac config
Configure the ATM connection admission control.
SYNTAX:
atm cac config config port = <{dsl0|dsl1|atm2|atm3|aal5|atm5} or number> state = <{disabled|enabled}> where: config port state
The port for which CAC is configured.
Enable/disable CAC for an ATM port.
REQUIRED
REQUIRED
EXAMPLE:
{Administrator}=>atm cac config port = dsl0 state = enabled
:atm cac config port=dsl0 state=enabled
{Administrator}=>
RELATED COMMANDS:
Display all the CAC parameters.
Configure ATM overbooking parameters.
38
E-DOC-CTC-20061027-0003 v2.0
ATM Commands
atm cac list
Display all the CAC parameters.
SYNTAX:
atm cac list
EXAMPLE:
{Administrator}[atm cac]=>list
CAC: port: dsl0 state: enabled
CAC: port: dsl1 state: enabled
CAC: port: atm2 state: enabled
CAC: port: aal5 state: disabled
CAC: port: atm5 state: disabled
Overbooking: realtime: 0% non-realtime: 0%.
{Administrator}[atm cac]=>
RELATED COMMANDS:
Configure the ATM connection admission control.
Configure ATM overbooking parameters.
E-DOC-CTC-20061027-0003 v2.0
39
ATM Commands
atm cac overbooking
Configure ATM overbooking parameters.
SYNTAX:
atm cac overbooking where: rt nrt rt = <number{0-1000}> nrt = <number{0-1000}>
A number between 0 and 1000.
The realtime overbooking percentage.
A number between 0 and 1000.
The non-realtime overbooking percentage.
EXAMPLE:
{Administrator}[atm cac]=>overbooking rt 20 nrt 500
{Administrator}[atm cac]=>list
CAC: port: dsl0 state: enabled
CAC: port: dsl1 state: enabled
CAC: port: atm2 state: enabled
CAC: port: aal5 state: disabled
CAC: port: atm5 state: disabled
Overbooking: realtime: 20% non-realtime: 500%.
{Administrator}[atm cac]=>
RELATED COMMANDS:
Configure the ATM connection admission control.
Display all the CAC parameters.
REQUIRED
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
40
ATM Commands
atm debug aal5stats
Display ATM Adaptation Layer 5 (AAL5) port specific ATM statistics.
SYNTAX:
atm debug aal5stats port = <{dsl0|dsl1|atm2|atm3|aal5|atm5} or number> vpi = <number{0-15}>
[vci = <number{0-511}>]
[clear = <{disabled | enabled}>] where: port vpi vci clear
The port number for which statistics will be retrieved.
Choose between:
>
DSL0
>
DSL1
>
ATM2
>
ATM3
>
AAL5
>
ATM5
Or specify a port number (dsl0 has port number 0).
A number between 0 and 15.
Represents the Virtual Path Identifier (VPI) number for which statistics will be retrieved.
A number between 0 and 511.
Represents the Virtual Channel Identifier (VCI) number for which statistics will be retrieved.
Enable or disable clearing of the statistics after request.
REQUIRED
REQUIRED
OPTIONAL
OPTIONAL
RELATED COMMANDS:
Display ATM global statistics.
Display port specific ATM statistics.
E-DOC-CTC-20061027-0003 v2.0
41
ATM Commands
atm debug gstats
Display ATM global statistics.
SYNTAX:
atm debug gstats where: clear
[clear = <{disabled | enabled}>]
Enable or disable clearing of the statistics after request.
OPTIONAL
EXAMPLE:
{admin}[atm debug]=>gstats
# of received octets = 1802.
# of transmitted octets = 4346.
# of received cells = 34.
# of transmitted cells = 82.
# of unknown cells = 0.
# of errors on the input = 0.
# of errors on output = 0.
{admin}[atm debug]=>
RELATED COMMANDS:
Display ATM Adaptation Layer 5 (AAL5) port specific ATM statistics.
Display port specific ATM statistics.
42
E-DOC-CTC-20061027-0003 v2.0
ATM Commands
atm debug portstats
Display port specific ATM statistics.
SYNTAX:
atm debug portstats where: port clear port = <{dsl0} or number>
[clear = <{disabled | enabled}>]
The port number for which statistics will be retrieved.
Choose between:
>
DSL0
Or specify a port number (dsl0 has port number 0).
Enable or disable clearing of the statistics after request.
REQUIRED
OPTIONAL
EXAMPLE:
=>atm debug portstats port=dsl0
# of received octets = 1961.
# of transmitted octets = 4717.
# of received cells = 37.
# of transmitted cells = 89.
# of unknown cells = 0.
# of errors on the input = 0.
# of errors on output = 0.
=>
RELATED COMMANDS:
Display ATM Adaptation Layer 5 (AAL5) port specific ATM statistics.
Display ATM global statistics.
E-DOC-CTC-20061027-0003 v2.0
43
ATM Commands
atm oam config
Modify the ATM Operation and Maintenance (OAM) settings.
SYNTAX:
atm oam config [clp = <number{0-1}>]
[loopbackid = <string>] where: clp loopbackid
A number (0 or 1).
Represents the Cell Loss Priority (CLP) bit value of the OAM cells.
The default is
1
.
A hexadecimal string.
Represents the loopback ID for processing of segment loopback cells.
The default is
6a 6a 6a 6a 6a 6a 6a 6a 6a 6a 6a 6a 6a 6a 6a 6a
.
OPTIONAL
OPTIONAL
RELATED COMMANDS:
Modify the ATM OAM data blocking mode.
44
E-DOC-CTC-20061027-0003 v2.0
ATM Commands
atm oam list
Display the ATM OAM settings.
SYNTAX:
atm oam list
EXAMPLE:
=>atm oam list
OAM config dump
-------------------
CLP bit value : 1
Loopback id : 6a 6a 6a 6a 6a 6a 6a 6a 6a 6a 6a 6a 6a 6a 6a 6a
OAM data blocking mode
--------------------------
Port dsl0: blocking
Port dsl1: blocking
Port atm2: blocking
Port atm3: blocking
Port aal5: blocking
Port atm5: blocking
=>
RELATED COMMANDS:
Modify the ATM Operation and Maintenance (OAM) settings.
Modify the ATM OAM data blocking mode.
E-DOC-CTC-20061027-0003 v2.0
45
ATM Commands
atm oam modify
Modify the ATM OAM data blocking mode.
SYNTAX:
atm oam modify where: port blocking port = <{dsl0} or number> blocking = <{disabled | enabled}>
The port for which OAM blocking is configured.
Choose between:
>
DSL0
Or specify a port number (dsl0 has port number 0).
Enable or disable the OAM data blocking mode on this port.
The default is
enabled
.
REQUIRED
REQUIRED
46
E-DOC-CTC-20061027-0003 v2.0
ATM Commands
EXAMPLE:
=>atm oam list
OAM config dump
-------------------
CLP bit value : 1
Loopback id : 6a 6a 6a 6a 6a 6a 6a 6a 6a 6a 6a 6a 6a 6a 6a 6a
OAM data blocking mode
--------------------------
Port dsl0: blocking
Port dsl1: blocking
Port atm2: blocking
Port atm3: blocking
Port aal5: blocking
Port atm5: blocking
=>atm oam modify port=dsl1 blocking=disabled
=>:atm oam list
OAM config dump
-------------------
CLP bit value : 1
Loopback id : 6a 6a 6a 6a 6a 6a 6a 6a 6a 6a 6a 6a 6a 6a 6a 6a
OAM data blocking mode
--------------------------
Port dsl0: blocking
Port dsl1: non blocking
Port atm2: blocking
Port atm3: blocking
Port aal5: blocking
Port atm5: blocking
=>
RELATED COMMANDS:
Modify the ATM Operation and Maintenance (OAM) settings.
E-DOC-CTC-20061027-0003 v2.0
47
ATM Commands
atm oam ping
Send ATM loopback cells.
SYNTAX:
atm oam ping dest = <string>
[count = <number{1-1000000}>]
[interval = <number{100-1000000}>] where: dest count interval
The destination address for the request.
This can be any ATM phonebook entry.
A number between 1 and 1000000.
Represents the number of pings to send.
A number between 100 and 1000000 (milliseconds).
Represents the interval between packets.
EXAMPLE:
=>atm oam ping dest=atm_ph_8_35 count=10 interval=1000 loopback: successful, sequence: 1 time: 37890 usec loopback: successful, sequence: 2 time: 39118 usec loopback: successful, sequence: 3 time: 39116 usec loopback: successful, sequence: 4 time: 39187 usec loopback: successful, sequence: 5 time: 38605 usec loopback: successful, sequence: 6 time: 38764 usec loopback: successful, sequence: 7 time: 38752 usec loopback: successful, sequence: 8 time: 38813 usec loopback: successful, sequence: 9 time: 38848 usec loopback: successful, sequence: 10 time: 38941 usec
--- loopback statistics ---
10 loopbacks transmitted, 10 successful, 0% loss, time 1390 ms rtt min/avg/max = 37890/38803/39187
=>
RELATED COMMANDS:
Modify the ATM Operation and Maintenance (OAM) settings.
Modify the ATM OAM data blocking mode.
REQUIRED
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
48
ATM Commands
atm oam cc list
Display Continuity Check (CC) configuration.
SYNTAX:
atm oam cc list
EXAMPLE:
=>atm oam cclist
PORT = 0 VPI = 15 VCI = 16 End2End Mode = Auto Segment Mode = Auto
PORT = 0 VPI = 0 VCI = 35 End2End Mode = Auto Segment Mode = Auto
PORT = 0 VPI = 8 VCI = 35 End2End Mode = Auto Segment Mode = Auto
PORT = 0 VPI = 0 VCI = 16 End2End Mode = Auto Segment Mode = Auto
=>
RELATED COMMANDS:
Send CC activate/deactivate to connection.
E-DOC-CTC-20061027-0003 v2.0
49
ATM Commands
atm oam cc modify
Modify CC on the connection.
SYNTAX:
atm oam modify port = <{dsl0|dsl1|atm2|atm3|aal5|atm5} or number> vpi = <number{0-15}>
[vci = <number{0-511}>]
[transmit = <{disabled | enabled}>]
[receive = <{disabled | enabled}>]
[auto = <{disabled | enabled}>]
[span = <{segment | end2end}>] where: port vpi vci transmit receive auto span
The ATM port number.
Choose between:
>
DSL0
>
DSL1
>
ATM2
>
ATM3
>
AAL5
>
ATM5
Or specify a port number (dsl0 has port number 0).
A number between 0 and 15.
Represents the VPI.
A number between 0 and 511.
Represents the VCI.
Note
For a Virtual Path (VP) cross-connection, use 0 or do not specify.
Enable or disable transmission of CC cells.
Enable or disable loss of continuity.
Enable or disable remote CC activation/deactivation.
Select the CC span.
Choose between:
>
end2end
: monitoring occurs on the entire VC between two ATM end stations.
>
segment
: monitoring occurs on a VC segment between the Thomson
ST and a first-hop ATM switch.
REQUIRED
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
RELATED COMMANDS:
Display Continuity Check (CC) configuration.
Send CC activate/deactivate to connection.
E-DOC-CTC-20061027-0003 v2.0
50
ATM Commands
atm oam cc send
Send CC activate/deactivate to connection.
SYNTAX:
atm oam cc send port = <{dsl0} or number> vpi = <number{0-15}>
[vci = <number{0-511}>]
[span = <{segment | end2end}>]
[action = <{activate | deactivate}>]
[direction = <{source | sink | both}>] where: port vpi vci span action direction
The ATM port number.
Choose between:
>
DSL0.
Or specify a port number (dsl0 has port number 0).
A number between 0 and 15.
Represents the VPI.
A number between 0 and 511.
Represents the VCI.
Note
For a VP cross-connection, use 0 or do not specify.
Select the CC span.
Choose between:
>
end2end
: monitoring occurs on the entire VC between two ATM end stations.
>
segment
: monitoring occurs on a VC segment between the Thomson
ST and a first-hop ATM switch.
Activate or deactivate CC.
The default is
deactivate
.
Indicates the direction of CC activity.
Choose between:
>
source
>
sink
>
both.
The default is
both
.
REQUIRED
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
RELATED COMMANDS:
Display Continuity Check (CC) configuration.
E-DOC-CTC-20061027-0003 v2.0
51
ATM Commands
atm oam vclb add
Create a loopback connection for VC.
SYNTAX:
atm oam vclb add port = <{dsl0} or number> vpi = <number{0-15}>
[vci = <number{0-511}>] where: port vpi vci
The ATM port number.
Choose between:
>
DSL0
Or specify a port number (dsl0 has port number 0).
A number between 0 and 15.
Represents the VPI.
A number between 0 and 511.
Represents the VCI.
Note
For a VP cross-connection, use 0 or do not specify.
EXAMPLE:
=>atm oam vclb add port=dsl0 vpi=0 vci=36
=>atm oam vclb list
PORT = 0 VPI = 0 VCI = 36
=>atm oam vclb add port=dsl1 vpi=0 vci=37
=>atm oam vclb list
PORT = 0 VPI = 0 VCI = 36
PORT = 1 VPI = 0 VCI = 37
=>
RELATED COMMANDS:
Delete a loopback connection for VC.
List all VC loopback connections.
REQUIRED
REQUIRED
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
52
ATM Commands
atm oam vclb del
Delete a loopback connection for VC.
SYNTAX:
atm oam vclb del port = <{dsl0} or number> vpi = <number{0-15}>
[vci = <number{0-511}>] where: port vpi vci
The ATM port number.
Choose between:
>
DSL0
Or specify a port number (dsl0 has port number 0).
A number between 0 and 15.
Represents the VPI.
A number between 0 and 511.
Represents the VCI.
Note
For a VP cross-connection, use 0 or do not specify.
EXAMPLE:
=>atm oam vclb list
PORT = 0 VPI = 0 VCI = 36
PORT = 1 VPI = 0 VCI = 37
=>atm oam vclb del port=dsl1 vpi=0 vci=37
=>atm oam vclb list
PORT = 0 VPI = 0 VCI = 36
=>
RELATED COMMANDS:
Create a loopback connection for VC.
List all VC loopback connections.
REQUIRED
REQUIRED
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
53
atm oam vclb list
List all VC loopback connections.
SYNTAX:
atm oam vclb list
EXAMPLE:
=>atm oam vclb list
PORT = 0 VPI = 0 VCI = 36
PORT = 1 VPI = 0 VCI = 37
=>
RELATED COMMANDS:
Create a loopback connection for VC.
Delete a loopback connection for VC.
ATM Commands
54
E-DOC-CTC-20061027-0003 v2.0
ATM Commands
atm phonebook add
Add a new phonebook entry.
SYNTAX:
atm phonebook add name = <string> addr = <atmchannel : PVC syntax is [port.]vpi.vci
port=dsl0 | ...> where: name addr
The name of the new phonebook entry.
This name can be freely chosen, however two limitations apply:
>
The name of a phonebook entry intended for the Relayed PPPoA
(PPPoA-to-PPTP Relaying) packet service may not start with capital P or capital T
>
The name of a phonebook entry intended for the PPP-to-DHCP spoofing packet service must start with DHCP (for example
DHCP_Spoof01).
The ATM address for this destination.
It is composed of a VPI and a VCI identifying ATM virtual channels. In most cases the values are provided by the Service Provider.
Accepted VPI: a number between 0 and 15.
Accepted VCI: a number between 0 and 511.
REQUIRED
REQUIRED
EXAMPLE:
=>atm phonebook list
Name Use Address atm_pvc_0_35 1 0.35
=>atm phonebook add name=RtPPPoA addr=8.35
=>atm phonebook list
Name Use Address atm_pvc_0_35 1
RtPPPoA 0
=>
0.35
8.35
RELATED COMMANDS:
Delete an existing phonebook entry.
Display the current phonebook.
E-DOC-CTC-20061027-0003 v2.0
55
ATM Commands
atm phonebook autolist
Show the auto PVCs.
i
Auto PVCs are only shown if they are supported by the Central Office DSLAM.
SYNTAX:
atm phonebook autolist
EXAMPLE:
=>atm phonebook autolist
8.35
=>
RELATED COMMANDS:
Display the current phonebook.
56
E-DOC-CTC-20061027-0003 v2.0
ATM Commands
atm phonebook delete
Delete an existing phonebook entry.
i
This command is only applicable for phonebook entries that are not used (in other words, not configured for any packet service).
SYNTAX:
atm phonebook delete where: name name = <string>
The name of the phonebook entry to be deleted.
Tip
Use the command
:atm phonebook list to check whether the entry is in use (
Use=1
) or not (
Use=0
).
REQUIRED
EXAMPLE:
=>atm phonebook list
Name Use Address atm_pvc_0_35 1
RtPPPoA 0
0.35
8.35
=>atm phonebook delete name=RtPPPoA
=>atm phonebook list
Name Use Address atm_pvc_0_35 1 0.35
=>
RELATED COMMANDS:
Add a new phonebook entry.
Display the current phonebook.
E-DOC-CTC-20061027-0003 v2.0
57
ATM Commands
atm phonebook flush
Flush all the phonebook entries.
i
1. Phonebook entries that are in use, cannot be flushed.
2. This command does not impact previously saved configurations.
SYNTAX:
atm phonebook flush
EXAMPLE:
=>atm phonebook list
Name Use Address atm_pvc_0_35 1
RtPPPoA 0
0.35
8.35
=>
=>atm phonebook flush
Some phonebook entries are still in use. Entries that are in use cannot be deleted.
=>
=>atm phonebook list
Name Use Address atm_pvc_0_35 1
=>
0.35
58
E-DOC-CTC-20061027-0003 v2.0
ATM Commands
atm phonebook list
Display the current phonebook.
SYNTAX:
atm phonebook list
EXAMPLE:
=>atm phonebook list
Name Use Address atm_pvc_0_35 1
RtPPPoA 0
=>
0.35
8.35
RELATED COMMANDS:
Add a new phonebook entry.
Show the auto PVCs.
Delete an existing phonebook entry.
E-DOC-CTC-20061027-0003 v2.0
59
ATM Commands
atm qosbook add
Add a new QoS book entry.
SYNTAX:
atm qosbook add name = <string>
[txctd = <string>]
[rxctd = <string>] where: name txctd rxctd
The name of the new QoS entry.
The name of the Conformance Traffic Descriptor (CTD) for the transmit
(upstream) direction.
The name of the CTD for the receive (downstream) direction.
REQUIRED
OPTIONAL
OPTIONAL
EXAMPLE:
=>atm qosbook list
Name Ref Tx CTD default
=>
3 default
RELATED COMMANDS:
Rx CTD default
Display the QoS book.
60
E-DOC-CTC-20061027-0003 v2.0
ATM Commands
atm qosbook config
Modify the QoS book configuration.
SYNTAX:
atm qosbook config where: format
[format = <{bytes | cells}>]
The input/output format of the QoS book.
Choose between:
>
bytes
: the output is shown in Kbits or bytes.
>
cells
: the output is shown in cps or cells.
The default is
bytes
.
OPTIONAL
EXAMPLE:
=>atm qosbook ctdlist
Name Ref Conf Peak Sust Burst Minrate Frame
(Kbits) (Kbits) (bytes) (Kbits) (bytes)
Cdvt
0 0 0 0 default 2 led
=>atm qosbook config format=cells
=>atm qosbook ctdlist
Name
UBR
Ref Conf linerate 0
Peak
(cps)
Sust
(cps) default 2 led
=>
UBR linerate 0
Burst
(cells)
0
Minrate
(cps)
0
Frame
(cells)
0
Cdvt
0
RT disabled
RT disabled
FD disab
FD disab
E-DOC-CTC-20061027-0003 v2.0
61
ATM Commands
atm qosbook ctdadd
Add a Connection Traffic Descriptor (CTD).
SYNTAX:
atm qosbook ctdadd name = <string> conformance = <{UBR | CBR | VBR }>
[peakrate = <number{0-27786}>]
[sustrate = <number{0-27786}
[maxburst = <number{0-12240}>]
[realtime = <{enabled | disabled}>] where: name conformance peakrate sustrate maxburst realtime
The name of the new CTD.
The ATM service conformance definition.
A number between 0 and 27786.
Represents the peak rate (in kilobits per second).
The default is
0
(indicates linerate for UBR).
A number between 0 and 27786.
Represents the sustainable rate (in kilobits per second) (VBR only).
The default is
0
.
A number between 48 and 12240.
Represents the maximum burst size (in bytes) (VBR or GFR).
The default is
0
.
Enable or disable realtime traffic (VBR only).
The default is
disabled
.
REQUIRED
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
EXAMPLE:
=>atm qosbook ctdadd name=High conformance=CBR peakrate=27786
=>atm qosbook ctdlist
Name Ref Conf Peak Sust Burst Minrate Frame
(Kbits) (Kbits) (bytes) (Kbits) (bytes)
Cdvt default 2 led
High led
0
=>
UBR
CBR linerate 0
27786 0
0
0
0
0
0
0
0
0
RT disabled disabled
FD disab disab
E-DOC-CTC-20061027-0003 v2.0
62
ATM Commands
IMPORTANT NOTE:
The Thomson ST always rounds up specified burst sizes to a multiple of 48 bytes (a multiple of ATM cells).
Example:
In the example below a burst size of 100 bytes is specified (maxburst=100). The Thomson ST will round up the burst size to the closest matching multiple of 48 bytes, as can be seen when displaying the profile via the command
:atm qosbook ctdlist (burst=144).
=>atm qosbook ctdadd name=Medium conformance=VBR peakrate=27786 sustrate=20000 maxburst=100
=>atm qosbook ctdlist
Name Ref Conf Peak Sust Burst Minrate Frame
(Kbits) (Kbits) (bytes) (Kbits) (bytes)
Cdvt RT FD default 2
Medium
=>
0
UBR
VBR linerate 0
27786 20000
0
144
0
0
0
0
0
0 disabled disabled disabled disabled
RELATED COMMANDS:
Delete a CTD.
Display all CTDs.
E-DOC-CTC-20061027-0003 v2.0
63
ATM Commands
atm qosbook ctddelete
Delete a CTD.
SYNTAX:
atm qosbook ctddelete name = <string>
[force = <{disabled | enabled}>] where: name force
The name of the CTD entry to be deleted.
Enable or disable to force delete the entry even when it is still in use.
The default is
disabled
.
REQUIRED
OPTIONAL
EXAMPLE:
=>atm qosbook ctdlist
Name Ref Conf Peak Sust Burst Minrate Frame
(Kbits) (Kbits) (bytes) (Kbits) (bytes)
Cdvt default 2 led
High led
0
UBR
CBR linerate 0
27786 0
0
0
0
0
0
0
=>atm qosbook ctddelete name=High
=>atm qosbook ctdlist
Name Ref Conf Peak Sust Burst Minrate Frame
(Kbits) (Kbits) (bytes) (Kbits) (bytes)
0
0
Cdvt default 2 led
=>
UBR linerate 0 0 0 0 0
RT disabled disabled
RT disabled
FD disab disab
FD disab
RELATED COMMANDS:
Add a Connection Traffic Descriptor (CTD).
Display all CTDs.
E-DOC-CTC-20061027-0003 v2.0
64
ATM Commands
atm qosbook ctdlist
Display all CTDs.
SYNTAX:
atm qosbook ctdlist
EXAMPLE:
=>atm qosbook ctdlist
Name Ref Conf Peak Sust Burst Minrate Frame
(Kbits) (Kbits) (bytes) (Kbits) (bytes)
Cdvt default 2 led
High led
0
=>
UBR
CBR linerate 0
27786 0
0
0
0
0
0
0
0
0
RT disabled disabled
FD disab disab
RELATED COMMANDS:
Add a Connection Traffic Descriptor (CTD).
Delete a CTD.
E-DOC-CTC-20061027-0003 v2.0
65
ATM Commands
atm qosbook delete
Delete a QoS book entry.
SYNTAX:
atm qosbook delete where: name force name = <string>
[force = <{disabled | enabled}>]
The name of the QoS book entry to be deleted.
Enable or disable to force delete the entry even when it is still in use.
The default is
disabled
.
REQUIRED
OPTIONAL
EXAMPLE:
=>atm qosbook list
Name Ref Type default 3
TestVBR 0
TX peak sust burst RX peak sust burst
(Kbits) (Kbits) (bytes) (Kbits) (Kbits) (bytes) ubr linerate 0 vbr-nrt 1500 1000
0
144 linerate 0
1500 1000
0
144
=>atm qosbook delete name=TestVBR
=>atm qosbook list
Name Ref Type TX peak sust burst RX peak sust burst
(Kbits) (Kbits) (bytes) (Kbits) (Kbits) (bytes) default 3
=> ubr linerate 0 0 linerate 0 0 framediscard disabled enabled framediscard disabled
RELATED COMMANDS:
Add a new QoS book entry.
Display the QoS book.
E-DOC-CTC-20061027-0003 v2.0
66
ATM Commands
atm qosbook flush
Flush all the QoS book entries.
i
The flush command does not impact previously saved configurations.
SYNTAX:
atm qosbook flush
E-DOC-CTC-20061027-0003 v2.0
67
ATM Commands
atm qosbook list
Display the QoS book.
SYNTAX:
atm qosbook list
EXAMPLE:
=>atm qosbook list
Name default 3
TestVBR 0
=>
Ref Type TX peak sust burst RX peak sust burst
(Kbits) (Kbits) (bytes) (Kbits) (Kbits) (bytes) ubr linerate 0 vbr-nrt 1500 1000
0
144 linerate 0
1500 1000
0
144 framediscard disabled enabled
RELATED COMMANDS:
Add a new QoS book entry.
68
E-DOC-CTC-20061027-0003 v2.0
AutoPVC Commands
4 AutoPVC Commands
Introduction
This chapter describes the commands of the autopvc command group.
Contents
This chapter covers the following commands:
Show the retrieved information.
E-DOC-CTC-20061027-0003 v2.0
69
AutoPVC Commands
autopvc config
Configure autopvc.
SYNTAX:
autopvc config [mode = <{pseudo | passive | active}>]
[type = <{bridge | pppoerelay | ipoa | ethoa | pppoa | pppoe
}>]
[overwrite = <{disabled | enabled}>]
[peakrate = <number{0-27786}>] where: mode type overwrit e peakrate
Select the autopvc mode:
>
pseudo
: only pseudo-ILMI (VP/VC 15/16) is enabled. When the connection parameters are written to the MIB, this information is displayed on CLI or web interface but these parameters are not used for configuration.
>
passive
: both ILMI (VP/VC 0/16) and pseudo-ILMI (VP/VC 15/16) are enabled. When the connection parameters are written to the MIB, this information is displayed on CLI or web interface but these parameters are not used for configuration.
>
active
: both ILMI (VP/VC 0/16) and pseudo-ILMI (VP/VC 15/16) are enabled. When the connection parameters are written to the MIB, these parameters are used to configure phonebook entries, qosbook profiles and bind bridge or PPPoE interfaces on top.
The default is
passive
.
Select the type of autopvc.
Choose between:
>
bridge
>
pppoerelay
: an ETHoA interface will be created, will be bound to the
ILMI Permanent Virtual Channel (PVC) and will be added to the PPPoE relay as relay port.
>
ipoa
>
ethoa
>
pppoa
>
pppoe
.
Enable or disable UBR peak rate overwrite.
The default is
disabled
.
A number between 0 and 27786.
Represents the UBR peak rate (in kilobits per second).
The default is
0
(indicates the linerate).
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
70
AutoPVC Commands
EXAMPLE:
=>autopvc config
Autopvc mode : passive
Autopvc type :
Autopvc standard: unknown
Autopvc pseudo : unknown
UBR overwrite : disabled
UBR peak rate
=>
: linerate
E-DOC-CTC-20061027-0003 v2.0
71
AutoPVC Commands
autopvc list
Show the retrieved information.
SYNTAX:
autopvc list [table = <{Port | AtmLayer | Vpc | Vcc | Address
| AddressRegistrationAdmin | AtmServiceType
| AtmServiceConnectionInfo | AAL1Profile |
| AAL34Profile | AAL5Profile | AAL2CommonProfile
| AAL2TrunkingProfile | AAL2LESProfile
| AtmServiceConnInfoExtension |
| AtmServiceTypeExtension |
AAL5ProfileExtension}>] where: table OPTIONAL Select the autopvc table for which the information must be shown.
Choose between:
>
Port
>
AtmLayer
>
Vpc
>
Vcc
>
Address
>
AddressRegistrationAdmin
>
AtmServiceType
>
AtmServiceConnectionInfo
>
AAL1Profile
>
AAL34Profile
>
AAL5Profile
>
AAL2CommonProfile
>
AAL2TrunkingProfile
>
AAL2LESProfile
>
AtmServiceConnInfoExtension
>
AtmServiceTypeExtension
>
AAL5ProfileExtension.
EXAMPLE:
=>autopvc list
Address Type
8.35
ubr
=>
BestEff Par1
Enabled Tx: 451
Rx: 7923
Par2
0
0
Par3
0
0
Par4
0
0
Par5
0
0
E-DOC-CTC-20061027-0003 v2.0
72
Config Commands
5 Config Commands
Introduction
This chapter describes the commands of the config command group.
Contents
This chapter covers the following commands:
Delete a user configuration file.
Show the saved configuration file.
Flush the loaded configuration.
Show the current configuration set.
Load complete saved (backup) or default configuration file.
Store the current configuration in a backup file.
E-DOC-CTC-20061027-0003 v2.0
73
Config Commands
config delete
Delete a user configuration file.
SYNTAX:
config delete where: filename
[filename = <string>]
Name of the user configuration file to be deleted.
Note
If not specified, all the user configuration files that were saved in the Thomson ST permanent storage will be deleted.
OPTIONAL
RELATED COMMANDS:
config dump Show the saved configuration file.
74
E-DOC-CTC-20061027-0003 v2.0
Config Commands
config dump
Show the saved configuration file.
SYNTAX:
config dump where: sections
[sections = <string>]
Sections to be dumped
RELATED COMMANDS:
Delete a user configuration file.
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
75
Config Commands
config flush
Flush the loaded configuration.
i
1. This flush command combines all the possible flush commands.
2. This command does not affect saved configurations.
SYNTAX:
config flush where: flush_ip
[flush_ip = <{enabled | disabled}>]
Flush IP settings (enabled) or not (disabled).
The default is
enabled
.
Note
Not keeping the IP settings could cause lost IP connectivity in the
LAN.
OPTIONAL
76
E-DOC-CTC-20061027-0003 v2.0
Config Commands
config list
Show the current configuration set.
SYNTAX:
config list where: templates
[templates = <{disabled | enabled}>]
List the template files (disabled) or not (enabled).
The default is
disabled
.
RELATED COMMANDS:
Load complete saved (backup) or default configuration file.
Store the current configuration in a backup file.
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
77
Config Commands
config load
Load complete saved (backup) or default configuration file.
i
Use the command
:config flush before loading a configuration file.
SYNTAX:
config load [load_ip = <{enabled | disabled}>]
[defaults = <{enabled | disabled}>]
[flush = <{enabled | disabled}>]
[echo = <{disabled | enabled}>]
[filename = <string>] where: load_ip defaults flush echo filename
Load IP settings (enabled) or not (disabled).
Note
Not keeping the IP settings could cause lost IP connectivity in the
LAN.
Load default configuration (enabled) or saved configuration (disabled).
Note
If not specified, the saved configuration will be loaded.
Flush the current configuration before loading a new configuration
(enabled) or not (disabled).
Echo each command string when loaded (enabled) or not (disabled).
Name of the configuration file to be loaded.
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
78
E-DOC-CTC-20061027-0003 v2.0
Config Commands
EXAMPLE:
=>ip rtlist
Destination
10.0.0.0/24
172.16.0.5/32
10.0.0.140/32
127.0.0.1/32
172.16.0.0/24
Source
10.0.0.0/24
0.0.0.0/0
0.0.0.0/0
0.0.0.0/0
0.0.0.0/0
=>config load flush_ip=no
=>ip rtlist
Destination
10.0.0.0/24
10.0.0.140/32
Source
10.0.0.0/24
127.0.0.1/32
=>config load flush=yes
0.0.0.0/0
0.0.0.0/0
=>ip rtlist
Destination
10.0.0.0/24
10.0.0.140/32
172.16.0.5/32
127.0.0.1/32
172.16.0.0/24
Source
10.0.0.0/24
0.0.0.0/0
0.0.0.0/0
0.0.0.0/0
0.0.0.0/0
=>
Gateway
10.0.0.140
172.16.0.5
10.0.0.140
127.0.0.1
172.16.0.5
Gateway
10.0.0.140
10.0.0.140
127.0.0.1
Gateway
10.0.0.140
10.0.0.140
172.16.0.5
127.0.0.1
172.16.0.5
Intf eth0 cip1 eth0 loop cip1
Intf eth0 eth0 loop
Intf eth0 eth0 cip1 loop cip1
0
1
0
0
Mtrc
0
0
0
Mtrc
0
0
1
0
0
Mtrc
0
RELATED COMMANDS:
Show the current configuration set.
Store the current configuration in a backup file.
E-DOC-CTC-20061027-0003 v2.0
79
Config Commands
config save
Store the current configuration in a backup file.
All the existing configurations and modifications entered by the user are saved.
The backup file is saved in the Thomson ST permanent storage. This file can be downloaded via the Thomson
ST web pages or via an FTP session.
SYNTAX:
config save where: filename filename = <string>
The filename for the backup file of the current configuration.
REQUIRED
RELATED COMMANDS:
Show the current configuration set.
Load complete saved (backup) or default configuration file.
80
E-DOC-CTC-20061027-0003 v2.0
Connection Commands
6 Connection Commands
Introduction
This chapter describes the commands of the connection command group.
Contents
This chapter covers the following commands:
Configure the available CONN/NAT application helpers.
Display CONN/NAT application specific info.
List the available CONN/NAT application helpers.
Create a new CONN/NAT application helper/port binding.
List the current CONN/NAT application helper/port bindings.
Clean the connection database by forcing timeouts.
Kill all the connections.
Configure the connection handling.
Describe the streams of a connection.
Flush the current connection configuration.
Show all the registered modules with some info.
Display the currently known connections.
Invalidate all the cached decisions.
Display the connection and stream statistics.
Clear the connection timeout to default.
Configure the connection timeout handling.
Delete an existing CONN/NAT application helper/port binding.
E-DOC-CTC-20061027-0003 v2.0
81
Connection Commands
connection appconfig
Configure the available CONN/NAT application helpers.
SYNTAX:
connection appconfig application = <string>
[trace = <{disabled | enabled}>]
[timeout = <number{0-32000}>]
[floating = <{disabled | enabled}>]
[childqos = <{DSCP|Interactive|
Management|Video|VoIP|default}>]
[tracelevel = <number{1-4}>]
[SIP_ALG = <{disabled|enabled}>]
[RTP_predict_for_term_SIP_ALG =
<{disabled|enabled}>] where: application trace timeout floating childqos tracelevel
SIP_ALG
RTP_predict_for_term_SIP_ALG
The name of a CONN/NAT application helper.
Tip
Use the command
:connection applist to obtain a list of CONN/NAT application helpers.
Enable or disable CONN/NAT application helper traces.
The default is
enabled
.
A number between 0 and 32000 (seconds).
Represents the maximum timeout to keep predicted child connections around.
Enable / disabled floating port for IKE helper.
Used QOS label for the predicted child connections.
A number between 1 and 4.
Represents the SIP trace level.
Choose between:
>
1
: feature errors
>
2
: feature traces
>
3
: all errors
>
4
: all traces.
The default is
1
.
SIP only: enable/disable traditional sip alg behaviour
Enable/disable RTP connection prediction for terminated SIP
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
82
Connection Commands
EXAMPLE:
=>connection applist
Application
IP6TO4
PPTP
ESP
Proto DefaultPort Traces
6to4 tcp esp
0
1723
0 enabled enabled
Timeout unavailable unavailable unavailable 15' 0"
IKE
SIP udp udp
500
5060 disabled disabled
15' 0"
6 0"
...
LOOSE(UDP)
FTP udp tcp
0
21 enabled enabled
5' 0" unavailable
=>connection appconfig application=SIP trace=enabled
=>connection applist
Application
IP6TO4
PPTP
ESP
Proto DefaultPort Traces
6to4 tcp esp
0
1723
0 enabled enabled
Timeout unavailable unavailable unavailable 15' 0"
IKE
SIP
...
LOOSE(UDP)
FTP
=> udp udp udp tcp
500
5060
0
21 disabled enabled enabled enabled
15' 0"
6 0"
5' 0" unavailable
FLOATING trace level 1
FLOAATING trace level 1
RELATED COMMANDS:
Display CONN/NAT application specific info.
List the available CONN/NAT application helpers.
E-DOC-CTC-20061027-0003 v2.0
83
Connection Commands
connection appinfo
Display CONN/NAT application specific info.
SYNTAX:
connection appinfo where: application application = <{string}>
The name of a CONN/NAT application helper.
Tip
Use the command
:connection applist to obtain a list of CONN/NAT application helpers.
REQUIRED
EXAMPLE:
=>connection appinfo application=SIP
SIP ALG session SIPALG: pool=138, in use=0, bottom=138
=>
RELATED COMMANDS:
Configure the available CONN/NAT application helpers.
List the available CONN/NAT application helpers.
84
E-DOC-CTC-20061027-0003 v2.0
Connection Commands
connection applist
List the available CONN/NAT application helpers.
SYNTAX:
connection applist
EXAMPLE:
=>connection applist
Application
IP6TO4
PPTP
ESP
Proto DefaultPort Traces
6to4 tcp esp
0
1723
0 enabled enabled
Timeout unavailable unavailable unavailable 15' 0"
IKE
SIP udp udp
500
5060 disabled disabled
15' 0"
6 0"
JABBER
CU/SeeMe tcp udp
RAUDIO(PNA) tcp
RTSP tcp
ILS
H245 tcp tcp
5222
7648
7070
554
389
0 disabled enabled enabled enabled unavailable unavailable
2' 0" unavailable unavailable unavailable
5' 0"
5' 0"
H323
IRC
LOOSE(UDP)
FTP
=> tcp tcp udp tcp
1720
6667
0
21 enabled enabled enabled enabled unavailable
5' 0"
5' 0" unavailable
FLOATING trace level 1 i
For some CONN/NAT application helpers, either
traces
or
timeout
are unavailable.
RELATED COMMANDS:
Configure the available CONN/NAT application helpers.
Display CONN/NAT application specific info.
E-DOC-CTC-20061027-0003 v2.0
85
Connection Commands
connection bind
Create a new CONN/NAT application helper/port binding.
SYNTAX:
connection bind where: application application = <string> port = <port-range> port
The name of a CONN/NAT application helper.
Tip
Use the command
:connection applist to obtain a list of CONN/NAT application helpers.
The port number or port range this application handler should work on.
REQUIRED
REQUIRED
EXAMPLE:
=>connection bindlist
Application Proto Portrange
JABBER
JABBER tcp tcp
15222
5222
Flags
FTP
IRC tcp tcp
21
6660
...
IP6TO4 6to4 0
=>connection bind application = IRC port = 6750
=>connection bindlist
Application Proto Portrange
IRC
JABBER tcp tcp
6750
15222
JABBER
FTP
IRC
...
tcp tcp tcp
5222
21
6660
IP6TO4
=>
6to4 0
RELATED COMMANDS:
List the current CONN/NAT application helper/port bindings.
Delete an existing CONN/NAT application helper/port binding.
E-DOC-CTC-20061027-0003 v2.0
86
Connection Commands
connection bindlist
List the current CONN/NAT application helper/port bindings.
SYNTAX:
connection bindlist
EXAMPLE:
=>connection bindlist
Application Proto Portrange
LOOSE(UDP)
JABBER udp tcp
67
15222
JABBER
FTP
IRC
H323 tcp tcp tcp tcp
5222
21
6660-6669
1720
ILS
ILS tcp tcp
RTSP tcp
RAUDIO(PNA) tcp
CU/SeeMe udp
1002
389
554
7070
7648
SIP
IKE
ESP
PPTP
IP6TO4
=> udp udp esp
5060
500
0 tcp 1723
6to4 0
Flags
RELATED COMMANDS:
Create a new CONN/NAT application helper/port binding.
Delete an existing CONN/NAT application helper/port binding.
E-DOC-CTC-20061027-0003 v2.0
87
Connection Commands
connection clean
Clean the connection database by forcing timeouts.
SYNTAX:
connection clean where: level
[level = <number{0-9}>]
A number between 0 and 9.
Represents the desired scrubbing level.
OPTIONAL
EXAMPLE:
=>connection list
ID
--
8 proto state
----- ----tcp
INIT: 16
RESP: 17
ACTIVE substate
-------flags
----timeout
-------
[TCPS_ESTABLISHED-TCPS_ESTABLISHED] [......] 15' 7"
192.168.
1. 64: 1377 192.168.
1.254:
192.168.
1.254: 23 192.168.
23 [...] LocalNetwork
1. 64: 1377 [R..] loop
1390 tcp
951 tcp 0
34 tcp
INIT: 68
RESP: 69
ACTIVE [TCPS_CLOSE_WAIT-TCPS_FIN_WAIT_1] [I.....] 57' 16"
192.168.
1. 64: 1417 192.168.
1.254: 21 [...] LocalNetwork
192.168.
=>connection clean
1.254: 21 192.168.
1. 64: 1417 [R..] loop 10 tcp
11 tcp
0
=>connection list
ID
--
8
=> proto state
----- ----tcp ACTIVE
INIT: 16
RESP: 17 substate
-------flags
----timeout
-------
[TCPS_ESTABLISHED-TCPS_ESTABLISHED] [......] 14' 59"
192.168.
1. 64: 1377 192.168.
192.168.
1.254:
1.254: 23 [...] LocalNetwork
23 192.168.
1. 64: 1377 [R..] loop
1417 tcp
967 tcp 0
0
0
0
88
E-DOC-CTC-20061027-0003 v2.0
Connection Commands
connection clear
Kill all the connections.
SYNTAX:
connection clear
EXAMPLE:
=>connection clear
Connection to host lost.
E-DOC-CTC-20061027-0003 v2.0
89
Connection Commands
connection config
Configure the connection handling.
SYNTAX:
connection config [configchangemode = <{immediate | delayed}>]
[probes = <{disabled | enabled}>]
[udptrackmode = <{strict | loose}>] where: configchangemode probes udptrackmode
Select how configuration changes are handled.
Choose between:
>
immediate
>
delayed.
The default is
immediate
.
Enable or disable live probes on idle connections.
The default is
disabled
.
Select the User Datagram Protocol (UDP) connection tracking mode.
Choose between:
>
strict
: replies to a request from a client must be in a specific window to the client.
>
loose
: inbound packets are allowed on the port that was first used to start the communication with the server (for example to allow a client of an online game to obtain peer-to-peer information from other clients of that same online game).
The default is
strict
.
OPTIONAL
OPTIONAL
OPTIONAL
EXAMPLE:
=>connection config config change mode : immediate alive probes : disabled udp tracking mode : loose
=>
E-DOC-CTC-20061027-0003 v2.0
90
Connection Commands
connection debug
The connection debug commands
SYNTAX:
connection debug where: trace
[trace = <{disabled|enabled}>]
Enable or disable traces.
The default is
disabled
.
EXAMPLE:
=>connection debug connection traces : disabled
=>
=>connection debug trace enabled
=>
=>connection debug connection traces : enabled
=>
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
91
Connection Commands
connection describe
Describe the streams of a connection.
SYNTAX:
connection describe where: id
[id = <number{0-2048}>]
A number between 0 and 2048.
Represents the ID of the connection to be described.
Note
If not specified, the connection with ID 0 will be described.
Tip
Use the command
:connection list to obtain the IDs of the different connections.
OPTIONAL
EXAMPLE:
=>connection list
ID
--
62 proto state
----- ----tcp ACTIVE substate
-------flags
----timeout
-------
[TCPS_ESTABLISHED-TCPS_ESTABLISHED] [......] 15' 8"
INIT: 124 192.168.
1. 64: 1979 192.168.
1.254:
RESP: 125 192.168.
1.254: 23 192.168.
23 [...] LocalNetwork
1. 64: 1979 [R..] loop
548 tcp
396 tcp 0
=>connection describe id=62
ID
--
62 proto state
----- ----tcp ACTIVE substate
-------flags timeout
-----------
[TCPS_ESTABLISHED-TCPS_ESTABLISHED] [......] 14' 59"
FW
IDS
: cache = valid; FP
: ...
NAT
INIT: 124
ROUTING
: cache = valid; No translation
192.168.
1. 64: 1979 192.168.
1.254: 23 [...] LocalNetwork
: cache = valid; FP (gateway 127.0.0.1)
576 tcp
LABEL
IPQOS
TRIGGER
IPQOS
TRIGGER
=>
: cache = valid; FP (no route label); FP (QoS label Interactive)
: cache = valid; FP (label <no meter>, intf <no meter>)
: cache = valid; FP (no trigger)
RESP: 125
ROUTING
192.168.
1.254: 23 192.168.
1. 64: 1979 [R..]
: cache = valid; FP (gateway 192.168.1.254)
LABEL loop 412 tcp
: cache = valid; FP (no route label); FP (QoS label default)
: cache = valid; FP (label <no meter>, intf <no meter>)
: cache = valid; FP (no trigger)
0
0
0
E-DOC-CTC-20061027-0003 v2.0
92
Connection Commands
connection flush
Flush the current connection configuration.
SYNTAX:
connection flush
E-DOC-CTC-20061027-0003 v2.0
93
connection info
Show all the registered modules with some info.
SYNTAX:
connection info
EXAMPLE:
=>connection info
Registered connection modules :
- Module : FW, holds private data (F:10264 S:6592).
- Module : IDS, holds private data (F:0 S:0).
- Module : NAT, holds private data (F:0 S:0).
Registered stream modules :
- Module : ROUTING, holds private data (F:10199 S:6657).
- Module : LABEL, holds private data (F:22546 S:19870).
=>
- Module : IPQOS, holds private data (F:10202 S:6653).
- Module : TRIGGER, holds private data (F:10202 S:6659).
Connection Commands
94
E-DOC-CTC-20061027-0003 v2.0
Connection Commands
connection list
Display the currently known connections.
SYNTAX:
connection list where: nr
[nr = <number{1-2048}>][string = <string>]
[beginstring = <string>] string beginstring
A number between 1 and 2048.
Represents the number of connections to be displayed.
Note
If not specified, all the connections will be displayed.
string matching condition beginstring matching condition
OPTIONAL
OPTIONAL
OPTIIONAL
EXAMPLE:
=>connection list
ID
--
58 proto state
----- ----tcp
INIT: 116
ACTIVE substate
-------flags
----timeout
-------
[TCPS_ESTABLISHED-TCPS_ESTABLISHED] [......] 15' 7"
10.
0.
0.
1: 1106 10.
0.
0.138: 23 [.] eth0 331 tcp
10.
0.
0.138: 23 10.
0.
0.
1: 1106 [R] loop 229 tcp
=>
RESP: 117
0
0
E-DOC-CTC-20061027-0003 v2.0
95
connection refresh
Invalidate all the cached decisions.
SYNTAX:
connection refresh
Connection Commands
96
E-DOC-CTC-20061027-0003 v2.0
Connection Commands
connection stats
Display the connection and stream statistics.
SYNTAX:
connection stats
EXAMPLE:
=>connection stats
Connection statistics:
-------------------------------------------
Maximum number of connections : 1024
Maximum number of halfopen connections : 1024
-------------------------------------------
Number of active connections
Number of halfopen connections
: 3
: 0
Number of expected connections
Number of closing connections
: 0
: 0
Number of idle connections : 1
-------------------------------------------
Number of TCP connections : 2
Number of UDP connections
Number of ICMP connections
Number of non TCP/UDP/ICMP connections
: 1
: 0
: 0
-------------------------------------------
Number of TCP open connections : 0
Number of TCP established connections : 1
Number of TCP closing connections : 1
Stream cache statistics:
-------------------------------------------
Maximum number of hash collisions : 0
% of hash entries with collisions : 0.00
% of hash entries unused : 0.00
CONN/NAT application helper statistics:
-------------------------------------------
Maximum number of helper bindings : 24
Maximum number of connections with helper : 128
-------------------------------------------
Number of helper bindings : 16
Number of connections with active helper : 0
=>
E-DOC-CTC-20061027-0003 v2.0
97
Connection Commands
connection timerclear
Clear the connection timeout to default.
SYNTAX:
connection timerclear [timer = <{tcpidle|tcpneg|tcpkill|udpidle|udpkill| icmpkill|ipidle|ipkill}>] where: timer The name of the connection idle timer to be reset.
Note
If not specified, all the timers will be reset to their default values.
REQUIRED
EXAMPLE:
=>connection timerconfig tcpidle : 10' 30" tcpneg udp
: 3' 0"
: 1' 19" icmp ip
: 2' 0"
: 1' 0"
=>connection timerclear
=>connection timerconfig tcpidle tcpneg udp icmp ip
=>
: 15' 0"
: 2' 0"
: 1' 0"
: 1' 0"
: 1' 0"
RELATED COMMANDS:
Configure the connection timeout handling.
E-DOC-CTC-20061027-0003 v2.0
98
Connection Commands
connection timerconfig
Configure the connection timeout handling.
SYNTAX:
connection timerconfig [timer =
<{tcpidle|tcpneg|tcpkill|udpidle|udpkill| icmpkill|ipidle|ipkill}>]
[value = <number{0-86400}>] where: timer OPTIONAL value
The name of the connection idle timer to be configured.
Choose between:
>
tcpidle
>
tcpneg
>
tcpkill
>
udpidle
>
udpkill
>
icmpkill
>
ipidle
>
ipkill
A number between 0 and 86400 (seconds).
Represents the timer expire value.
OPTIONAL
EXAMPLE:
=>connection timerconfig tcpidle : 15' 0" tcpneg udp
: 2' 0"
: 1' 0" icmp ip
: 1' 0"
: 1' 0"
=>connection timerconfig timer=tcpidle value=360
=>connection timerconfig tcpidle tcpneg udp icmp ip
=>
: 6' 0"
: 2' 0"
: 1' 0"
: 1' 0"
: 1' 0"
RELATED COMMANDS:
connection timerclear Clear the connection timeout to default.
E-DOC-CTC-20061027-0003 v2.0
99
Connection Commands
connection unbind
Delete an existing CONN/NAT application helper/port binding.
SYNTAX:
connection unbind where: application application = <string> port = <port-range> port
The name of a CONN/NAT application helper.
Tip
Use the command
:connection applist to obtain a list of CONN/NAT application helpers.
The port number or port range this application handler should work on.
REQUIRED
REQUIRED
EXAMPLE:
=>connection bindlist
Application Proto Portrange
IRC
JABBER tcp tcp
6750
15222
JABBER
FTP
IRC
...
tcp tcp tcp
5222
21
6660
IP6TO4 6to4 0
=>connection unbind application=IRC port=6750
=>connection bindlist
Application Proto Portrange
JABBER
JABBER
FTP
IRC tcp tcp tcp tcp
15222
5222
21
6660
...
IP6TO4
=>
6to4 0
RELATED COMMANDS:
Create a new CONN/NAT application helper/port binding.
List the current CONN/NAT application helper/port bindings.
E-DOC-CTC-20061027-0003 v2.0
100
CWMP Commands
7 CWMP Commands
Introduction
This chapter describes the commands of the cwmp (CPE WAN Management Protocol) command group.
Contents
This chapter covers the following commands:
Configure the cwmpd as seen from the ACS.
Configure the cwmpd towards the ACS.
E-DOC-CTC-20061027-0003 v2.0
101
CWMP Commands
cwmp config
Configure the cwmpd as seen from the ACS.
SYNTAX:
cwmp config [state = <{disabled|enabled}>]
[mode = <{readonly|full}>]
[periodicInform = <{disabled|enabled}>]
[periodicInfInt = <number>]
[sessionTimeout = <number>]
[noIpTimeout = <number>]
[maxEnvelopes = <number>]
[connectionRequest = <{disabled|enabled}>]
[connectionReqPath = <string>]
[connectionReqUserName = <string>]
[connectionReqPsswd = <string>]
[connectionReqAuth = <{none|basic|digest}>] where: state mode periodicInform periodicInfInt sessionTimeout noIpTimeout maxEnvelopes
The state of the cwmp daemon.
Choose between:
>
enabled
>
disabled.
The default is
disabled
.
Set the operation mode of the cwmp daemon.
Choose between:
>
readonly
>
full.
The default is
readonly
.
Set the periodicInform flag of the cwmp daemon.
Choose between:
>
enabled
>
disabled.
The default is
enabled
.
A number (of seconds).
Represents the interval between two periodicInform messages.
The default is
3600
.
Set HTTP session-timeout in seconds.
The default is
60
.
Set time (in seconds) ip may be 0 after uploading new config file.
The default is
10
.
Set the maximum number of SOAP envelopes sent within one HTTP message.
The default is
2
.
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
102
CWMP Commands connectionRequest connectionReqPath connectionReqUserName connectionReqPsswd connectionReqAuth
Set the connection request flag of the cwmp daemon.
Choose between:
>
enabled
>
disabled.
The default is
enabled
.
Set the path where the cwmp daemon can be reached.
Set the username the ACS must use to log in.
Set the password the ACS must use to log in.
Set the digest authentication flag of the cwmp daemon.
Choose between:
>
enabled
>
disabled.
The default is
enabled
.
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
EXAMPLE:
=>cwmp config
State
Mode
Max Envelopes
Session Timeout
No Ip Timeout
Connection Request Port
Periodic Inform
Periodic Inform Interval
Connection Request
Connection Request UserName
Connection Request PassWord
Connection Request Path
: disabled
: readonly
: 2
: 60
: 10
: 80
: enabled
: 20000 ms
: enabled
:
:
:
Connection Request Authentication : enabled
Qos class
Boot delay range between 0 and
=>
: 12
: 0s
E-DOC-CTC-20061027-0003 v2.0
103
cwmp server config
Configure the cwmpd towards the ACS.
SYNTAX:
cwmp server config [url = <string>]
[username = <string>]
[password = <string>] where: url username password
Set the HTTP URL used to contact the ACS server.
Set the username for ACS Digest Authentication.
Set the password for ACS Digest Authentication.
EXAMPLE:
=>cwmp server config
ACS url : 10.11.10.248
ACS username
ACS password
=>
:
:
CWMP Commands
OPTIONAL
OPTIONAL
OPTIONAL
104
E-DOC-CTC-20061027-0003 v2.0
Debug Commands
8 Debug Commands
Introduction
This chapter describes the commands of the debug command group.
Contents
This chapter covers the following commands:
debug exec Execute a 'Trace & Debug' command.
E-DOC-CTC-20061027-0003 v2.0
105
debug exec
Execute a 'Trace & Debug' command.
!
This command is for qualified personnel only.
SYNTAX:
debug exec where: cmd cmd = <quoted string>
A quoted 'Trace & Debug' command string.
Debug Commands
REQUIRED
106
E-DOC-CTC-20061027-0003 v2.0
DHCP Commands
9 DHCP Commands
Introduction
This chapter describes the commands of the Dynamic Host Configuration Protocol (DHCP) command group.
Contents
This chapter covers the following commands:
dhcp client rqoptions optionlist
dhcp client txoptions optionlist
Delete all the DHCP leases.
De-activate a DHCP client and releases its lease.
List all the DHCP leases attached to dynamic interfaces.
Clear the DHCP client statistics.
Print the DHCP client statistics.
Modify the DHCP client trace configuration.
Add a DHCP Option Code to the Parameter Request List.
Delete a DHCP Option Code from the Parameter Request
List all DHCP Option Codes in the Parameter Request List.
List all DHCP Option Codes that can be used in the
Lists all DHCP Option Codes that can be used.
Add an entry to the DHCP forward list.
Show the DHCP relay statistics.
Modify the DHCP relay trace configuration.
Set the DHCP relay configuration settings.
Delete an entry from the DHCP forward list.
Flush the DHCP relay settings.
Configure a DHCP relay interface.
Show the configuration of the relay interfaces.
Modify an entry from the DHCP forward list.
Add a selection rule to a DHCP forward entry.
E-DOC-CTC-20061027-0003 v2.0
107
108
DHCP Commands
Delete a selection rule from a DHCP forward entry.
Add a rule for DHCP conditional selection.
Modify DHCP rule trace configuration.
Print the DHCP server configuration settings.
Flush all DHCP server pool and lease entries.
Print the DHCP server policy settings.
Clear the DHCP server statistics.
Show the DHCP server statistics.
Modify the DHCP server trace configuration.
Flush all the DHCP server leases.
List all the DHCP server leases.
Flush all DHCP server option templates and instances.
Add a DHCP server option instance.
Delete a DHCP server option instance.
List all the DHCP server option instances.
Add a DHCP server option template.
Delete a DHCP server option template.
List all the DHCP server option templates.
Add an option instance to the DHCP server pool.
Delete an option instance from the DHCP server pool.
Add a route to the DHCP server pool.
Delete a route from the DHCP server pool.
Add a selection rule to the DHCP server pool.
Delete a selection rule from the DHCP server pool.
143
E-DOC-CTC-20061027-0003 v2.0
DHCP Commands
dhcp client flush
Delete all the DHCP leases.
i
The flush command does not impact previously saved configurations.
SYNTAX:
dhcp client flush
E-DOC-CTC-20061027-0003 v2.0
109
DHCP Commands
dhcp client ifadd
Create a DHCP client.
SYNTAX:
dhcp client ifadd where: intf defrqoptions intf = <string>
[defrqoptions = <{disabled|enabled}>]
The name of the dynamic interface for which a DHCP lease must be created.
Enable/Disable the creation of the default Parameter Request
List.
REQUIRED
OPTIONAL
EXAMPLE:
=>dhcp client iflist
No dynamic interfaces defined.
=>dhcp client ifadd intf=myPPP_ppp
[dhcp client]=>iflist
DHCP Client Info :
Interface : myPPP_ppp
DHCP Client State : [INIT]
HW address
Client ID
:
:
00:0e:50:91:26:5a
IP Address p-t-p IP
Default Gateway
: 0.0.0.0
: 0.0.0.0
:
Number of leases: 1
Total size of table: 68, in use: 1, free: 98 %=>
RELATED COMMANDS:
List all the DHCP leases attached to dynamic interfaces.
E-DOC-CTC-20061027-0003 v2.0
110
DHCP Commands
dhcp client ifattach
Activate a DHCP client.
SYNTAX:
dhcp client ifattach where: intf intf = <string>
The name of the dynamic interface for which a DHCP client was created.
REQUIRED
EXAMPLE:
=>dhcp client iflist myPPP_ppp : [INIT] flags = bc dns rt
IP address : 0.0.0.0
HW address [SpeedTouch] : 00
DHCP server: 255.255.255.255
metric : rt = 1, DNS = 1
Number of leases: 1
Total size of table: 36, in use: 1, free: 97 %
=>dhcp client ifattach intf=myPPP_ppp
=>dhcp client iflist myPPP_ppp : [SELECTING] flags = bc dns rt
IP address : 0.0.0.0
HW address [SpeedTouch] : 00
DHCP server: 255.255.255.255
metric : rt = 1, DNS = 1 trying to get a lease for 1 sec transmission of DISCOVER in 0 sec retransmission timeout: 4 nbr of retransmissions: 2
Number of leases: 1
Total size of table: 36, in use: 1, free: 97 %
=>
RELATED COMMANDS:
De-activate a DHCP client and releases its lease.
E-DOC-CTC-20061027-0003 v2.0
111
DHCP Commands
dhcp client ifconfig
Configure a DHCP client.
i
Use the command
:dhcp client ifrelease before configuring the dhcp client.
SYNTAX:
dhcp client ifconfig intf = <string>
[label = <label name>]
[metric = <number{0-255}>]
[dnsmetric = <number{0-100}>]
[broadcast = <{disabled|enabled}>]
[serverroute = <disabled|enabled>] where: intf label metric dnsmetric broadcast serverroute
The name of the dynamic interface to be configured.
Label for default gateway and static routes.
A number between 0 and 255.
Represents the route metric for default gateway and static routes.
The default is
1
.
A number between 0 and 100.
Represents the DNS route metric.
The default is
1
.
Operate client in unicast/broadcast mode.
The default is
enabled
.
Insert a route for the DHCP server IP.
The default is
enabled
.
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
RELATED COMMANDS
E-DOC-CTC-20061027-0003 v2.0
112
DHCP Commands
dhcp client ifdelete
Delete a DHCP client.
SYNTAX:
dhcp client ifdelete where: intf intf = <string>
The name of the dynamic interface for which the DHCP lease must be deleted.
REQUIRED
EXAMPLE:
=>dhcp client iflist myPPP_ppp : [INIT] flags = bc dns rt
IP address : 10.0.0.1
HW address [SpeedTouch] : 00:90:d0:01:47:f1
DHCP server: 10.10.1.1
hostname : myHostName client identifier : [00] myClientID user class identifier : myUserID metric : rt = 1, DNS = 1
Number of leases: 1
Total size of table: 36, in use: 1, free: 97 %
=>dhcp client ifdelete intf=myPPP_ppp
=>dhcp client iflist
No dynamic interfaces defined.
=>
RELATED COMMANDS:
List all the DHCP leases attached to dynamic interfaces.
E-DOC-CTC-20061027-0003 v2.0
113
DHCP Commands
dhcp client ifdetach
De-activate a DHCP client and releases its lease.
SYNTAX:
ifdetach where: intf intf = <string>
The name of the dynamic interface.
RELATED COMMANDS:
List all the DHCP leases attached to dynamic interfaces.
REQUIRED
114
E-DOC-CTC-20061027-0003 v2.0
DHCP Commands
dhcp client iflist
List all the DHCP leases attached to dynamic interfaces.
SYNTAX:
dhcp client iflist where: intf expand
[intf = <string>]
[expand = <{disabled|enabled}>]
The name of the dynamic interface.
Expand enabled/disabled.
OPTIONAL
OPTIONAL
EXAMPLE:
=>dhcp client iflist myPPP_ppp : [INIT] flags = bc dns rt
IP address : 10.0.0.1
HW address [SpeedTouch] : 00:90:d0:01:47:f1
DHCP server: 10.10.1.1
hostname : myHostName client identifier : [00] myClientID user class identifier : myUserID metric : rt = 1, DNS = 1
Number of leases: 1
Total size of table: 36, in use: 1, free: 97 %
=>
EXAMPLE INPUT/OUTPUT IN A NETWORKED ENVIRONMENT:
The Thomson ST is configured as DHCP client disabled its Ethernet interface eth0.
=>dhcp client iflist myPPP_ppp : [INIT] flags = bc dns rt
IP address : 10.0.0.1
HW address [SpeedTouch] : 00:90:d0:01:47:f1
DHCP server: 10.10.1.1
hostname : myHostName client identifier : [00] myClientID user class identifier : myUserID metric : rt = 1, DNS = 1 lease renewal in lease rebinding in
5
8 days, 1 h, 26 min, 45 sec days, 20 h, 34 min, 15 sec lease expires in
Number of leases: 1
10 days, 2
Total size of table: 36, in use: 1, free: 97 %
=> h, 56 min, 45 sec
E-DOC-CTC-20061027-0003 v2.0
115
RELATED COMMANDS:
DHCP Commands
116
E-DOC-CTC-20061027-0003 v2.0
DHCP Commands
dhcp client ifrenew
Renew the DHCP lease.
SYNTAX:
dhcp client ifrenew where: intf intf = <string>
The name of the dynamic interface for which the DHCP lease must be renewed.
REQUIRED
EXAMPLE 1:
=>dhcp client iflist
NewETHoA : [BOUND] flags= uc
IP address
HW address
DHCP server hostname
: 10.0.0.10
: 00:90:d0:01:47:f1
: 255.255.255.255
: NewLease req.leasetime = 10800 s lease renewal in lease rebinding in lease expires in
5
8 days, 58 min, 48 sec days, 20 h, 6
10 days, 2 min, 18 sec h, 28 min, 48 sec
Number of leases: 1
Total size of table: 19, in use: 1,
=>dhcp client ifrenew intf=NewETHoA
=>dhcp client iflist
NewETHoA : [SELECTING] flags= uc free: 94 %
IP address
HW address
DHCP server
: 10.0.0.10
: 00:90:d0:01:47:de
: 255.255.255.255
hostname req.leasetime
:
=
NewLease
10800 s trying to get a lease for 12 sec transmission of DISCOVER in 24 sec retransmission timeout: 64 nbr of retransmissions: 11
Number of leases: 1
Total size of table: 19, in use: 1, free: 94 %
=>
E-DOC-CTC-20061027-0003 v2.0
117
EXAMPLE 2:
The Thomson ST is configured as DHCP client disabled its Ethernet interface eth0.
=>dhcp client stats
DHCP client statistics:
Corrupted packet recv
OFFERs
ACKs
NAKs
RELEASEs recv recv recv
Pure BOOTP REPLIES
Other message types
DISCOVERs sent
REQUESTs sent
DECLINEs sent sent
:
:
:
:
:
:
:
:
:
:
INFORMs sent :
Number of dynamic interfaces: 1
Memory usage:
Table size of dyn leases: 18,
=>dhcp client ifrenew intf=eth0
=>dhcp client stats
0
1
0 in use: 1,
0
0
0
0
0
0
0
0
DHCP client statistics:
Corrupted packet recv
OFFERs
ACKs recv recv
NAKs recv
Pure BOOTP REPLIES
Other message types
DISCOVERs sent
:
:
:
:
:
:
:
0
0
1
1
0
0
1
REQUESTs sent
DECLINEs sent
RELEASEs sent
Table size of dyn leases: 18,
=>(CTRL + Q)
..................
:
:
:
INFORMs sent :
Number of dynamic interfaces: 1
Memory usage: in use: 1,
1
0
1
0
STATE IDLE !
STATE ACTIVATE !
dhcc: intf 1 renews lease 10.0.0.3.
dhcc: intf 1 requests 10.0.0.3 from 10.10.1.1
dhcc: 10.10.1.1 acks 10.0.0.3 to intf 1.
dhcc: lease 10.0.0.3 bound to intf 1.
STATE IDLE !
STATE ACTIVATE !
...........
=>(CTRL + S) free: 94 % free: 94 %
RELATED COMMANDS:
dhcp client ifattach Activate a DHCP client.
DHCP Commands
E-DOC-CTC-20061027-0003 v2.0
118
DHCP Commands
dhcp client debug clear
Clear the DHCP client statistics.
SYNTAX:
dhcp client debug clear
EXAMPLE:
=>dhcp client debug stats
DHCP client statistics:
Corrupted packet recv
OFFERs recv
: 0
: 0
ACKs
NAKs recv recv
Pure BOOTP REPLIES
Other message types
:
:
:
:
0
0
0
0
DISCOVERs sent
REQUESTs sent
DECLINEs sent
RELEASEs sent
INFORMs sent
: 253
: 9
: 0
: 0
: 0
Number of dynamic interfaces: 1
Memory usage:
Table size of dyn leases: 19, in use: 1, free: 94 %
=>dhcp client debug clear
=>dhcp client debug stats
DHCP client statistics:
Corrupted packet recv
OFFERs recv
ACKs recv
NAKs recv
Pure BOOTP REPLIES
Other message types
DISCOVERs sent
REQUESTs sent
:
:
:
0
0
0
: 0
: 0
: 0
: 0
: 0
DECLINEs sent
RELEASEs sent
INFORMs sent
: 0
: 0
: 0
Number of dynamic interfaces: 1
Memory usage:
Table size of dyn leases: 19, in use: 1, free: 94 %
=>
RELATED COMMANDS:
Print the DHCP client statistics.
E-DOC-CTC-20061027-0003 v2.0
119
dhcp client debug stats
Print the DHCP client statistics.
SYNTAX:
dhcp client debug stats
EXAMPLE:
=>dhcp client debug stats
DHCP client statistics:
Corrupted packet recv
OFFERs recv
:
:
ACKs
NAKs recv recv
Pure BOOTP REPLIES
Other message types
:
:
:
:
DISCOVERs sent
REQUESTs sent
DECLINEs sent
RELEASEs sent
INFORMs sent
:
:
:
:
:
Number of dynamic interfaces: 1
Memory usage:
Table size of dyn leases: 19, in use: 1,
=>
0
1
0
1
0
0
1
0
0
244
9 free: 94 %
RELATED COMMANDS:
Clear the DHCP client statistics.
DHCP Commands
120
E-DOC-CTC-20061027-0003 v2.0
DHCP Commands
dhcp client debug traceconfig
Modify the DHCP client trace configuration.
SYNTAX:
dhcp client debug traceconfig where: state
[state = <{disabled | enabled}>]
Enable or disable tracing.
The default is
disabled
.
OPTIONAL
EXAMPLE:
=>dhcp client debug traceconfig tracing: disabled
=>dhcp client debug traceconfig trace=enabled
=>dhcp client debug traceconfig tracing: enabled
=>
E-DOC-CTC-20061027-0003 v2.0
121
DHCP Commands
dhcp client rqoptions add
Add a DHCP Option Code to the Parameter Request List.
SYNTAX:
dhcp client rqoptions add intf = <string> option = <string or number>
[index = <number{0-255}>] where: intf option index
The name of the dynamic interface.
The name or number of the option.
The index of the option.
REQUIRED
OPTIONAL
OPTIONAL
RELATED COMMANDS:
dhcp client rqoptions optionlist
List all the DHCP leases attached to dynamic interfaces.
List all DHCP Option Codes that can be used in the Parameter Request List.
122
E-DOC-CTC-20061027-0003 v2.0
DHCP Commands
dhcp client rqoptions delete
Delete a DHCP Option Code from the Parameter Request List.
SYNTAX:
dhcp client rqoptions delete intf = <string> option = <string or number> where: intf option
The name of the dynamic interface.
The name or number of the option.
RELATED COMMANDS:
List all DHCP Option Codes in the Parameter Request List.
REQUIRED
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
123
DHCP Commands
dhcp client rqoptions list
List all DHCP Option Codes in the Parameter Request List.
SYNTAX:
dhcp client rqoptions list where: intf
[intf = <string>]
The name of the dynamic interface.
RELATED COMMANDS:
Delete a DHCP Option Code from the Parameter Request List.
OPTIONAL
124
E-DOC-CTC-20061027-0003 v2.0
DHCP Commands
dhcp client rqoptions optionlist
List all DHCP Option Codes that can be used in the Parameter Request List.
SYNTAX:
dhcp client rqoptions optionlist
RELATED COMMANDS:
Add a DHCP Option Code to the Parameter Request List.
List all DHCP Option Codes in the Parameter Request List.
E-DOC-CTC-20061027-0003 v2.0
125
DHCP Commands
dhcp client txoptions add
Add an option.
SYNTAX:
dhcp client txoptions add intf = <string> option = <string or number> value = <Value : (type)value; type being 8bit,
16-bit, 32-bit, addr, ascii, byte_array, clientid>
[index = <number{0-255}>] where: intf option value index
The name of the dynamic interface.
The name or number of the option.
The value of the option.
The index of the option.
EXAMPLE:
=>:dhcp client txoptions add intf=wan1 option=ien116-name-servers value=(8-bit)5
RELATED COMMANDS:
dhcp client txoptions optionlist
List all the DHCP leases attached to dynamic interfaces.
Lists all DHCP Option Codes that can be used.
REQUIRED
REQUIRED
REQUIRED
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
126
DHCP Commands
dhcp client txoptions delete
Delete an option.
SYNTAX:
dhcp client txoptions delete intf = <string> option = <string or number> where: intf option
The name of the dynamic interface.
The name or number of the option.
RELATED COMMANDS:
dhcp client txoptions list List all options.
REQUIRED
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
127
dhcp client txoptions list
List all options.
SYNTAX:
dhcp client txoptions list
RELATED COMMANDS:
DHCP Commands
128
E-DOC-CTC-20061027-0003 v2.0
DHCP Commands
dhcp client txoptions optionlist
Lists all DHCP Option Codes that can be used.
SYNTAX:
dhcp client txoptions optionlist
RELATED COMMANDS:
E-DOC-CTC-20061027-0003 v2.0
129
dhcp relay add
Add an entry to the DHCP forward list.
SYNTAX:
dhcp relay add where: name name = <string>
The forward entry name.
RELATED COMMANDS:
Delete an entry from the DHCP forward list.
Modify an entry from the DHCP forward list.
DHCP Commands
REQUIRED
130
E-DOC-CTC-20061027-0003 v2.0
DHCP Commands
dhcp relay debug stats
Show the DHCP relay statistics.
SYNTAX:
dhcp relay debug stats
EXAMPLE:
=>dhcp relay debug stats
DHCP relay statistics
-------------------------
Client packet relayed :
Server packet relayed
Bogus relay agent
Bogus giaddr recv
Corrupt agent option
:
:
:
:
Missing agent option
Bad circuit id
Missing circuit id
=>
:
:
:
RELATED COMMANDS:
0
0
0
0
64
0
0
0
Modify the DHCP relay trace configuration.
E-DOC-CTC-20061027-0003 v2.0
131
DHCP Commands
dhcp relay debug traceconfig
Modify the DHCP relay trace configuration.
SYNTAX:
dhcp relay debug traceconfig where: state
[state = <{disabled | enabled}>]
Enable or disable tracing.
The default is
disabled
.
OPTIONAL
EXAMPLE:
=>dhcp relay debug traceconfig
Tracing: disabled
=>
RELATED COMMANDS:
Show the DHCP relay statistics.
132
E-DOC-CTC-20061027-0003 v2.0
DHCP Commands
dhcp relay config
Set the DHCP relay configuration settings.
SYNTAX:
dhcp relay config where: agentinfo agentmismatch
[agentinfo = <{disabled | enabled}>]
[agentmismatch = <{disabled | enabled}>]
Set the relay agent info status (RFC3046) enabled or disabled.
The default is
disabled
.
Forward/drop DHCP reply packet when a relay agent info mismatch is detected (RFC3046) (enabled) or not (disabled).
The default is
disabled
.
OPTIONAL
OPTIONAL
EXAMPLE:
=>dhcp relay config
Agent info status : disabled
Drop agent info mismatch status : disabled
=>dhcp relay config agentinfo=enabled
=>dhcp relay config
Agent info status : enabled
Drop agent info mismatch status : disabled
=>
E-DOC-CTC-20061027-0003 v2.0
133
dhcp relay delete
Delete an entry from the DHCP forward list.
SYNTAX:
dhcp relay delete where: name name = <string>
The forward entry name.
EXAMPLE:
=>dhcp relay delete name = lan1_to_127.0.0.1
:dhcp relay delete name=lan1_to_127.0.0.1
=>
RELATED COMMANDS:
Add an entry to the DHCP forward list.
Modify an entry from the DHCP forward list.
DHCP Commands
REQUIRED
134
E-DOC-CTC-20061027-0003 v2.0
DHCP Commands
dhcp relay flush
Flush the DHCP relay settings.
i
The flush command does not impact previously saved configurations.
SYNTAX:
dhcp relay flush
EXAMPLE:
=>dhcp relay list
DHCP server Interface giaddr
-------------------------------------------------------
127.0.0.1
=>dhcp relay flush eth0 192.168.1.254
=>dhcp relay list
No dynamic interfaces defined.
=>
E-DOC-CTC-20061027-0003 v2.0
135
DHCP Commands
dhcp relay ifconfig
Configure a DHCP relay interface.
SYNTAX:
dhcp relay ifconfig where: intf relay maxhops remoteid trusted intf = <string>
[relay = <{disabled | enabled}>]
[maxhops = <number{0-16}>]
[remoteid = <password>]
[trusted = <{disabled | enabled}>]
The name of the dynamic interface to be configured.
Set the relay status to enabled or disabled.
The default is
disabled
.
A number between 0 and 16.
Represents the maximum number of hops allowed in the
DHCP packet.
The default is
4
.
Set the remote ID as specified in RFC3046.
Drop/forward DHCP request packet when the DHCP Relay
Agent Option is enabled (with the command
:dhcp relay config agentinfo=enabled) and the giaddr field is 0
(RFC3046)) (enabled) or not (disabled).
The default is
disabled
.
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
136
E-DOC-CTC-20061027-0003 v2.0
DHCP Commands
EXAMPLE:
=>dhcp relay iflist eth0 : admin state = up max hops = 4 trusted = disabled oper state = up remote id =
Internet_trigger : admin state = down max hops = 4 trusted = disabled
Internet : admin state = down max hops = 4 trusted = disabled oper state = down remote id = oper state = down remote id =
=>dhcp relay ifconfig intf=Internet_trigger relay=enabled trusted=enabled
=>dhcp relay iflist eth0 : admin state = up oper state = up max hops = 4 trusted = disabled remote id =
Internet_trigger : admin state = up max hops = 4 trusted = enabled oper state = up remote id =
Internet : admin state = down max hops = 4 trusted = disabled
=> oper state = down remote id =
E-DOC-CTC-20061027-0003 v2.0
137
DHCP Commands
dhcp relay iflist
Show the configuration of the relay interfaces.
SYNTAX:
dhcp relay iflist where: intf
[intf = <string>]
The name of the dynamic interface to be listed.
Note
If not specified, all the relay interfaces will be shown.
OPTIONAL
EXAMPLE:
=>dhcp relay iflist eth0 : admin state = up max hops = 4 trusted = disabled oper state = up remote id =
Internet_trigger : admin state = up max hops = 4 trusted = enabled
Internet : admin state = down max hops = 4 trusted = disabled
=> oper state = up remote id = oper state = down remote id =
138
E-DOC-CTC-20061027-0003 v2.0
DHCP Commands
dhcp relay list
List the DHCP forward list.
SYNTAX:
dhcp relay list where: name
[name = <string>]
The forward entry name.
EXAMPLE:
=>dhcp relay list
DHCP server Interface giaddr
------------------------------------------------------eth0 10.0.0.138
=>
127.0.0.1
RELATED COMMANDS:
Add an entry to the DHCP forward list.
Delete an entry from the DHCP forward list.
Modify an entry from the DHCP forward list.
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
139
DHCP Commands
dhcp relay modify
Modify an entry from the DHCP forward list.
SYNTAX:
dhcp relay modify name = <string>
[addr = <ip-address>]
[intf = <{None | guest1 | dmz1 | wan1 | lan1 | Internet}>]
[giaddr = <ip-address>]
[script = <>] where: name addr intf giaddr script
The forward entry name.
The DHCP server IP address.
The name of the relay interface, ‘None’ to indicate no interface is specified.
The standard is
None
.
The giaddr field to be used in relayed DHCP packets.
Script to be run when the forward entry is hit.
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
RELATED COMMANDS:
Add an entry to the DHCP forward list.
Delete an entry from the DHCP forward list.
140
E-DOC-CTC-20061027-0003 v2.0
DHCP Commands
dhcp relay ruleadd
Add a selection rule to a DHCP forward entry.
SYNTAX:
dhcp relay ruleadd name = <string>
[key = <{or | and}>] rulename = <string> where: name key rulename
The name of the forward entry.
The logical key of the selection rule.
The default is
or
.
The name of the DHCP selection rule.
RELATED COMMANDS:
dhcp relay ruledelete Delete a selection rule from a DHCP forward entry.
REQUIRED
OPTIONAL
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
141
dhcp relay ruledelete
Delete a selection rule from a DHCP forward entry.
SYNTAX:
dhcp relay ruledelete where: name rulename name = <string> rulename = <string>
The name of the forward entry.
The name of the DHCP selection rule.
RELATED COMMANDS:
dhcp relay ruleadd Add a selection rule to a DHCP forward entry.
DHCP Commands
REQUIRED
REQUIRED
142
E-DOC-CTC-20061027-0003 v2.0
DHCP Commands
dhcp rule add
Add a rule for DHCP conditional selection.
SYNTAX:
dhcp rule add name = <string> type = <{vci | uci | mac}> vci [!]= <quoted string> uci [!]= <quoted string>
[match = <{exactly|as_substring}>] mac [!]= <hardware-address with wildcard
| ex: '00:9f:aa:*:*:*'> i
If a value is preceded by a “!”, it means NOT.
For example “mac=!00:9f:aa:bb:cc:dd” means “for MAC address different from 00:9f:aa:bb:cc:dd”.
where: name type vci uci match mac
The name of the new DHCP rule.
Specify the DHCP rule type.
Choose between:
>
vci
: vendor class identifier
>
uci
: user class identifier
>
mac
: MAC address.
The vendor class identifier string.
Note
Only required when type=vci.
The user class identifier string.
Note
Only required when type=uci.
The vendor or user class identifier string matching.
The MAC address.
Note
Only required when type=mac.
REQUIRED
REQUIRED
REQUIRED
REQUIRED
OPTIONAL
REQUIRED
RELATED COMMANDS:
E-DOC-CTC-20061027-0003 v2.0
143
DHCP Commands
dhcp rule debug traceconfig
Modify DHCP rule trace configuration.
SYNTAX:
dhcp rule debug traceconfig where: state
[state = {disabled | enabled}]
Set tracing to disabled or enabled.
The default is
disabled
.
OPTIONAL
144
E-DOC-CTC-20061027-0003 v2.0
DHCP Commands
dhcp rule delete
Delete a DHCP rule.
SYNTAX:
dhcp rule delete where: name name = <string>
The name of the DHCP rule.
EXAMPLE:
=>dhcp rule delete name = new
:dhcp rule delete name=new
=>
RELATED COMMANDS:
Add a rule for DHCP conditional selection.
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
145
dhcp rule flush
Flush all DHCP rules.
SYNTAX:
dhcp rule flush
EXAMPLE:
=>dhcp rule list
Name new
=>dhcp rule flush
=>dhcp rule list
Name
=>
Use Value
0 vci=test
Use Value
RELATED COMMANDS:
Add a rule for DHCP conditional selection.
DHCP Commands
146
E-DOC-CTC-20061027-0003 v2.0
DHCP Commands
dhcp rule list
List all DHCP rules.
SYNTAX:
dhcp rule list
EXAMPLE:
=>dhcp rule list
Name new
=>
RELATED COMMANDS:
Use Value
0 vci=test
Add a rule for DHCP conditional selection.
E-DOC-CTC-20061027-0003 v2.0
147
DHCP Commands
dhcp server config
Print the DHCP server configuration settings.
SYNTAX:
dhcp server config where:
[state = <{disabled | enabled}>]
148
E-DOC-CTC-20061027-0003 v2.0
DHCP Commands
dhcp server flush
Flush all DHCP server pool and lease entries.
i
The flush command does not impact previously saved configurations.
SYNTAX:
dhcp server flush
E-DOC-CTC-20061027-0003 v2.0
149
DHCP Commands
dhcp server policy
Print the DHCP server policy settings.
SYNTAX:
dhcp server policy where:
[verifyfirst = <disabled|enabled>]
[trustclient = <disabled|enabled>]
[rtbehaviour = <msft|standard|traditional>]
150
E-DOC-CTC-20061027-0003 v2.0
DHCP Commands
dhcp server debug clear
Clear the DHCP server statistics.
SYNTAX:
dhcp server debug clear
EXAMPLE:
=>dhcp server debug stats
DHCP server state: Running
DHCP server statistics:
Corrupted packet recv
DISCOVER
REQUEST
DECLINE
RELEASE
INFORM
Pure BOOTP REQUESTS
Other message types
OFFERs sent
ACKs sent
:
:
:
:
:
:
:
:
:
:
2
0
22
1
0
2451
28
0
2451
19
NAKs sent
Relay agent options dropped
Lease table got full : no
:
:
0
0
Ping table got full : no
Second dhcp server seen : no
Total size of lease table: 32, in use: 0 free: 100 %
=>dhcp server debug clear
=>dhcp server debug stats
DHCP server state: Running
DHCP server statistics:
Corrupted packet recv
DISCOVER
REQUEST
DECLINE
RELEASE
INFORM
Pure BOOTP REQUESTS
Other message types
OFFERs sent
ACKs sent
NAKs sent
Relay agent options dropped
Lease table got full : no
:
:
:
:
:
:
:
:
:
:
:
:
0
0
0
0
0
0
0
0
0
0
0
0
Ping table got full : no
Second dhcp server seen : no
Total size of lease table: 32, in use: 0 free: 100 %
=>
RELATED COMMANDS:
dhcp server debug stats Show the DHCP server statistics.
E-DOC-CTC-20061027-0003 v2.0
151
DHCP Commands
dhcp server debug stats
Show the DHCP server statistics.
SYNTAX:
dhcp server debug stats
EXAMPLE:
=>dhcp server stats
DHCP Server State: Stopped
DHCP server statistics:
Corrupted packet recv
DISCOVER
REQUEST
DECLINE
RELEASE
INFORM
Pure BOOTP REQUESTS
Other message types
OFFERs sent
ACKs sent
:
:
:
:
:
:
:
:
:
:
2
0
22
1
0
2451
28
0
2451
19
NAKs sent
Relay agent options dropped
Lease table got full : no
:
:
0
0
Ping table got full : no
Second dhcp server seen : no
Total size of lease table: 32, in use: 16, free: 50 %
=>
DESCRIPTION:
>
DHCP server state
: the state of the DHCP server.
>
Corrupted packet recv
: the number of corrupted packets (not complaint to RFC2131) received from the
LAN.
>
DISCOVER
: the number of DHCP server discovery packets received from the LAN. These broadcasts are sent by potential DHCP clients to locate available DHCP servers.
>
REQUEST
: the number of DHCP address lease requests received from the Local Area Network (LAN).
>
DECLINE
: the number of DHCP address lease requests declined.
>
RELEASE
: the number of DHCP address release requests received from DHCP clients.
>
INFORM
: the number of information requests received from DHCP clients.
>
Pure BOOTP requests
: the number of BOOTP requests received from the LAN.
>
Other message types
: the number of other messages received from the LAN.
>
OFFERs sent
: the number of IP address offers sent in reply to DHCP requests.
>
ACKs sent
: the number of ACKnowledgement replies sent to successfully configured DHCP clients.
>
NAKs sent
: the number of Not-AcKnowledgement replies sent to wrongly configured DHCP clients.
>
Relay agent options dropped
>
Lease table got full
: whether the maximum number of DHCP leases is reached or not.
E-DOC-CTC-20061027-0003 v2.0
152
DHCP Commands
>
Ping table got full
: whether the history list of IP address pings got full or not. These pings are sent by the
DHCP server to verify whether the IP address is already in use disabled the LAN or not (:dhcp server policy verifyfirst=yes).
>
Second DHCP server seen
: whether a concurrent DHCP server was found disabled the LAN or not.
RELATED COMMANDS:
Clear the DHCP server statistics.
E-DOC-CTC-20061027-0003 v2.0
153
DHCP Commands
dhcp server debug traceconfig
Modify the DHCP server trace configuration.
SYNTAX:
dhcp server debug traceconfig where: state
[state = <{disabled | enabled}>]
Enable or disable tracing.
The default is
disabled
.
OPTIONAL
EXAMPLE:
=>dhcp server debug traceconfig
Tracing: disabled
=>
154
E-DOC-CTC-20061027-0003 v2.0
DHCP Commands
dhcp server lease add
Add a DHCP server lease.
SYNTAX:
dhcp server lease add where: clientid pool addr offset leasetime expiretime gateway macaddr clientid = <client-id> pool = <string>
[addr = <ip-address>]
[offset = <number>]
[leasetime = <number>]
[expirytime = <number>]
[gateway = <ip-address>]
[macaddr = <hardware-address>]
The DHCP client identification string of the booting host.
The name of the DHCP server pool from which the DHCP lease should be taken.
Tip
Use the command
:dhcp server pool list to obtain a list of available DHCP server pools.
The favoured IP address for this DHCP host.
This IP address, if specified, must be in the range of the specified DHCP server pool.
A number between 0 and the integer number defined by the number of available IP addresses in the DHCP server pool.
Represents the IP address offset in the DHCP server pool preserved for this host.
Note
Not specifying this parameter does not preserve an IP address for the host.
A number (of seconds).
Represents the time the host is allowed to use this address.
Note
0 means infinite leasetime.
The time in seconds the DHCP server keeps the lease reserved
Tip
0 means infinite expirytime.
The IP address of the default router for this client.
The MAC address of the host.
REQUIRED
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
155
DHCP Commands
EXAMPLE:
=>dhcp server lease list
Lease
0 0.0.0.0
Pool TTL dhcp_pool_1 00:26:40
State
FREE
Clientid
00:90:D0:12:34:56
=>dhcp server lease add clientid=01:23:55:67:89:ab pool=Local_pool leasetime=3600
=>dhcp server lease list
Lease
0
1
=>
0.0.0.0
10.0.0.1
Pool TTL dhcp_pool_1 00:26:40 local_pool 00:59:22
State
FREE
USED
Clientid
00:90:D0:12:34:56
01:23:45:67:89:AB
RELATED COMMANDS:
List all the DHCP server leases.
156
E-DOC-CTC-20061027-0003 v2.0
DHCP Commands
dhcp server lease delete
Delete a DHCP server lease.
SYNTAX:
dhcp server lease delete where: clientid index
[clientid = <clientid | none>]
[index = <number>]
The DHCP client identification string of the DHCP lease.
Note
If not specified, all DHCP clients are deleted.
The DHCP server lease table index.
Tip
Use the command
:dhcp server lease list to obtain a list of the index numbers of all current
DHCP leases.
OPTIONAL
OPTIONAL
EXAMPLE:
=>dhcp server lease list
Lease
0 0.0.0.0
Pool TTL dhcp_pool_1 00:26:40
1 10.0.0.1
local_pool 00:59:22
=>dhcp server lease delete index=0
=>dhcp server lease list
Lease Pool
1
=>
10.0.0.1
local_pool
TTL
00:59:22
State
FREE
USED
State
USED
Clientid
00:90:D0:12:34:56
01:23:45:67:89:AB
Clientid
01:23:45:67:89:AB
RELATED COMMANDS:
List all the DHCP server leases.
E-DOC-CTC-20061027-0003 v2.0
157
DHCP Commands
dhcp server lease flush
Flush all the DHCP server leases.
i
The flush command does not impact previously saved configurations.
SYNTAX:
dhcp server lease flush where: pool
[pool = <string>]
The name of the DHCP server pool to be flushed.
Only the leases belonging to this pool will be deleted.
Note
If not specified, all the DHCP server leases will be flushed.
EXAMPLE:
=>dhcp server lease list
Lease
0 0.0.0.0
Pool TTL dhcp_pool_1 00:26:40
1 10.0.0.1
local_pool
2 10.0.0.101 local_pool
00:59:22
00:21:01
3 10.0.0.132 local_pool
5 10.0.0.5
local_pool
4 10.0.0.6
8 10.0.0.8
local_pool local_pool
00:45:37
00:21:11
00:59:01
00:01:00
00:00:23 9 10.0.0.15
local_pool
=>dhcp server lease flush
=>dhcp server lease list
=>
State
FREE
USED
USED
USED
USED
USED
USED
USED
Clientid
00:90:D0:12:34:56
01:23:45:67:89:AB
01:23:89:AB:80:CD
09:D0:25:CE:F1:31
AB:33:A1:7C:89:DD
E3:81:9F:11:11:11
08:80:09:90:AB:DC
08:93:DA:AE:01:AF
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
158
DHCP Commands
dhcp server lease list
List all the DHCP server leases.
SYNTAX:
dhcp server lease list where: clientid index
[clientid = <clientid | none>]
[index = <number>]
The DHCP client identification string of the DHCP lease.
Note
If not specified, the DSHCP server leases for all the
DHCP clients are listed.
The DHCP server lease table index.
Note
If not specified, the complete DHCP server lease table will be shown.
OPTIONAL
OPTIONAL
EXAMPLE:
=>dhcp server lease list
Lease
0 0.0.0.0
Pool TTL dhcp_pool_1 00:26:40
1 10.0.0.1
local_pool
2 10.0.0.101 local_pool
00:59:22
00:21:01
3 10.0.0.132 local_pool
5 10.0.0.5
local_pool
4 10.0.0.6
8 10.0.0.8
local_pool local_pool
9 10.0.0.15
local_pool
=>
00:45:37
00:21:11
00:59:01
00:01:00
00:00:23
State
FREE
USED
USED
USED
USED
USED
USED
USED
Clientid
00:90:D0:12:34:56
01:23:45:67:89:AB
01:23:89:AB:80:CD
09:D0:25:CE:F1:31
AB:33:A1:7C:89:DD
E3:81:9F:11:11:11
08:80:09:90:AB:DC
08:93:DA:AE:01:AF
RELATED COMMANDS:
E-DOC-CTC-20061027-0003 v2.0
159
dhcp server option flush
Flush all DHCP server option templates and instances.
i
The flush command does not impact previously saved configurations.
SYNTAX:
dhcp server option flush
DHCP Commands
160
E-DOC-CTC-20061027-0003 v2.0
DHCP Commands
dhcp server option instadd
Add a DHCP server option instance.
SYNTAX:
dhcp server option instadd name = <string> tmplname = <string> value = <Value : (type)value; type being 8bit,
16-bit, 32-bit, addr, ascii, byte_array> where: name tmplname value
The name of the DHCP server option instance.
The name of the DHCP server option template.
Tip
Use the command
:dhcp server option tmpllist to obtain a list of DHCP server option templates.
The value of the DHCP server option instance.
Format is (type)value where type is 8-bit, 16-bit, 32-bit, addr, ascii or byte_array.
Note
The type must be identical to the type of the DHCP server option template. Use the command
:dhcp server option tmpllist to obtain a list of DHCP server option templates.
REQUIRED
REQUIRED
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
161
DHCP Commands
EXAMPLE:
=>dhcp server option instlist myInstance
Tmpl name : myTmpl
Use : 0
Value : (32-bit)64
(1)
=>dhcp server option instadd name=yourInstance tmplname=yourTmpl value=(ascii)!
{root}[dhcp server option]=>instlist yourInstance
Tmpl name : yourTmpl (2)
Use
Value
: 0
: (ascii)! myInstance
Tmpl name : myTmpl
Use
Value
: 0
: (32-bit)64
=>
(1)
RELATED COMMANDS:
Delete a DHCP server option instance.
List all the DHCP server option instances.
162
E-DOC-CTC-20061027-0003 v2.0
DHCP Commands
dhcp server option instdelete
Delete a DHCP server option instance.
SYNTAX:
dhcp server option instdelete where: name name = <string>
The name of the DHCP server option instance to be deleted.
REQUIRED
EXAMPLE:
=>dhcp server option instlist yourInstance
Tmpl name : yourTmpl
Use : 0
Value : (ascii)! myInstance
Tmpl name : myTmpl
Use
Value
: 0
: (32-bit)64
(2)
(1)
=>dhcp server option instdelete name=yourInstance
=>dhcp server option instlist myInstance
Tmpl name : myTmpl (1)
Use
Value
: 0
: (32-bit)64
=>
RELATED COMMANDS:
Add a DHCP server option instance.
List all the DHCP server option instances.
E-DOC-CTC-20061027-0003 v2.0
163
dhcp server option instlist
List all the DHCP server option instances.
SYNTAX:
dhcp server option instlist
EXAMPLE:
=>dhcp server option instlist yourInstance
Tmpl name : yourTmpl
Use : 0
Value : (ascii)! myInstance
Tmpl name : myTmpl
Use
Value
: 0
: (32-bit)64
=>
RELATED COMMANDS:
(2)
(1)
Add a DHCP server option instance.
Delete a DHCP server option instance.
DHCP Commands
164
E-DOC-CTC-20061027-0003 v2.0
DHCP Commands
dhcp server option tmpladd
Add a DHCP server option template.
SYNTAX:
dhcp server option tmpladd name = <string> optionid = <number{1-254}> type = <{8-bit | 16-bit | 32-bit | addr | ascii | byte_array}> where: name optionid type
The name of the DHCP server option template.
A number between 1 and 254.
Specifies the DHCP server option code.
Specifies the DHCP server option type.
Choose between:
>
8-bit
>
16-bit
>
32-bit
>
addr
>
ascii
>
byte_array.
REQUIRED
REQUIRED
REQUIRED
EXAMPLE:
=>dhcp server option tmpllist
Name myTmpl
Option
1
Type
32-bit
Use
0
=>dhcp server option tmpladd name=yourTmpl optionid=2 type=ascii
=>dhcp server option tmpllist
Name Option Type yourTmpl myTmpl
2
1 ascii
32-bit
Use
0
0
=>
RELATED COMMANDS:
Delete a DHCP server option template.
List all the DHCP server option templates.
E-DOC-CTC-20061027-0003 v2.0
165
DHCP Commands
dhcp server option tmpldelete
Delete a DHCP server option template.
SYNTAX:
dhcp server option tmpldelete where: name name = <string>
The name of the DHCP server option template to be deleted.
REQUIRED
EXAMPLE:
=>dhcp server option tmpllist
Name yourTmpl myTmpl
Option
2
1
Type ascii
32-bit
Use
0
0
=>dhcp server option tmpldelete name=yourTmpl
=>dhcp server option tmpllist
Name Option Type myTmpl
=>
1 32-bit
Use
0
RELATED COMMANDS:
Add a DHCP server option template.
List all the DHCP server option templates.
166
E-DOC-CTC-20061027-0003 v2.0
DHCP Commands
dhcp server option tmpllist
List all the DHCP server option templates.
SYNTAX:
dhcp server option tmpllist
EXAMPLE:
=>dhcp server option tmpllist
Name Option Type yourTmpl myTmpl
=>
2
1 ascii
32-bit
RELATED COMMANDS:
Use
0
0
Add a DHCP server option template.
Delete a DHCP server option template.
E-DOC-CTC-20061027-0003 v2.0
167
DHCP Commands
dhcp server pool add
Add a DHCP server pool.
SYNTAX:
dhcp server pool add where: name index name = <string>
[index = <number>]
The name of the DHCP server pool.
Note
If not specified, the name is “dhcp_pool_x”, where x is a subsequent number.
The number of the pool before which you want the new pool to be added.
Note
If not specified, the DHCP server pool will be added at the bottom of the DHCP server lease table.
REQUIRED
OPTIONAL
168
E-DOC-CTC-20061027-0003 v2.0
DHCP Commands
EXAMPLE:
=>dhcp server pool list
Pool
0 dhcp_pool_1
1 My_LAN_Pool
Start
0.0.0.0
10.0.0.1
End
0.0.0.0
10.0.0.254
0.0.0.0
2 dhcp_pool_2 0.0.0.0
=>dhcp server pool add
=>dhcp server pool list
Pool
0 dhcp_pool_1
1 My_LAN_Pool
2 dhcp_pool_2
3 dhcp_pool_3
Start
0.0.0.0
10.0.0.1
0.0.0.0
0.0.0.0
End
0.0.0.0
10.0.0.254
0.0.0.0
0.0.0.0
=>dhcp server pool add name=POOL_EXTRA1
=>dhcp server pool list
Pool
0 dhcp_pool_1
1 My_LAN_Pool
2 dhcp_pool_2
3 dhcp_pool_3
4 POOL_EXTRA1
Start
0.0.0.0
10.0.0.1
0.0.0.0
0.0.0.0
0.0.0.0
End
0.0.0.0
10.0.0.254
0.0.0.0
0.0.0.0
0.0.0.0
=>ppp ifconfig name=PPP_Test pool=POOL_EXTRA1
=>dhcp server pool list
Pool Start
0 dhcp_pool_1
1 My_LAN_Pool
2 dhcp_pool_2
3 dhcp_pool_3
0.0.0.0
10.0.0.1
0.0.0.0
0.0.0.0
End
0.0.0.0
10.0.0.254
0.0.0.0
0.0.0.0
4 POOL_EXTRA1
=>
0.0.0.0
0.0.0.0
State
FREE
USED
FREE
State
FREE
USED
FREE
FREE
State
FREE
USED
FREE
FREE
FREE
State
FREE
USED
FREE
FREE
FREE
RELATED COMMANDS:
PPP
PPP
PPP
PPP
PPP_Test
E-DOC-CTC-20061027-0003 v2.0
169
DHCP Commands
dhcp server pool config
Configure a DHCP server pool.
SYNTAX:
dhcp server pool config where: name intf index poolstart poolend netmask name = <string> intf = <string>
[index = <number>]
[poolstart = <ip-address>]
[poolend = <ip-address>]
[netmask = <ip-mask(dotted or cidr)>]
[gateway = <ipaddress | 0>]
[server = <ipaddress | 0>]
[primdns = <ipaddress | 0>]
[secdns = <ipaddress | 0>]
[dnsmetric = <number{0-100}>]
[primwins = <ipaddress | 0>]
[secwins = <ipaddress | 0>]
[leasetime = <number>]
[unnumbered = <{disabled | enabled}>]
[localgw = <{disabled | enabled}>]
The name of the DHCP server pool to configure.
The interface for which the pool is allowed to lease IP addresses.
A number between 0 (highest priority) and the highest number
(lowest priority) found in the list of existing DHCP server pools.
Represents a (higher) priority for the DHCP server pool.
Tip
Use the command
:dhcp server pool list to obtain a list of the index numbers of all current
DHCP server pools.
The lowest IP address in the DHCP address range to use for leasing.
The default value of this parameter is 0.0.0.0 (not specified), which means that the lowest IP address of the pool will be defined by the remote server via Internet Protocol Control
Protocol (IPCP) as soon as the Point-to-Point Protocol (PPP)
IPCP subnetmasking connection is established.
The highest IP address in the DHCP address range to use for leasing.
The default value of this parameter is 0.0.0.0 (not specified), which means that the highest IP address of the pool will be defined by the remote server via IPCP as soon as the PPP IPCP subnetmasking connection is established.
The applicable netmask for the DHCP leases.
REQUIRED
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
170
DHCP Commands gateway server primdns secdns dnsmetric primwins secwins leasetime unnumbered localgw
The IP address of the default gateway for the DHCP clients.
The default value of this parameter is 0 (not specified), which means that the gateway IP address will be communicated by the remote server as soon as the PPP IPCP subnetmasking connection is established or that the Thomson ST acts as the
LAN default gateway.
The IP address of the DHCP server for DHCP clients.
The IP address of the primary DNS server for the DHCP clients.
The default value of this parameter is 0 (not specified), which means that the IP address of the DNS server will be communicated by the remote server as soon as the PPP IPCP subnetmasking connection is established or that the Thomson
ST acts as the LAN DNS server.
The IP address of the optional secondary DNS server for DHCP clients.
The default value of this parameter is 0 (not specified), which means that the gateway IP address will be communicated by the remote server as soon as the PPP IPCP subnetmasking connection is established.
The DHCP server pool DNS route metric.
The IP address of the primary Windows Internet Naming
Service (WINS) server for DHCP clients.
The IP address of the secondary WINS server for DHCP clients.
A number (of seconds).
Represents the time in seconds a client is allowed to use an address.
Note
Specifying 0 makes the lease permanent.
Assign an IP address from this pool to the DHCP server
(enabled) or not (disabled).
Note
For dynamic pools only.
Proxy for a virtual default gateway residing in same subnet of
DHCP client instead of the remote peer address.
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
EXAMPLE:
=>dhcp server pool list
Pool
0 LAN_Private
Start
10.0.0.1
End
10.0.0.254
Intf eth0
=>dhcp server pool config name=My_Pool poolstart=192.6.11.101
State
USED
| poolend=192.6.11.254 netmask=255.255.255 gateway=192.6.11.100 leasetime=21600
=>dhcp server pool list
Pool
0 LAN_Private
1 My_Pool
=>
Start
10.0.0.1
192.6.11.101
End
10.0.0.254
192.6.11.254
Intf eth0 eth0
State
USED
USED
E-DOC-CTC-20061027-0003 v2.0
171
DHCP Commands
dhcp server pool delete
Delete a DHCP server pool.
SYNTAX:
dhcp server pool delete where: name name = <string>
The name of the DHCP server pool to be deleted.
Tip
Use the command
:dhcp server pool list to obtain a list of all current DHCP leases.
REQUIRED
EXAMPLE:
=>dhcp server pool list
Pool
0 LAN_Private
1 My_Pool
Start
10.0.0.1
192.6.11.101
End
10.0.0.254
192.6.11.254
=>dhcp server pool delete name=My_Pool
=>dhcp server pool list
Pool Start
0 LAN_Private
=>
10.0.0.1
End
10.0.0.254
Intf eth0 eth0
Intf eth0
RELATED COMMANDS:
State
USED
USED
State
USED
E-DOC-CTC-20061027-0003 v2.0
172
DHCP Commands
dhcp server pool flush
Flush all DHCP server pools.
i
The flush command does not impact previously saved configurations.
SYNTAX:
dhcp server pool flush
EXAMPLE:
=>dhcp server pool list
Pool Start
0 LAN_Private
1 My_Pool
10.0.0.1
192.6.11.101
=>dhcp server pool flush
=>dhcp server pool list
=>
End
10.0.0.254
192.6.11.254
Intf eth0 eth0
State
USED
USED
E-DOC-CTC-20061027-0003 v2.0
173
DHCP Commands
dhcp server pool list
List all DHCP server pools.
SYNTAX:
dhcp server pool list where: name
[name = <string>]
The name of the DHCP server pool to be shown.
Note
If not specified, all the DHCP server pools are shown.
OPTIONAL
EXAMPLE:
=>dhcp server pool list
Pool Start
0 LAN_Private
1 My_Pool
=>
10.0.0.1
192.6.11.101
End
10.0.0.254
192.6.11.254
Intf eth0 eth0
RELATED COMMANDS:
State
USED
USED
174
E-DOC-CTC-20061027-0003 v2.0
DHCP Commands
dhcp server pool optadd
Add an option instance to the DHCP server pool.
SYNTAX:
dhcp server pool optadd where: name instname name = <string> instname = <string>
The name of the DHCP server pool to which an option instance must be added.
The name of the DHCP server option instance.
Tip
Use the command
:dhcp server option instlist to obtain a list of DHCP server option instances.
REQUIRED
REQUIRED
EXAMPLE:
=>dhcp server pool optadd name=dhcp_pool_1 instname=yourInstance
=>dhcp server pool list name=dhcp_pool_1
Pool
1 dhcp_pool_1
Start
0.0.0.0
End
0.0.0.0
Intf lan1
State
FREE
DHCP server
Netmask
Leasetime
Gateway
DNS domain
DNS metric
= 0.0.0.0 [unnumbered]
= 0.0.0.0
= infinite
= 0.0.0.0
= lan
= 0
DNS address list:
0.0.0.0 (local DNS)
Option instance list:
Name Option yourInstance
=>
2 (yourTmpl)
RELATED COMMANDS:
dhcp server pool optdelete Delete an option instance from the DHCP server pool.
E-DOC-CTC-20061027-0003 v2.0
175
DHCP Commands
dhcp server pool optdelete
Delete an option instance from the DHCP server pool.
SYNTAX:
dhcp server pool optdelete where: name instname name = <string> instname = <string>
The name of the DHCP server pool from which an option instance must be deleted.
The name of the DHCP server option instance to be deleted.
Tip
Use the command
:dhcp server option list to obtain a list of DHCP server option instances.
REQUIRED
REQUIRED
176
E-DOC-CTC-20061027-0003 v2.0
DHCP Commands
EXAMPLE:
=>dhcp server pool list name=dhcp_pool_1
Pool Start End
1 dhcp_pool_1 0.0.0.0
0.0.0.0
DHCP server
Netmask
Leasetime
Gateway
DNS domain
DNS metric
= 0.0.0.0 [unnumbered]
= 0.0.0.0
= infinite
= 0.0.0.0
= lan
= 0
DNS address list:
0.0.0.0 (local DNS)
Intf lan1
State
FREE
Option instance list:
Name Option yourInstance 2 (yourTmpl)
=>dhcp server pool optdelete name=dhcp_pool_1 instname=yourInstance
=>dhcp server pool list name=dhcp_pool_1
Pool Start End
1 dhcp_pool_1 0.0.0.0
0.0.0.0
Intf lan1
State
FREE
DHCP server
Netmask
Leasetime
Gateway
DNS domain
DNS metric
= 0.0.0.0 [unnumbered]
= 0.0.0.0
= infinite
= 0.0.0.0
= lan
= 0
DNS address list:
0.0.0.0 (local DNS)
=>
RELATED COMMANDS:
dhcp server pool optadd Add an option instance to the DHCP server pool.
E-DOC-CTC-20061027-0003 v2.0
177
DHCP Commands
dhcp server pool rtadd
Add a route to the DHCP server pool.
SYNTAX:
dhcp server pool rtadd name = <string> dst = <ip-address>
[dstmsk = <ip-mask(dotted or cidr)>]
[gateway = <ipaddress | 0>] where: name dst dstmsk gateway
RELATED COMMANDS:
The name of the DHCP server pool to which a route must be added.
The IP destination address of the route for DHCP clients.
The destination IP address mask.
The IP address of the next hop. Must be directly connected to the DHCP client
REQUIRED
REQUIRED
OPTIONAL
OPTIONAL
Delete a route from the DHCP server pool.
178
E-DOC-CTC-20061027-0003 v2.0
DHCP Commands
dhcp server pool rtdelete
Delete a route from the DHCP server pool.
SYNTAX:
dhcp server pool rtdelete name = <string> dst = <ip-address>
[dstmsk = <ip-mask(dotted or cidr)>]
[gateway = <ipaddress | 0>] where: name dst dstmsk gateway
The name of the DHCP server pool from which a route must be deleted.
The IP destination address of the route for DHCP clients.
The destination IP address mask.
The IP address of the next hop. Must be directly connected to the DHCP client
REQUIRED
REQUIRED
OPTIONAL
OPTIONAL
RELATED COMMANDS:
dhcp server pool rtadd Add a route to the DHCP server pool.
E-DOC-CTC-20061027-0003 v2.0
179
DHCP Commands
dhcp server pool ruleadd
Add a selection rule to the DHCP server pool.
SYNTAX:
dhcp server pool ruleadd name = <string>
[key = {or | and}] rulename = <string> where: name key rulename
The name of the DHCP server pool to which a selection rule must be added.
The logical key of the selection rule.
The default is
or
.
The name of the DHCP selection rule.
Tip
Use the command
:dhcp server rule list to obtain a list of DHCP server rules.
REQUIRED
OPTIONAL
REQUIRED
RELATED COMMANDS:
dhcp server pool ruledelete Delete a selection rule from the DHCP server pool.
180
E-DOC-CTC-20061027-0003 v2.0
DHCP Commands
dhcp server pool ruledelete
Delete a selection rule from the DHCP server pool.
SYNTAX:
dhcp server pool ruleadd where: name rulename name = <string> rulename = <string>
The name of the DHCP server pool from which a selection rule must be deleted.
The name of the DHCP selection rule to be deleted.
Tip
Use the command
:dhcp server rule list to obtain a list of DHCP server rules.
REQUIRED
REQUIRED
RELATED COMMANDS:
Add a selection rule to the DHCP server pool.
E-DOC-CTC-20061027-0003 v2.0
181
DHCP Commands
182
E-DOC-CTC-20061027-0003 v2.0
DNS Commands
10 DNS Commands
Introduction
This chapter describes the commands of the dns command group.
Contents
This chapter covers the following commands:
dns server debug spoof getaddress
dns server debug spoof getflags
Modify the Domain Name System (DNS) resolver configuration.
DNS lookup for a domain name or an address.
Modify the DNS resolver configuration.
Flush all local DNS hosts and routes.
Clear the DNS server/forwarder statistics.
Print the DNS server/forwarder statistics.
Clear the intercept cache table
Get the real ip for the given spoofed ip
Get the error flags for the given spoofed ip
List the intercept cache table.
Update the intercept cache table.
Flush all the local DNS hosts.
Creates a DNS forwarding entry or template.
Deletes a DNS forwarding entry or template
Removes all DNS forwarding entries and templates.
List all the DNS forwarding entries or templates.
E-DOC-CTC-20061027-0003 v2.0
183
DNS Commands
dns client config
Modify the Domain Name System (DNS) resolver configuration.
SYNTAX:
dns client config [timeout = <number{1-900}>]
[retry = <number{0-10}>]
[search = <{disabled | enabled}>]
[list = <string>]
[trace = <{disabled | enabled}>] where: timeout retry search list trace
A number between 1 and 900 (seconds).
Represents the query timeout.
The default is
5
.
A number between 0 and 10.
Represents the number of query retries before giving up.
The default is
3
.
Use the search list to construct fully qualified domain names.
The default is
disabled
.
Specify a search list.
This is a slash separated list of domain name suffixes.
Enable or disable verbose logging.
The default is
disabled
.
EXAMPLE:
=>dns client config timeout : 5s retry search
: 3
: on srchlist : <empty> trace : off
=>
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
184
DNS Commands
dns client dnsadd
Add a DNS server.
SYNTAX:
dns client dnsadd where: addr port addr = <string>
[port = <number>]
The IP address of the DNS server to be added.
The DNS server port number.
The default is
53
.
EXAMPLE:
=>dns client dnsadd addr=150.150.150.150
=>dns client dnslist
Entry
1
2
State
CONNECTED
CONNECTED
Family
IP
IP
Server
[port] 53 - [addr] 127.0.0.1
[port] 53 - [addr] 150.150.150.150
=>
RELATED COMMANDS:
Delete a DNS server.
List all DNS servers.
REQUIRED
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
185
DNS Commands
dns client dnsdelete
Delete a DNS server.
SYNTAX:
dns client dnsdelete where: index index = <number{1-99}>
A number between 1 and 99.
Represents the index number of the DNS server to be deleted.
Tip
Use the command
:dns client dnslist to obtain a list of
DNS servers.
REQUIRED
EXAMPLE:
=>dns client dnslist
Entry
1
2
State
CONNECTED
CONNECTED
Family
IP
IP
=>dns client dnsdelete index=2
=>dns client dnslist
Entry
1
State
CONNECTED
Family
IP
Server
[port] 53 - [addr] 127.0.0.1
=>
Server
[port] 53 - [addr] 127.0.0.1
[port] 53 - [addr] 150.150.150.150
RELATED COMMANDS:
Add a DNS server.
List all DNS servers.
E-DOC-CTC-20061027-0003 v2.0
186
DNS Commands
dns client dnslist
List all DNS servers.
SYNTAX:
dns client dnslist
EXAMPLE:
=>dns client dnslist
Entry
1
2
State
CONNECTED
CONNECTED
Family
IP
IP
=>
Server
[port] 53 - [addr] 127.0.0.1
[port] 53 - [addr] 150.150.150.150
RELATED COMMANDS:
Add a DNS server.
Delete a DNS server.
E-DOC-CTC-20061027-0003 v2.0
187
dns client flush
Remove all DNS servers.
SYNTAX:
dns client flush
DNS Commands
188
E-DOC-CTC-20061027-0003 v2.0
DNS Commands
dns client nslookup
DNS lookup for a domain name or an address.
SYNTAX:
dns client nslookup where: host host = <string>
The DNS domain name string for which to query.
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
189
DNS Commands
dns server config
Modify the DNS resolver configuration.
SYNTAX:
dns server config [domain = <string>]
[timeout = <number{0-2147483647}>]
[suppress = <number>]
[state = <{disabled | enabled}>]
[trace = <{disabled | enabled}>]
[WANDownSpoofing = <{disabled | enabled}>]
[WDSpoofedIP = <ip-address>] where: domain timeout suppress state trace
WANDownSpoofing
WDSpoofedIP
The DNS server domain name.
A number between 0 and 2147483647 (seconds).
Represents the forwarded DNS query timeout.
The default is
15
.
Suppress not more than the specified amount of remote DNS server errors.
The default is
0
.
Enable or disable the local DNS server/forwarder.
The default is
enabled
.
Enable or disable verbose logging.
The default is
disabled
.
Enable or disable DNS spoofing when no applicable forwarding route present.
The default is
disabled
.
The IP address to be used for spoofing when
WANDownSpoofing
is enabled.
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
EXAMPLE:
=>dns server config domain : lan timeout : 15s suppress : 0 state trace spoofing : off spoof ip : 0.0.0.0
=>
: enabled
: off
E-DOC-CTC-20061027-0003 v2.0
190
DNS Commands
dns server flush
Flush all local DNS hosts and routes.
SYNTAX:
dns server flush
E-DOC-CTC-20061027-0003 v2.0
191
dns server debug clear
Clear the DNS server/forwarder statistics.
SYNTAX:
dns server debug clear
EXAMPLE:
=>dns server debug stats
Corrupted packets received
Local questions resolved
Local negative answers sent
Total DNS packets forwarded
External answers received
Spoofed responses
Forward table full, discard
Spurious answers
Unknown query types
=>dns server debug clear
=>dns server debug stats
Corrupted packets received
Local questions resolved
Local negative answers sent
Total DNS packets forwarded
External answers received
Spoofed responses
Forward table full, discard
Spurious answers
Unknown query types
=>
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
RELATED COMMANDS:
0
0
0
0
0
0
0
0
0
100
3
1
0
0
0
0
0
0
Print the DNS server/forwarder statistics.
DNS Commands
E-DOC-CTC-20061027-0003 v2.0
192
DNS Commands
dns server debug stats
Print the DNS server/forwarder statistics.
SYNTAX:
dns server debug stats
EXAMPLE:
=>dns server debug stats
Corrupted packets received
Local questions resolved
Local negative answers sent
Total DNS packets forwarded
External answers received
Spoofed responses
Forward table full, discard
Spurious answers
Unknown query types
=>
:
:
:
:
:
:
:
:
:
RELATED COMMANDS:
100
3
1
0
0
0
0
0
0
Clear the DNS server/forwarder statistics.
E-DOC-CTC-20061027-0003 v2.0
193
dns server debug spoof clear
Clear the intercept cache table
SYNTAX:
dns server debug spoof clear
RELATED COMMANDS:
dns server debug spoof getaddress
dns server debug spoof getflags
Get the real ip for the given spoofed ip
Get the error flags for the given spoofed ip
List the intercept cache table.
Update the intercept cache table.
DNS Commands
194
E-DOC-CTC-20061027-0003 v2.0
DNS Commands
dns server debug spoof getaddress
Get the real ip for the given spoofed ip
SYNTAX:
dns server debug spoof getaddress addr = <ip-address> where: addr The IP address of the spoofed server.
EXAMPLE:
{Administrator}=>dns server debug spoof getaddress addr=198.18.1.1
:dns server debug spoof getaddress addr=198.18.1.1
Resolved ip = 0.0.0.0.
{Administrator}=>
RELATED COMMANDS:
dns server debug spoof getflags
Clear the intercept cache table
Get the error flags for the given spoofed ip
List the intercept cache table.
Update the intercept cache table.
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
195
DNS Commands
dns server debug spoof getflags
Get the error flags for the given spoofed ip
SYNTAX:
dns server debug spoof getflags where: addr addr = <ip-address>
The IP address of the spoofed server.
EXAMPLE:
{Administrator}[dns server debug spoof]=>:dns server debug spoof getflags addr = 192.168.1.254
:dns server debug spoof getflags addr=192.168.1.254
Invalid spoofed ip.
{Administrator}[dns server debug spoof]=>
RELATED COMMANDS:
dns server debug spoof getaddress
Clear the intercept cache table
Get the real ip for the given spoofed ip
List the intercept cache table.
Update the intercept cache table.
REQUIRED
196
E-DOC-CTC-20061027-0003 v2.0
DNS Commands
dns server debug spoof list
List the intercept cache table.
SYNTAX:
dsn server debug spoof list
EXAMPLE:
{Administrator}[dns server debug spoof]=>list
Spoof IP FQDN Real IP Flags
198.18.1.1 eu.thmulti.com 0.0.0.0 Not resolved
198.18.1.2 thmulti.com 0.0.0.0 Not resolved
198.18.1.3 com 0.0.0.0 Not resolved
198.18.1.4 edgmd588.eu.thmulti.com 0.0.0.0 Not resolved
198.18.1.5 edgmssus01.eu.thmulti.com 0.0.0.0 Not resolved
198.18.1.6 BOULSDCEU02.eu.thmulti.com 0.0.0.0 Not resolved
198.18.1.7 juleke.nit 0.0.0.0 Not resolved
RELATED COMMANDS:
dns server debug spoof getaddress
dns server debug spoof getflags
Clear the intercept cache table
Get the real ip for the given spoofed ip
Get the error flags for the given spoofed ip
Update the intercept cache table.
E-DOC-CTC-20061027-0003 v2.0
197
DNS Commands
dns server debug spoof update
Update the intercept cache table.
SYNTAX:
dns server debug spoof update
EXAMPLE:
{Administrator}=>dns server debug spoof update
{Administrator}=>
RELATED COMMANDS:
dns server debug spoof getaddress
dns server debug spoof getflags
Clear the intercept cache table
Get the real ip for the given spoofed ip
Get the error flags for the given spoofed ip
List the intercept cache table.
198
E-DOC-CTC-20061027-0003 v2.0
DNS Commands
dns server host add
Add a local DNS host.
SYNTAX:
dns server host add name = <string>
[addr = <ip-address>]
[ttl = <number{0-2147483647}>] where: name addr ttl
The name of the IP host to be added.
The IP address of the host.
A number between 0 and 2147483647 (seconds).
Represents the lifetime of the host.
The default is
0
(in other words, no limit on the lifetime).
EXAMPLE:
=>dns server host add name=myDNS addr=150.150.150.150 ttl=3600
=>dns server host list
Address Hostname
150.150.150.150
myDNS
TTL (s)
3600
<local>
<local>
=> speedtouch dsldevice
0
0
RELATED COMMANDS:
Delete a local DNS host.
List all the local DNS hosts.
REQUIRED
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
199
DNS Commands
dns server host delete
Delete a local DNS host.
SYNTAX:
dns server host delete where: name name = <string>
The name of the DNS host to be deleted.
EXAMPLE:
=>dns server host list
Address Hostname
150.150.150.150
myDNS
<local> speedtouch
<local> dsldevice
=>dns server host delete name=myDNS
=>dns server host list
Address Hostname
<local>
<local>
=> speedtouch dsldevice
RELATED COMMANDS:
TTL (s)
3600
0
0
TTL (s)
0
0
Add a local DNS host.
List all the local DNS hosts.
REQUIRED
200
E-DOC-CTC-20061027-0003 v2.0
DNS Commands
dns server host flush
Flush all the local DNS hosts.
SYNTAX:
dns server host flush
EXAMPLE:
=>dns server host list
Address Hostname
192.168.1.64
<local>
* Unknown-00-10-a4-ad-32-cf dsldevice
<local> speedtouch
=>dns server host flush
=>dns server host list
=>
TTL (s)
60
1200
1200
E-DOC-CTC-20061027-0003 v2.0
201
dns server host list
List all the local DNS hosts.
SYNTAX:
dns server host list
EXAMPLE:
=>dns server host list
Address Hostname
192.168.1.64
<local>
* Unknown-00-10-a4-ad-32-cf dsldevice
<local>
=> speedtouch
RELATED COMMANDS:
TTL (s)
60
1200
1200
Add a local DNS host.
Delete a local DNS host.
DNS Commands
202
E-DOC-CTC-20061027-0003 v2.0
DNS Commands
dns server route add
Creates a DNS forwarding entry or template.
SYNTAX:
dns server route add dns = <ip-address>
[src = <ip-address>]
[srcmask = <ip-mask(dotted or cidr)>]
[domain = <string>]
[metric = <number{0-100}>]
[intf = <string>] where: dns src srcmask domain metric intf
The IP address of a DNS server. If 0.0.0.0 is used, the entry becomes a
DNS-Template which is instantiated if DNS Server IPs are configured on an IP interface.
The source IP address(es) using this remote DNS server. If specified, only DNS queries from machines of which the source IP address matches the source prefix of the DNS entry will be forwarded to the corresponding DNS server.
Note
Supports IP/mask notation.
The source IP address mask.
The DNS Domain matching string. If configured, only those DNS queries of which the domain name in the query matches with the string configured for the entry will be forwarded to the corresponding
DNS Server. Maximum string length: 62 characters.
A number between 0 and 100. Represents the metric (weight factor) for this DNS route. The DNS Entry List is sorted on DNS Metric: the lower the metric, the higher the priority of the entry.
An interface name.
The interface associated with the DNS entry or DNS Template. DNS queries will only be forwarded on the specified interface.
Note
In no interface is specified, DNS queries will be forwarded on all interfaces.
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
203
DNS Commands
EXAMPLE:
=>dns server route add dns=150.150.150.150 src=10.0.0.0/8 domain=myDNS intf=eth0
=>dns server route list
DNS Server Source
150.150.150.150
10.0.0.0/8
=>
Domain myDNS
Metric
0
Intf eth0
State
UP
RELATED COMMANDS:
Delete a DNS forwarding route.
List all the DNS forwarding routes.
204
E-DOC-CTC-20061027-0003 v2.0
DNS Commands
dns server route delete
Deletes a DNS forwarding entry or template
SYNTAX:
dns server route delete dns = <ip-address>
[domain = <string>]
[intf = <{loop|Internet|LocalNetwork}>] where: dns domain intf
The IP address of the DNS server for which the forwarding route must be deleted.
The DNS domain string.
The interface associated with the DNS entry or DNS Template.
REQUIRED
OPTIONAL
OPTIONAL
EXAMPLE:
=>dns server route list
DNS Server Source
150.150.150.150
10.0.0.0/8
Domain myDNS
=>dns server route delete dns=150.150.150.150
=>dns server route list
=>
RELATED COMMANDS:
Metric Intf
0 eth0
State
UP
Adds a DNS forwarding route.
List all the DNS forwarding routes.
E-DOC-CTC-20061027-0003 v2.0
205
DNS Commands
dns server route flush
Removes all DNS forwarding entries and templates.
SYNTAX:
dns server route flush
EXAMPLE:
=>dns server route list
DNS Server Source
150.150.150.150
10.0.0.0/8
=>dns server route flush
=>dns server route list
=>
Domain myDNS
Metric Intf
0 eth0
State
UP
206
E-DOC-CTC-20061027-0003 v2.0
DNS Commands
dns server route list
List all the DNS forwarding entries or templates.
SYNTAX:
dns server route list
EXAMPLE:
=>dns server route list
DNS Server Source
150.150.150.150
10.0.0.0/8
=>
RELATED COMMANDS:
Domain myDNS
Metric Intf
0 eth0
State
UP
Adds a DNS forwarding route.
Delete a DNS forwarding route.
E-DOC-CTC-20061027-0003 v2.0
207
DNS Commands
208
E-DOC-CTC-20061027-0003 v2.0
DSD Commands
11 DSD Commands
Introduction
This chapter describes the commands of the dsd command group.
Contents
This chapter covers the following commands:
Display/modify the Differentiated Service Delivery (DSD) framework configuration.
Display/modify DSD debug settings
Display the internal connection pool usage.
Display/modify the HyperText Transfer Protocol (HTTP)
Intercept fixed proxy configuration.
Display/modify HTTPI recycling settings
Display/clear DSD framework and module statistics
Display/modify the HTTP Intercept configuration.
Display/modify the HTTP Intercept logging configuration.
Display the HTTP Intercept log file.
Display/modify the URL filtering configuration.
Add a rule.
Delete a rule.
Remove all current rules.
Display the list of current rules.
Modify an existing rule.
E-DOC-CTC-20061027-0003 v2.0
209
DSD Commands
dsd config
Display/modify the Differentiated Service Delivery (DSD) framework configuration.
SYNTAX:
dsd config where:
[state = <{disabled | enabled | automatic}>] state Choose between:
>
automatic (default):
By default (DSD config state is automatic), the DSD framework is not active, for example no URL filtering or web site filtering is applied.
Only
in case the state of the default WAN IP interface goes down, DSD framework will be activated, for example in case the
PPP link goes down (implying HTTP intercept active).
>
enabled:
If DSD config state is enabled the DSD framework is
always
active.
>
disabled i
If you do not provide any parameters, the current configuration will be shown.
OPTIONAL
EXAMPLE:
=>dsd config
State : automatic
=>
210
E-DOC-CTC-20061027-0003 v2.0
DSD Commands
dsd debug config
Display/modify DSD debug settings
SYNTAX:
config where: turbomode
[turbomode = <{disabled|enabled}>]
Enable/disable turbomode OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
211
DSD Commands
dsd debug connection list
Display the internal connection pool usage.
SYNTAX:
dsd debug connection list where: expand
[expand = <{disabled|enabled}>]
Enable or disable the expanded listing.
The default is
disabled
.
optional
212
E-DOC-CTC-20061027-0003 v2.0
DSD Commands
dsd debug proxy
Display/modify the HyperText Transfer Protocol (HTTP) Intercept fixed proxy configuration.
SYNTAX:
dsd debug proxy [state = <{disabled | enabled}>]
[dest = <ip-address>]
[port = <{supported TCP/UDP port} or number>] where: state dest port
Enable or disable fixed proxy redirecting.
The default is
disabled
.
The destination IP address to which requests will be forwarded.
The port to be used for connecting to proxy.
Select one of the supported Transmission Control Protocol (TCP)/UDP
port names (see “ Supported TCP/UDP Port Names” on page 747
) or, alternatively, specify the port number.
OPTIONAL
OPTIONAL
OPTIONAL
EXAMPLE:
=>dsd debug proxy
State : off
Dest.IP : 0.0.0.0
Port : 0
=>
E-DOC-CTC-20061027-0003 v2.0
213
DSD Commands
dsd debug recycling
Display/modify HTTPI recycling settings
SYNTAX:
dsd debug recycling state = <disabled>|<enabled> interval = <number> httpidle = <number> otheridle = <number> where: state interval httpidle otheridle
Enable/disable stream recycling
Time between successive activity checks
Minimal idle count for recycling (filtered) http streams
Minimal idle count for recycling other streams
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
214
E-DOC-CTC-20061027-0003 v2.0
DSD Commands
dsd debug stats
Display/clear DSD framework and module statistics
SYNTAX:
dsd debug stats where: name clear name = <{intercept|urlfilter|recycling|syslog|all} clear = <{no|yes}>
Specify the name of a module
Clear the specified statistics
REQUIRED
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
215
DSD Commands
dsd intercept config
Display/modify the HTTP Intercept configuration.
SYNTAX:
dsd intercept config [WDSpoofedIP = <ip-address>]
[servertimeout = <number>]
[servererrorurl = <string>]
[categoryerrorurl = <string>]
[monitorintercepturl = <string>]
[urlblockedurl = <string>]
[imageredirect = <{disabled | enabled}>]
[imageredirecturl = <string>]
[alwaysuseip = <{disabled | enabled}>] where:
WDSpoofedIP servertimeout servererrorurl categoryerrorurl monitorintercept url urlblockedurl imageredirect imageredirecturl alwaysuseip
The IP address indicating unavailable WAN connection.
The default is
198.18.1.1
.
A number of seconds.
Represents the server timeout for redirect action.
The default is
10
.
The destination URL when the connection to the server failed.
The destination URL when the connection to the category server failed.
The destination URL when the request is intercepted by the monitor thread.
The destination URL when the requested URL is blocked.
Enable or disable substitution of blocked images.
The default is
enabled
.
The URL of the image used when substituting blocked images.
Always use IP address when redirecting to a local page (enabled) or not (disabled).
The default is
enabled
.
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
EXAMPLE:
=>dsd intercept config
WAN down spoofed IP : 198.18.1.1
Servertimeout
Connection failure
: 10 sec
: /cgi/b/ic/connect/
Category server error : /cgi/b/ic/connect/
Monitor intercept : /cgi/b/ic/connect/
Unauthorized request : /cgi/b/sfltr/blocked/
Image redirecting : enabled
Image redirect url
Always use IP
=>
: /images/spacer.gif
: enabled
E-DOC-CTC-20061027-0003 v2.0
216
DSD Commands
dsd syslog config
Display/modify the HTTP Intercept logging configuration.
SYNTAX:
dsd syslog config where: syslog
[syslog = <{none | unauthorized | errors | intercepted | all}>]
Define the type of events to log.
Choose between:
>
none
: nothing is logged to syslog.
>
unauthorized
: only the HTTP requests that are blocked because of a
LocalRule, BlockCategory, BlockIPAddress or BlockObscure event, are logged.
>
errors
: only the HTTP requests that are blocked because of Server errors, Category errors, Monitor intercept, loop detection, bad requests or redirects by local policy rules.
>
intercepted
: only the HTTP requests that are blocked because of
URLBlocked, Server errors, Category errors, Monitor intercept, loop detection, bad requests or redirects by local policy rules.
>
all
: every received request is logged to syslog.
The default is
intercepted
.
OPTIONAL
EXAMPLE:
=>dsd syslog config syslog : errors
=>
RELATED COMMANDS:
dsd syslog list Display the HTTP Intercept log file.
E-DOC-CTC-20061027-0003 v2.0
217
DSD Commands
dsd syslog list
Display the HTTP Intercept log file.
SYNTAX:
dsd syslog list
EXAMPLE:
=>dsd syslog list
<86> SysUpTime: 00:22:37 [HTTPI] src=10.0.0.1 src_port=1965 dst=141.11.196.35 dst_port=80 eve nt=ServerConnect dst_name=aWebsite.com/icons/Button_Document.gif
<86> SysUpTime: 00:22:59 [HTTPI] src=10.0.0.1 src_port=1968 dst=141.11.234.60 dst_port=80 eve nt=ServerConnect dst_name=anotherWebsite.com/rawgen.asp
=>
RELATED COMMANDS:
dsd syslog config Display/modify the HTTP Intercept logging configuration.
218
E-DOC-CTC-20061027-0003 v2.0
DSD Commands
dsd urlfilter config
Display/modify the URL filtering configuration.
SYNTAX:
dsd urlfilter config [state = <{disabled | enabled}>]
[blockproxy = <{disabled | enabled}>]
[blockipaddress = <{disabled | enabled}>]
[blockobscuredip = <{disabled | enabled}>]
[defaultaction = <{block | accept}>] where: state blockproxy blockipaddr ess blockobscur edip defaultactio n
Enable or disable URL filtering.
The default is
enabled
.
Enable or disable blocking of HTTP requests via a proxy server.
The default is
disabled
.
Enable or disable blocking of HTTP requests if host name is IP address.
The default is
disabled
.
Enable or disable blocking of HTTP requests if host name is believed to be an IP address.
The default is
disabled
.
Select the action to be performed when no filter is applicable.
Choose between:
>
block
>
accept.
The default is
accept
.
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
EXAMPLE:
=>dsd urlfilter config
Filter state
Block proxy traffic
Block IP addr
: enabled
: disabled
: disabled
Block obscured IP addr : disabled
Default action
=>
: accept
E-DOC-CTC-20061027-0003 v2.0
219
DSD Commands
dsd urlfilter rule add
Add a rule.
SYNTAX:
dsd urlfilter rule add url = <string> action = <{block | accept | redirect}> redirect = <string> where: url action redirect
Definition of the URL filter.
The action to perform when URL matches URL.
Choose between:
>
block
>
accept
>
redirect.
The redirection URL.
Note
This parameter is only required when the action is
redirect
.
REQUIRED
REQUIRED
REQUIRED
EXAMPLE:
=>dsd urlfilter rule add url=www.speedtouch.com action=redirect redirect=www.speedtouch.be
=>dsd urlfilter rule list
Index Action Url Redirect
----------
0 redirect
--www.speedtouch.com
-------www.speedtouch.be
Rule list statistics : 1 present, 128 total (0.0% used)
=>
RELATED COMMANDS:
Delete a rule.
Display the list of current rules.
E-DOC-CTC-20061027-0003 v2.0
220
DSD Commands
dsd urlfilter rule delete
Delete a rule.
SYNTAX:
dsd urlfilter rule delete index = <number>
[url = <string>] where: index url
Insertion position in the list.
Tip
Use the command
:dsd urlfilter rule list to obtain the index number of the rule to be deleted.
Definition of the URL filter.
REQUIRED
OPTIONAL
EXAMPLE:
=>dsd urlfilter rule list
Index Action Url
----------
0 redirect
--www.speedtouch.com
1 accept www.baen.com
Redirect
-------www.speedtouch.be
Rule list statistics : 2 present, 128 total (0.0% used)
=>dsd urlfilter rule delete index=1
=>dsd urlfilter rule list
Index Action Url
----------
0 redirect
--www.speedtouch.com
Redirect
-------www.speedtouch.be
Rule list statistics : 1 present, 128 total (0.0% used)
=>
RELATED COMMANDS:
Add a rule.
Display the list of current rules.
E-DOC-CTC-20061027-0003 v2.0
221
DSD Commands
dsd urlfilter rule flush
Remove all current rules.
SYNTAX:
dsd urlfilter rule flush
EXAMPLE:
=>dsd urlfilter rule list
Index Action Url
----------
0 redirect
--www.speedtouch.com
1 accept www.baen.com
Redirect
-------www.speedtouch.be
Rule list statistics : 2 present, 128 total (0.0% used)
=>dsd urlfilter rule flush
=>dsd urlfilter rule list
Index Action Url
------------
Redirect
--------
Rule list statistics : 0 present, 128 total (0.0% used)
=>
222
E-DOC-CTC-20061027-0003 v2.0
DSD Commands
dsd urlfilter rule list
Display the list of current rules.
SYNTAX:
dsd urlfilter rule list
EXAMPLE:
=>dsd urlfilter rule list
Index Action Url
----------
0 redirect
--www.speedtouch.com
1 accept www.baen.com
Rule list statistics : 2 present, 128 total (0.0% used)
=>
Redirect
-------www.speedtouch.be
RELATED COMMANDS:
Add a rule.
Delete a rule.
E-DOC-CTC-20061027-0003 v2.0
223
DSD Commands
dsd urlfilter rule modify
Modify an existing rule.
SYNTAX:
dsd urlfilter rule modify index = <number>
[newurl = <string>] action = <{block | accept | redirect}> redirect = <string> where: index newurl action redirect
Insertion position in the list.
Definition of the new URL filter.
Action to perform when URL matches URL.
Choose between:
>
block
>
accept
>
redirect.
The redirection URL.
Note
This parameter is only required when the action is
redirect
.
REQUIRED
OPTIONAL
REQUIRED
REQUIRED
224
E-DOC-CTC-20061027-0003 v2.0
DSD Commands
EXAMPLE:
=>dsd urlfilter rule list
Index Action Url
----------
0 redirect
--www.speedtouch.com
1 accept www.baen.com
Redirect
-------www.speedtouch.be
Rule list statistics : 2 present, 128 total (0.0% used)
=>dsd urlfilter rule modify index=0 newurl=www.speed*.* action=redirect redirect=www.speedtou
ch.be
=>dsd urlfilter rule list
Index Action Url Redirect
----------
0 redirect
--www.speed*.*
1 accept www.baen.com
-------www.speedtouch.be
Rule list statistics : 2 present, 128 total (0.0% used)
=>
RELATED COMMANDS:
Add a rule.
Delete a rule.
Display the list of current rules.
E-DOC-CTC-20061027-0003 v2.0
225
DSD Commands
226
E-DOC-CTC-20061027-0003 v2.0
DynDNS Commands
12 DynDNS Commands
Introduction
Dynamic DNS is a service that allows to bind a host name to an IP address. In contrast to classical DNS, this service allows regular updates of the IP address related to a host name. In this way, hosts of which the IP address regularly changes (for example due to a limited DHCP lease time) can be identified by a static host name that is unique throughout the Internet.
This chapter describes the commands of the dyndns commnd group.
Contents
This chapter covers the following commands:
Delete all the dynamic DNS clients.
List all the dynamic DNS clients.
Add a fully qualified host name.
List all dynamic DNS services.
Modify specific dynamic DNS service settings.
E-DOC-CTC-20061027-0003 v2.0
227
dyndns add
Add a dynamic DNS client.
SYNTAX:
dyndns add where: name name = <string>
The name of the new dynamic DNS client.
Note
A maximum of 5 clients can be configured.
EXAMPLE:
=>dyndns add name=WAN
=>dyndns list
WAN : [INIT] user = password = addr = 0.0.0.0
=>
RELATED COMMANDS:
Delete a dynamic DNS client.
List all dynamic DNS clients.
DynDNS Commands
REQUIRED
228
E-DOC-CTC-20061027-0003 v2.0
DynDNS Commands
dyndns delete
Delete a dynamic DNS client.
SYNTAX:
dyndns delete where: name name = <string>
The name of the dynamic DNS client to be deleted.
EXAMPLE:
=>dyndns list
WAN : [INIT] user = password = addr = 0.0.0.0
=>dyndns delete name=WAN
=>dyndns list
=>
RELATED COMMANDS:
Add a dynamic DNS client.
List all dynamic DNS clients.
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
229
dyndns flush
Delete all the dynamic DNS clients.
SYNTAX:
dyndns flush
DynDNS Commands
230
E-DOC-CTC-20061027-0003 v2.0
DynDNS Commands
dyndns list
List all the dynamic DNS clients.
SYNTAX:
dyndns list
EXAMPLE:
=>dyndns list
WAN : [INIT] user = password = addr = 0.0.0.0
=>
RELATED COMMANDS:
Add a dynamic DNS client.
Delete a dynamic DNS client.
E-DOC-CTC-20061027-0003 v2.0
231
DynDNS Commands
dyndns modify
Modify a dynamic DNS client.
SYNTAX:
dyndns modify name = <string>
[intf = <string>]
[user = <string>]
[password = <password>]
[group = <string>]
[mx = <string>]
[backmx = <{disabled | enabled}>]
[wildcard = <{disabled | enabled}>]
[offline = <{disabled | enabled}>]
[service = <{dyndns | statdns | custom | No-IP |
DtDNS
| gnudip}>]
[status = <{disabled | enabled}>]
[trace = <{disabled | enabled}>] where: name intf user password group mx backmx wildcard offline service
The name of the dynamic DNS client to be modified.
The dynamic DNS client interface.
Note
This parameter must be defined to enable the dynamic DNS client.
The username for dynamic DNS authentication.
The password for dynamic DNS authentication.
The dynamic DNS host group.
The mail exchanger.
Set up the mail exchanger as a backup mail exchanger (enabled) or not (disabled).
The default is
disabled
.
Allow the use of hostname wildcards (enabled) or not (disabled).
The default is
disabled
.
Set the host to offline mode (enabled) or not (disabled).
The default is
disabled
.
The dynamic DNS service. Choose between:
>
dyndns
>
statdns
>
custom
>
No-IP
>
DtDNS
>
gnudip.
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
232
DynDNS Commands status trace
Enable or disable the dynamic DNS client.
The default is
disabled
.
Enable or disable the verbose console logging for the dynamic DNS client.
The default is
disabled
.
OPTIONAL
OPTIONAL
EXAMPLE:
=>dyndns list
WAN : [INIT] user = password = addr = 0.0.0.0
=>dyndns modify name=WAN intf=RtPPPoE user=DNSuser password=_DEV_BA8C0C963BD84130 service=gnu dip
=>dyndns list
WAN : RtPPPoE_ppp [INIT] options = gnudip user = my_DNS_user password = ******** addr = 0.0.0.0
=>
E-DOC-CTC-20061027-0003 v2.0
233
DynDNS Commands
dyndns host add
Add a fully qualified host name.
SYNTAX:
dyndns host add where: group name group = <string> name = <string>
The dynamic DNS host group.
Note
A maximum of 4 different groups can be created.
The name of an IP host to add.
Note
A maximum of 20 hosts can be configured.
EXAMPLE:
=>dyndns host add group=local name=localhost.com
=>dyndns host list local :
[ ] localhost.com
legend :
[ ] not initialised
=>
[v] update successful
[o]
[x] update in progress error
RELATED COMMANDS:
Delete a host name.
List all host names.
REQUIRED
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
234
DynDNS Commands
dyndns host delete
Delete a host name.
SYNTAX:
dyndns host delete where: name name = <string>
The name of the IP host to be deleted.
EXAMPLE:
=>dyndns host list local :
[ ] localhost.com
public :
[ ] publichost.com
legend :
[ ] not initialised
[v] update successful
[o] update in progress
[x] error
=>dyndns host delete name=publichost.com
=>dyndns host list local :
[ ] localhost.com
legend :
[ ] not initialised
=>
[v] update successful
[o]
[x] update in progress error
RELATED COMMANDS:
Add a fully qualified host name.
List all host names.
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
235
DynDNS Commands
dyndns host flush
Delete all hosts.
i
The hosts cannot be flushed, if there is still a group referenced to the hosts.
SYNTAX:
dyndns host flush
236
E-DOC-CTC-20061027-0003 v2.0
DynDNS Commands
dyndns host list
List all host names.
SYNTAX:
dyndns host list
EXAMPLE:
=>dyndns host list local :
[ ] localhost.com
public :
[ ] publichost.com
legend :
[ ] not initialised
=>
[v] update successful
RELATED COMMANDS:
[o] update in progress
[x] error
Add a fully qualified host name.
Delete a host name.
E-DOC-CTC-20061027-0003 v2.0
237
DynDNS Commands
dyndns service list
List all dynamic DNS services.
SYNTAX:
dyndns service list
EXAMPLE:
=>dyndns service list dyndns : server port
= members.dyndns.org
= 80 request = /nic/update update interval = 2097120 retry interval = 30 max retry = 3 statdns server
: port request
= members.dyndns.org
= 80
= /nic/update update interval = 0 retry interval = 30 max retry = 3 custom server port
:
= members.dyndns.org
= 80 request = /nic/update update interval = 0 retry interval = 30 max retry = 3
No-IP server
: port
= dynupdate.no-ip.com
= 80 request = /ducupdate.php
update interval = 86400 retry interval = 30 max retry = 3
DtDNS server
: port
= dtdns.com
= 80 request = /api/autodns.cfm
update interval = 86400 retry interval = 30 max retry = 3
=>
238
E-DOC-CTC-20061027-0003 v2.0
DynDNS Commands
RELATED COMMANDS:
Modify specific dynamic DNS service settings.
E-DOC-CTC-20061027-0003 v2.0
239
DynDNS Commands
dyndns service modify
Modify specific dynamic DNS service settings.
SYNTAX:
dyndns service modify name = <string>
[server = <string>]
[port = <{supported TCP/UDP port name} or number>]
[request = <string>]
[updateinterval = <number{0-2097120}>]
[retryinterval = <number{0-600}]
[max_retry = <number{1-5}>] where: name REQUIRED server port request updateinterval retryinterval max_retry
The name of the dynamic DNS service.
Choose between:
>
dyndns
>
statdns
>
custom
>
No-IP
>
DtDNS
>
gnudip.
The hostname of the dynamic DNS server.
The port of the dynamic DNS server.
Select one of the supported TCP/UDP port names (see
TCP/UDP Port Names” on page 747
) or, alternatively, specify the port number.
The dynamic DNS request string.
A number between 0 and 2097120 (seconds).
Represents the time interval before a dynamic update is sent to the dynamic DNS server.
Note
The value 0 means disabled.
A number between 0 and 600 (seconds).
Represents the interval between retries if communication with the dynamic DNS server fails.
The default is
30
.
Note
The value 0 means disabled.
A number between 1 and 5.
Represents the maximum number of retries if communication with the dynamic DNS server fails.
The default is
3
.
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
240
DynDNS Commands
EXAMPLE:
=>dyndns service modify name=custom server=mydyndns.org port=www-http request=hereiam
| updateinterval=2000000 retryinterval=15 max_retry=5
=>dyndns service list dyndns : server port
= members.dyndns.org
= 80 request = /nic/update update interval = 2097120 retry interval = 30 max retry = 3 statdns server
: port request
= members.dyndns.org
= 80
= /nic/update update interval = 0 retry interval = 30 max retry = 3 custom server
: port request
= mydyndns.org
= 80
= hereiam update interval = 2000000 retry interval = 15 max retry = 5
No-IP server port
: request
= dynupdate.no-ip.com
= 80
= /ducupdate.php
update interval = 86400 retry interval = 30 max retry = 3
DtDNS server port
: request
= dtdns.com
= 80
= /api/autodns.cfm
update interval = 86400 retry interval = 30 max retry = 3
=>
RELATED COMMANDS:
List all dynamic DNS services.
E-DOC-CTC-20061027-0003 v2.0
241
DynDNS Commands
242
E-DOC-CTC-20061027-0003 v2.0
Env Commands
13 Env Commands
Introduction
This chapter describes the commands of the env command group.
Contents
This chapter covers the following commands:
Flush all the non-system environment variables.
Get the current value of an environment variable.
Show all the currently available environment variables.
Delete a environment variable.
E-DOC-CTC-20061027-0003 v2.0
243
env flush
Flush all the non-system environment variables.
SYNTAX:
env flush
Env Commands
244
E-DOC-CTC-20061027-0003 v2.0
Env Commands
env get
Get the current value of an environment variable.
SYNTAX:
env get where: var var = <string>
The name of the environment variable.
Tip
Use the command
:env list to obtain a list of all environment variables.
REQUIRED
RELATED COMMANDS:
List all current environment variables.
E-DOC-CTC-20061027-0003 v2.0
245
env list
Show all the currently available environment variables.
SYNTAX:
env list
RELATED COMMANDS:
Get the current value of an environment variable.
Env Commands
246
E-DOC-CTC-20061027-0003 v2.0
Env Commands
env set
Set an environment variable.
SYNTAX:
env set where: var var = <string> value = <translated string> value
The name of the environment variable.
Tip
When creating an environment variable, any name is allowed.
However spaces are NOT allowed and the name may NOT start with:
>
“CONF”
>
“HOST”
>
an underscore “_”
>
the dollar sign “$”.
A quoted translated string which defines the value of the environment variable.
Note
The value of system variables (built-in variables with names starting with an underscore “_”, “CONF” or “HOST”) cannot be changed.
REQUIRED
REQUIRED
EXAMPLE:
For infinite TELNET time out, set the value of the variable
SESSIONTIMEOUT
to “0”:
=>env set var=SESSIONTIMEOUT value=0
=>
RELATED COMMANDS:
Delete a non-system environment variable.
E-DOC-CTC-20061027-0003 v2.0
247
Env Commands
env unset
Delete a environment variable.
SYNTAX:
env unset where: var var = <string>
The name of the environment variable to be deleted.
Note
System variables (built-in variables with names starting with an underscore “_”, “CONF” or “HOST”) cannot be unset, changed or deleted.
REQUIRED
EXAMPLE:
=>env list
_COMPANY_NAME=THOMSON multimedia
_COMPANY_URL=http://www.speedtouch.com
_PROD_NAME=SpeedTouch
.....
CONF_DATE=March 2004
CONF_REGION=World
HOST_SETUP=user
=>env unset var=CONF_REGION
=>env list
_COMPANY_NAME=THOMSON multimedia
_COMPANY_URL=http://www.speedtouch.com
_PROD_NAME=SpeedTouch
.....
CONF_DATE=March 2004
HOST_SETUP=user
=>
RELATED COMMANDS:
Create and set a non-system environment variable.
E-DOC-CTC-20061027-0003 v2.0
248
Eth Commands
14 Eth Commands
Introduction
This chapter describes the commands of the eth command group.
Contents
This chapter covers the following commands:
eth bridge igmpsnooping config
Display the current bridge instances.
Add a new bridge instance.
Delete a bridge instance.
Select the default bridge to configure interfaces .
Modify/display the bridge configuration settings.
Display the active MAC entries for the dynamic
VLAN membership.
Add a dynamic VLAN membership entry.
Modify the dynamic VLAN membership configuration.
Delete a dynamic VLAN membership entry.
Flush all dynamic VLAN membership entries.
Delete a dynamic VLAN membership entry.
Flush bridge interfaces and parameters.
Add a new bridge interface.
Attach a bridge interface.
Modify a bridge interface configuration.
Delete a bridge interface.
Detach a bridge interface.
Display the current bridge interfaces.
Flush the bridge interfaces
Configure the bridge instance‘s IGMP Snooping flags
Display a bridge instance‘s snooped groups
266
267
268
269
268
265
E-DOC-CTC-20061027-0003 v2.0
249
Eth Commands
250
eth bridge igmpsnooping ifconfig
eth bridge igmpsnooping iflist
Configure the bridge interface‘s IGMP snooping flags and mode
Display a bridge interface‘s IGMP status
Clear the snooping statistics
Add a static MAC address to a bridge interface.
Remove a MAC address from the filtering database.
Display the MAC address database.
Add a new constraint to the VLAN learning system.
Delete a constraint from the VLAN learning system.
Flush all constraints from the VLAN learning system.
Display all constraints from the VLAN learning system.
Add a bridge interface to a VLAN.
Modify a bridge interface from a VLAN.
Delete a bridge interface from a VLAN.
Display all VLANs.
Configure an Ethernet interface.
Show status of Ethernet interfaces.
Set all the ports to the default settings.
List all the configured switch groups.
Move a specified port to a specified switch group.
Define the specified port to be the Mirror Capture
Port.
Enable or disable the specified port to be the Mirror
Egress Port.
Enable or disable the specified port to be the Mirror
Ingress Port.
Add a port to be shared.
Delete a shared port.
Display shared ports.
Display switch capabilities.
Configure common qos parameters.
Configure per port QoS parameters.
Display QoS configuration.
Configure the queue weights.
Configure common ingress shaper parameters.
Configure per port shaper parameters.
Display shaper configuration per port.
Configure per port storm control parameters.
Display storm control configuration per port.
Add a new VLAN.
Delete a VLAN.
318
319
320
321
322
314
315
316
317
310
311
312
313
E-DOC-CTC-20061027-0003 v2.0
Eth Commands
Flush all VLANs.
Display all VLANs.
E-DOC-CTC-20061027-0003 v2.0
251
Eth Commands
eth ifadd
Create a new ETH interface.
SYNTAX:
eth ifadd where: intf intf = <string>
The name of the new ETH interface.
RELATED COMMANDS:
REQUIRED
252
E-DOC-CTC-20061027-0003 v2.0
Eth Commands
eth ifattach
Attach an ETH interface.
SYNTAX:
eth ifattach where: intf intf = <string>
The name of the ETH interface to be attached.
RELATED COMMANDS:
eth ifdetach Detach an ETH interface.
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
253
Eth Commands
eth ifconfig
Modify an ETH interface.
SYNTAX:
eth ifconfig where: intf dest retry vlan intf = <string>
[dest = <string>]
[retry = <number{0-65535}>]
[vlan = <string>]
The name of the ETH interface to be configured.
The destination interface for this ETH interface.
A number between 0 and 65535.
Represents the number of times the ETH connection setup should retry before giving up.
The default is
10
.
The Virtual Local Area Network (VLAN) for this ETH interface.
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
254
E-DOC-CTC-20061027-0003 v2.0
Eth Commands
eth ifdelete
Delete an ETH interface.
SYNTAX:
eth ifdelete where: intf intf = <string>
The name of the ETH interface name to be deleted.
RELATED COMMANDS:
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
255
Eth Commands
eth ifdetach
Detach an ETH interface.
SYNTAX:
eth ifdetach where: intf intf = <string>
The name of the ETH interface to be detached.
RELATED COMMANDS:
eth ifattach Attach an ETH interface.
REQUIRED
256
E-DOC-CTC-20061027-0003 v2.0
Eth Commands
eth iflist
Display the ETH interfaces.
SYNTAX:
eth iflist [intf = <string>]
[string = <string>]
[beginstring = <string>] where: intf string beginstring
RELATED COMMANDS:
The name of the ETH interface to be displayed.
Note
If not specified, all the ETH interfaces will be displayed.
String matching condition
Beginstring matching condition
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
257
Eth Commands
eth flush
Flush all the ETH interfaces.
i
The flush command does not impact previously saved configurations.
SYNTAX:
eth flush
258
E-DOC-CTC-20061027-0003 v2.0
Eth Commands
eth bridge clear
Clear the bridge statistics.
SYNTAX:
eth bridge clear
E-DOC-CTC-20061027-0003 v2.0
259
Eth Commands
eth bridge list
Display the current bridge instances
Syntax
eth bridge list where brname string beginstring
[brname = <{bridge}>]
[string = <string>]
[beginstring = <string>]
The name of a bridge instance
String matching condition
Beginstring matching condition
OPTIONAL
OPTIONAL
OPTIONAL
260
E-DOC-CTC-20061027-0003 v2.0
Eth Commands
eth bridge add
Add a new bridge instance
Syntax
eth bridge add where brname brname=<string>
The name of the new bridge instance REQUIRED
E-DOC-CTC-20061027-0003 v2.0
261
Eth Commands
eth bridge delete
Delete a bridge instance
Syntax
eth bridge delete where brname brname = <{bridge}>
The name of the bridge instance to be deleted REQUIRED
262
E-DOC-CTC-20061027-0003 v2.0
Eth Commands
eth bridge select
Select the default bridge to configure interfaces (when not setting a bridge name, for legacy purposes).
Syntax
eth bridge select where brname brname = <{bridge}>
The name of a bridge instance REQUIRED
E-DOC-CTC-20061027-0003 v2.0
263
Eth Commands
eth bridge config
Modify/display the bridge configuration settings.
SYNTAX:
eth bridge config [brname = <{bridge}>]
[age = <number{10-100000}>]
[filter = <{no_WAN_broadcast | none}>]
[vlan = <{disabled | enabled}>]
[precedencemap = <string>] where: brname age filter vlan precedencemap
The name of a bridge instance
A number between 10 and 100000 (seconds).
Represents the lifetime of a dynamically learned Medium Access
Control (MAC) address.
The default is
300
.
The bridge filter to be applied for all Wide Area Network (WAN) bridge ports.
Choose between:
>
no_WAN_broadcast
: broadcasts from the Thomson ST itself to the WAN are filtered out, broadcasts from the LAN to the
WAN are still passed through
>
none
: no broadcasts are filtered out.
The default is
no_WAN_broadcast
.
Enable or disable the use of the VLAN ID of the received VLAN packets.
The default is
enabled
.
The IP QoS precedence mapping table
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
264
Eth Commands
eth bridge dynvlan actlist
Display the active MAC entries for the dynamic VLAN membership.
SYNTAX:
eth bridge dynvlan actlist
RELATED COMMANDS:
Add a dynamic VLAN membership entry.
Modify the dynamic VLAN membership configuration.
Delete a dynamic VLAN membership entry.
Display a dynamic VLAN membership entry.
E-DOC-CTC-20061027-0003 v2.0
265
Eth Commands
eth bridge dynvlan add
Add a dynamic VLAN membership entry.
SYNTAX:
eth bridge dynvlan add [id = <number{0-100000}>] hwaddr = <masked-hardware-address> vlan = <string>
[remvlan = <{default}>] where: id hwaddr vlan remvlan
A number between 0 and 100000.
Represents the id of the dynamic VLAN membership entry.
The (masked) ethernet MAC address of the dynamic VLAN membership entry.
The VLAN for the dynamic VLAN membership entry.
The VLAN that will be removed from the bridge interface.
OPTIONAL
REQUIRED
REQUIRED
OPTIONAL
RELATED COMMANDS:
Display the active MAC entries for the dynamic VLAN membership.
Modify the dynamic VLAN membership configuration.
Delete a dynamic VLAN membership entry.
Display a dynamic VLAN membership entry.
266
E-DOC-CTC-20061027-0003 v2.0
Eth Commands
eth bridge dynvlan config
Modify the dynamic VLAN membership configuration.
SYNTAX:
eth bridge dynvlan config where: timeout
[timeout = <number{0-100000}>]
A number between 0 and 100000 (seconds).
Represents timeout for the dynamic entries.
OPTIONAL
RELATED COMMANDS:
Display the active MAC entries for the dynamic VLAN membership.
Add a dynamic VLAN membership entry.
Delete a dynamic VLAN membership entry.
Display a dynamic VLAN membership entry.
E-DOC-CTC-20061027-0003 v2.0
267
Eth Commands
eth bridge dynvlan delete
Delete a dynamic VLAN membership entry.
SYNTAX:
eth bridge dynvlan delete where: id id = <number{0-100000}>
A number between 0 and 100000.
Represents the id of a dynamic VLAN membership.
RELATED COMMANDS:
REQUIRED
Display the active MAC entries for the dynamic VLAN membership.
Add a dynamic VLAN membership entry.
Modify the dynamic VLAN membership configuration.
Display a dynamic VLAN membership entry.
268
E-DOC-CTC-20061027-0003 v2.0
Eth Commands
eth bridge dynvlan flush
Flush all dynamic VLAN membership entries.
SYNTAX:
eth bridge dynvlan flush
E-DOC-CTC-20061027-0003 v2.0
269
Eth Commands
eth bridge dynvlan list
Display a dynamic VLAN membership entry.
SYNTAX:
eth bridge dynvlan list
RELATED COMMANDS:
Display the active MAC entries for the dynamic VLAN membership.
Add a dynamic VLAN membership entry.
Modify the dynamic VLAN membership configuration.
Delete a dynamic VLAN membership entry.
270
E-DOC-CTC-20061027-0003 v2.0
Eth Commands
eth bridge flush
Flush bridge interfaces and parameters.
i
The flush command does not impact previously saved configurations.
SYNTAX:
eth bridge flush
E-DOC-CTC-20061027-0003 v2.0
271
Eth Commands
eth bridge ifadd
Add a new bridge interface.
SYNTAX:
eth bridge ifadd where: brname intf
[brname = <{bridge}>] intf = <string>
The name of a bridge instance.
The name of the new bridge interface.
OPTIONAL
REQUIRED
RELATED COMMANDS:
Delete a bridge interface.
Display the current bridge interfaces.
272
E-DOC-CTC-20061027-0003 v2.0
Eth Commands
eth bridge ifattach
Attach a bridge interface.
SYNTAX:
eth bridge ifattach where: brname intf
[brname = <{bridge}>] intf = <string>
The name of a bridge instance.
The name of the bridge interface to be attached.
OPTIONAL
REQUIRED
RELATED COMMANDS:
Detach a bridge interface.
E-DOC-CTC-20061027-0003 v2.0
273
Eth Commands
eth bridge ifconfig
Modify a bridge interface configuration.
SYNTAX:
eth bridge ifconfig [brname = <{bridge}>] intf = <string>
[dest = <string>]
[portstate = <{disabled | learning | forwarding}>]
[retry = <number{0-65535}>]
[prioconfig = <{disabled|overwrite|increase}>]
[vlan = <string>]
[ipprec = <{disabled|precedence|dscp}>]
[priority = <number{0-7}>]
[regenprio = <string>]
[ingressfiltering = <{disabled | enabled}>]
[acceptvlanonly = <{disabled | enabled}>]
[mcastfilter = <{disabled|enabled}>]
[dynvlan = <{disabled|enabled}>]
[igmpsnooping = <{disabled|enabled}>] where: brname intf dest portstate retry vlan prioconfig
The name of a bridge instance.
The name of the bridge interface to be configured.
The destination for this interface.
Typically an ATM or a physical interface name.
The bridge portstate for this interface.
Choose between:
>
disabled
>
learning
>
forwarding.
The default is
forwarding
.
A number between 0 and 65535.
Represents the number of times the Thomson ST retries to set up a WAN connection before giving up.
The default is
10
.
Select the default VLAN.
The priority configuration for this interface.
OPTIONAL
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
274
Eth Commands ipprec priority regenprio ingressfiltering acceptvlanonly mcastfilter dynvlan igmpsnooping
The IP precedence for this interface.
Choose between:
>
disabled
>
precedence
>
dscp.
The default is
disabled
.
A number between 0 and 7.
Represents the default priority for tagging egress packets.
The default is
0
.
The priority regeneration table for tagged ingress packets.
The default is
01234567
.
Enable/disable discard of tagged ingress packets if the interface is not part of the VLAN.
The default is
disabled
.
Enable or disable receipt of tagged ingress packets.
The default is
disabled
.
Enable or disable the discard of multicast packets on this port
The default is
disabled
.
Enable or disable dynamic VLAN membership checking for this interface.
The default is
disabled
.
Enable or disable IGMP snooping for this interface.
The default is
disabled
.
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
275
Eth Commands
eth bridge ifdelete
Delete a bridge interface.
SYNTAX:
eth bridge ifdelete where: brname intf
[brname = <{bridge}>] intf = <string>
The name of a bridge instance.
The name of the bridge interface name to be deleted.
OPTIONAL
REQUIRED
RELATED COMMANDS:
Add a new bridge interface.
Display the current bridge interfaces.
276
E-DOC-CTC-20061027-0003 v2.0
Eth Commands
eth bridge ifdetach
Detach a bridge interface.
SYNTAX:
eth bridge ifdetach where: brname intf
[brname = <{bridge}>] intf = <string>
The name of a bridge instance.
The name of the bridge interface to be detached.
RELATED COMMANDS:
Attach a bridge interface.
OPTIONAL
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
277
Eth Commands
eth bridge iflist
Display the current bridge interfaces.
SYNTAX:
eth bridge iflist [brname = <{bridge}>]
[intf = <string>]
[string = <string>]
[beginstring = <string>] where: brname intf string beginstring
RELATED COMMANDS:
The name of a bridge instance.
The name of the bridge interface to be displayed.
Note
If not specified, all bridge interfaces are shown.
String matching condition
Beginstring matching condition
Add a new bridge interface.
Delete a bridge interface.
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
278
E-DOC-CTC-20061027-0003 v2.0
Eth Commands
eth bridge ifflush
Flush the bridge interfaces: detach/delete all interfaces.
SYNTAX:
eth bridge ifflush where: brname
[brname = <{bridge}>]
The name of a bridge instance.
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
279
Eth Commands
eth bridge igmpsnooping config
Configure the bridge instance‘s IGMP Snooping flags
Syntax
eth bridge igmpsnooping config [brname = <{bridge}>]
[state = <{enabled|disabled}>]
[floodrp = <{disabled|enabled}>]
[floodmcast = <{disabled|enabled}>] where: brname state floodrp floodmcast
The name of a bridge instance
Enable/Disable the IGMP Snooping
The default is
enabled
Enable/Disable flooding reports to all ports
The default is
disabled
Enable/Disable flooding unregistered multicasts
The default is
disabled
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
280
E-DOC-CTC-20061027-0003 v2.0
Eth Commands
eth bridge igmpsnooping list
Display a bridge instance‘s snooped groups.
Syntax
eth bridge igmpsnooping list where: brname
[brname = <{bridge}>]
The name of a bridge instance OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
281
Eth Commands
eth bridge igmpsnooping ifconfig
Configure the bridge interface‘s IGMP snooping flags and mode.
Syntax
eth bridge igmpsnooping ifconfig [brname = <{bridge}>] intf = <{interface}>
[portmode = <{Host|Router|Auto}>]
[fastleave = <{disabled|enabled}>]
[exptrack = <{disabled|enabled}>]
[mrdp = <{disabled|enabled}>]
[rgmp = <{disabled|enabled}>] where: brname intf portmode fastleave exptrack mrdp rgmp
The bridge instance currently to be configured
The bridge interface currently to be configured
Mode of the bridge port
Enable/Disable Fast Immediate Leave
Enable/Disable Explicit Host Tracking
Enable/Disable MRDP support
Enable/Disable RGMP support
OPTIONAL
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
282
E-DOC-CTC-20061027-0003 v2.0
Eth Commands
eth bridge igmpsnooping iflist
Display a bridge interface‘s IGMP status
Syntax
Display bridge interface IGMP status where: brname intf
The name of a bridge instance
The name of the bridge interface
[brname = <{bridge}>]
[intf = <{interface}>]
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
283
Eth Commands
eth bridge igmpsnooping clear
Clear the snooping statistics.
Syntax
eth bridge igmpsnooping clear [brname = <{bridge}>]
[intf = <{interface}>] where: brname intf
The name of a bridge instance
The name of the bridge interface
OPTIONAL
OPTIONAL
284
E-DOC-CTC-20061027-0003 v2.0
Eth Commands
eth bridge macadd
Add a static MAC address to a bridge interface.
This command allows to manually add static MAC addresses, which should normally be dynamically discovered by the bridge itself.
SYNTAX:
eth bridge macadd [brname = <{bridge}>] intf = <string> hwaddr = <hardware-address>
[vlan = <string>] where: brname intf hwaddr vlan
The name of a bridge instance.
The name of the bridge interface to which the MAC address must be added.
The Ethernet MAC address of the new entry.
The VLAN.
OPTIONAL
REQUIRED
REQUIRED
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
285
Eth Commands
EXAMPLE:
=>eth bridge maclist
00:10:a4:ad:32:cf -- dynamic, ethport1, 300 seconds
00:90:d0:8b:fc:2c -- permanent
01:00:5e:00:00:67 -- static
01:00:5e:7f:ff:fa -- static
01:80:c2:00:00:00 -- permanent
01:80:c2:00:00:01 -- permanent
01:80:c2:00:00:02 -- permanent
01:80:c2:00:00:03 -- permanent
...
01:80:c2:00:00:0e -- permanent
01:80:c2:00:00:0f -- permanent
01:80:c2:00:00:10 -- permanent ff:ff:ff:ff:ff:ff -- permanent
=>eth bridge macadd intf=ethport2 hwaddr=00:80:9f:01:23:45
=>eth bridge maclist
00:0d:9d:47:dd:aa -- dynamic, ethport1, 300 seconds
00:80:9f:01:23:45 -- static
00:90:d0:72:88:64 -- permanent
01:00:5e:00:00:67 -- static
01:00:5e:7f:ff:fa -- static
01:80:c2:00:00:00 -- permanent
01:80:c2:00:00:01 -- permanent
01:80:c2:00:00:02 -- permanent
01:80:c2:00:00:03 -- permanent
01:80:c2:00:00:0e -- permanent
01:80:c2:00:00:0f -- permanent
01:80:c2:00:00:10 -- permanent ff:ff:ff:ff:ff:ff -- permanent
=>
RELATED COMMANDS:
Remove a MAC address from the filtering database.
Display the MAC address database.
286
E-DOC-CTC-20061027-0003 v2.0
Eth Commands
eth bridge macdelete
Remove a MAC address from the filtering database.
SYNTAX:
eth bridge macdelete [brname = <{bridge}>] hwaddr = <hardware-address>
[vlan = <string>] where: brname hwaddr vlan
The name of a bridge instance.
The Ethernet MAC address of the entry to be deleted.
The VLAN.
EXAMPLE:
=>eth bridge maclist
00:0d:9d:47:dd:aa -- dynamic, ethport1
00:80:9f:01:23:45 -- static
00:90:d0:72:88:64 -- permanent
01:00:5e:00:00:67 -- static
01:00:5e:7f:ff:fa -- static
01:80:c2:00:00:00 -- permanent
01:80:c2:00:00:01 -- permanent
01:80:c2:00:00:02 -- permanent
01:80:c2:00:00:03 -- permanent
...
01:80:c2:00:00:0e -- permanent
01:80:c2:00:00:0f -- permanent
01:80:c2:00:00:10 -- permanent ff:ff:ff:ff:ff:ff -- permanent
=>eth bridge macdelete hwaddr=00:80:9f:01:23:45
=>eth bridge maclist
00:0d:9d:47:dd:aa -- dynamic, ethport1
00:90:d0:72:88:64 -- permanent
01:00:5e:00:00:67 -- static
01:00:5e:7f:ff:fa -- static
01:80:c2:00:00:00 -- permanent
01:80:c2:00:00:01 -- permanent
01:80:c2:00:00:02 -- permanent
01:80:c2:00:00:03 -- permanent
01:80:c2:00:00:0e -- permanent
01:80:c2:00:00:0f -- permanent
01:80:c2:00:00:10 -- permanent ff:ff:ff:ff:ff:ff -- permanent
=>
OPTIONAL
REQUIRED
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
287
RELATED COMMANDS:
Add a static MAC address to a bridge interface.
Display the MAC address database.
Eth Commands
288
E-DOC-CTC-20061027-0003 v2.0
Eth Commands
eth bridge maclist
Display the MAC address database.
SYNTAX:
eth bridge maclist where: brname
[brname = <{bridge}>]
The name of a bridge instance.
EXAMPLE:
=>eth bridge maclist
00:0d:9d:47:dd:aa -- dynamic, ethport1, 300 seconds
00:90:d0:72:88:64 -- permanent
01:00:5e:00:00:67 -- static
01:00:5e:7f:ff:fa -- static
01:80:c2:00:00:00 -- permanent
01:80:c2:00:00:01 -- permanent
01:80:c2:00:00:02 -- permanent
01:80:c2:00:00:03 -- permanent
01:80:c2:00:00:04 -- permanent
01:80:c2:00:00:05 -- permanent
01:80:c2:00:00:06 -- permanent
01:80:c2:00:00:07 -- permanent
01:80:c2:00:00:08 -- permanent
01:80:c2:00:00:09 -- permanent
01:80:c2:00:00:0a -- permanent
01:80:c2:00:00:0b -- permanent
01:80:c2:00:00:0c -- permanent
01:80:c2:00:00:0d -- permanent
01:80:c2:00:00:0e -- permanent
01:80:c2:00:00:0f -- permanent
01:80:c2:00:00:10 -- permanent ff:ff:ff:ff:ff:ff -- permanent
=>
RELATED COMMANDS:
Add a static MAC address to a bridge interface.
Remove a MAC address from the filtering database.
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
289
Eth Commands
eth bridge mcdadd
Add a multicast group to be dropped to the database.
SYNTAX:
eth bridge mcdadd [brname = <{bridge}>] srcintfs = <string or combination of strings separated by '+'}> dstintfs = <string or combination of strings separated by '+'}> where: brname srcports dstports
The name of a bridge instance.
The source bridge interfaces from which multicast packets must be dropped.
The destination bridge interfaces for which the multicast packets must be dropped.
OPTIONAL
REQUIRED
REQUIRED
RELATED COMMANDS:
Delete a multicast group to be dropped from the database.
Display the multicast group to be dropped from the database.
290
E-DOC-CTC-20061027-0003 v2.0
Eth Commands
eth bridge mcddelete
Delete a multicast group to be dropped from the database.
SYNTAX:
eth bridge mcddelete where: brname
[brname = <{bridge}>]
The name of a bridge instance.
RELATED COMMANDS:
OPTIONAL
Add a multicast group to be dropped to the database.
Display the multicast group to be dropped from the database.
E-DOC-CTC-20061027-0003 v2.0
291
Eth Commands
eth bridge mcdlist
Display the multicast group to be dropped from the database.
SYNTAX:
eth bridge mcdlist
RELATED COMMANDS:
Add a multicast group to be dropped to the database.
Delete a multicast group to be dropped from the database.
292
E-DOC-CTC-20061027-0003 v2.0
Eth Commands
eth bridge rule add
Add a new constraint to the VLAN learning system.
SYNTAX:
eth bridge rule add type = <{shared | independent}> vlan = <string>
[vlan2 = <string>]
[isi = <number{0-32}>] where: type vlan vlan2 isi
Type of constraint.
Choose between:
>
shared
>
independent.
The VLAN to which the constraint belongs.
The second VLAN for a shared constraint.
Note
This parameter is required when type is
shared
.
A number between 0 and 32.
Represents the Independent Set ID (ISI) for an independent constraint.
Note
This parameter is required when type is
independent
.
REQUIRED
REQUIRED
OPTIONAL
OPTIONAL
EXAMPLE:
=>eth bridge rule add type=independant vlan=default isi=1
=>eth bridge rule list
Index
-----
Type
----
VLAN
----
Parameter
---------
1
=> independant default Independent set identifier: 1
RELATED COMMANDS:
Delete a constraint from the VLAN learning system.
Display all constraints from the VLAN learning system.
E-DOC-CTC-20061027-0003 v2.0
293
Eth Commands
eth bridge rule delete
Delete a constraint from the VLAN learning system.
SYNTAX:
eth bridge rule delete where: index index = <number{0-32}>
Index of the constraint to be deleted.
Tip
Use the command
:eth bridge rule list to obtain a list of the indexes of the constraints.
EXAMPLE:
=>eth bridge rule list
Index Type VLAN
-----
1
---independant
---default
=>eth bridge rule delete index=1
=>eth bridge rule list
Index
-----
=>
Type
----
VLAN
----
RELATED COMMANDS:
Parameter
---------
Independent set identifier: 1
Parameter
---------
Add a new constraint to the VLAN learning system.
Display all constraints from the VLAN learning system.
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
294
Eth Commands
eth bridge rule flush
Flush all constraints from the VLAN learning system.
SYNTAX:
eth bridge rule flush
E-DOC-CTC-20061027-0003 v2.0
295
Eth Commands
eth bridge rule list
Display all constraints from the VLAN learning system.
SYNTAX:
eth bridge rule list
EXAMPLE:
=>eth bridge rule list
Index Type VLAN
-----
1
=>
---independant
---default
RELATED COMMANDS:
Parameter
---------
Independent set identifier: 1
Add a new constraint to the VLAN learning system.
Delete a constraint from the VLAN learning system.
296
E-DOC-CTC-20061027-0003 v2.0
Eth Commands
eth bridge vlan ifadd
Add a bridge interface to a VLAN.
SYNTAX:
eth bridge vlan ifadd name = <string> intf = <string>
[untagged = <{disabled | enabled}>] where: name intf untagged
RELATED COMMANDS:
The VLAN name to which a bridge interface must be added.
The name of the bridge interface to be added to the VLAN.
Enable or disable the interface as untagged for this VLAN.
The default is
disabled
.
Modify a bridge interface from a VLAN.
Delete a bridge interface from a VLAN.
Display all VLANs.
REQUIRED
REQUIRED
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
297
Eth Commands
eth bridge vlan ifconfig
Modify a bridge interface from a VLAN.
SYNTAX:
eth bridge vlan ifconfig name = <string> intf = <string> untagged = <{disabled | enabled}> where: name intf untagged
RELATED COMMANDS:
The VLAN name for which a bridge interface must be modified.
The name of the bridge interface to be modified.
Enable or disable the interface as untagged for this VLAN.
REQUIRED
REQUIRED
REQUIRED
Add a bridge interface to a VLAN.
Delete a bridge interface from a VLAN.
Display all VLANs.
298
E-DOC-CTC-20061027-0003 v2.0
Eth Commands
eth bridge vlan ifdelete
Delete a bridge interface from a VLAN.
SYNTAX:
eth bridge vlan ifdelete where: name intf name = <string> intf = <string>
The VLAN name for which a bridge interface must be deleted.
The name of the bridge interface to be deleted.
REQUIRED
REQUIRED
RELATED COMMANDS:
Add a bridge interface to a VLAN.
Modify a bridge interface from a VLAN.
Display all VLANs.
E-DOC-CTC-20061027-0003 v2.0
299
eth bridge vlan iflist
Display all VLANs.
SYNTAX:
eth bridge vlan iflist
RELATED COMMANDS:
Add a bridge interface to a VLAN.
Modify a bridge interface from a VLAN.
Delete a bridge interface from a VLAN.
Eth Commands
300
E-DOC-CTC-20061027-0003 v2.0
Eth Commands
eth device ifconfig
Configure an Ethernet interface.
SYNTAX:
eth device ifconfig where: intf type state intf = <string>
[type = <{auto | 10BaseTHD | 10BaseTFD |
100BaseTHD| 100BaseTFD} or number>]
[state = <{enabled | disabled}>]
The name of a physical interface.
The Ethernet type.
Select either:
>
auto
: Auto negotiation of Ethernet communication speed
(10Mb/s or 100Mb/s) and Duplex mode (half duplex or full duplex).
>
10BaseTHD
: 10Mb/s communication speed in half duplex mode.
>
10BaseTFD
: 10Mb/s communication speed in full duplex mode.
>
100BaseTHD
: 100Mb/s communication speed in half duplex mode.
>
100BaseTFD
: 100Mb/s communication speed in full duplex mode.
or enter a number between 0 (auto) and 5 (100BaseTFD).
The default is
auto
.
Note
This value should never be changed, except in case of communication problems.
Enable or disable the interface.
The default is
enabled
.
REQUIRED
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
301
EXAMPLE:
=>eth device iflist
Interface ethif1 ethif2 ethif3 ethif4
Type auto auto auto auto
Result
100BaseTFD
100BaseTFD
100BaseTFD
100BaseTFD usbif1
=>eth device ifconfig intf=ethif4 state=disabled
State
UP [forwarding]
UP [forwarding]
UP [forwarding]
UP [forwarding]
UP [forwarding]
=>eth device iflist
Interface Type ethif1 ethif2 ethif3 ethif4 usbif1
=> auto auto auto auto
Result
100BaseTFD
100BaseTFD
100BaseTFD
100BaseTFD
State
UP [forwarding]
UP [forwarding]
UP [forwarding]
DOWN [disabled]
UP [forwarding]
RELATED COMMANDS:
eth device iflist Show status of Ethernet interfaces.
Eth Commands
302
E-DOC-CTC-20061027-0003 v2.0
Eth Commands
eth device iflist
Show status of Ethernet interfaces.
SYNTAX:
eth device iflist
EXAMPLE:
=>eth device iflist
Interface Type ethif1 ethif2 auto auto ethif3 ethif4 usbif1 wlif1 auto auto wlif2 wlif3 wlif4 wlif5
=>
Result
100BaseTFD
100BaseTFD
100BaseTFD
100BaseTFD
State
UP [forwarding]
UP [forwarding]
UP [forwarding]
UP [forwarding]
UP [forwarding]
UP [forwarding]
UP [forwarding]
UP [forwarding]
UP [forwarding]
UP [forwarding]
DESCRIPTION:
>
Type
: Indicates the configured Ethernet communication speed and duplex mode.
>
Result
: Indicates the effective operating status if Type equals “auto”. In other cases, when the Ethernet types do NOT match, Result Type will equal “unknown” and no Ethernet connectivity will exist.
RELATED COMMANDS:
eth device ifconfig Configure an Ethernet interface.
E-DOC-CTC-20061027-0003 v2.0
303
eth switch group flush
Set all the ports to the default settings.
All the ports are placed in group 0.
SYNTAX:
eth switch group flush
EXAMPLE:
=>eth switch group list
Group 0 Ports: 4
Group 1 Ports: 1
Group 2 Ports: 2 3
=>eth switch group flush
=>eth switch group list
Group 0 Ports: 1 2 3 4
=>
RELATED COMMANDS:
List all the configured switch groups.
Move a specified port to a specified switch group.
Eth Commands
304
E-DOC-CTC-20061027-0003 v2.0
Eth Commands
eth switch group list
List all the configured switch groups.
SYNTAX:
eth switch group list
EXAMPLE:
=>eth switch group list
Group 0 Ports: 4
Group 1 Ports: 1
Group 2 Ports: 2 3
=>
RELATED COMMANDS:
Set all the ports to the default settings.
Move a specified port to a specified switch group.
E-DOC-CTC-20061027-0003 v2.0
305
Eth Commands
eth switch group move
Move a specified port to a specified switch group.
SYNTAX:
eth switch group move where: group port group = <number{0-3}> port = <number{1-4}>
A number between 0 and 4.
Represents the group ID to which the port must be moved.
A number between 01 and 4.
Represents the port to be moved.
EXAMPLE:
=>eth switch group list
Group 0 Ports: 1 2 3 4
=>eth switch group move group=3 port=1
=>eth switch group list
Group 0 Ports: 2 3 4
Group 3 Ports: 1
=>
RELATED COMMANDS:
Set all the ports to the default settings.
List all the configured switch groups.
REQUIRED
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
306
Eth Commands
eth switch mirror capture
Define the specified port to be the Mirror Capture Port.
i
Only one port can be the Mirror Capture Port at any one time.
SYNTAX:
eth switch mirror capture where: port port = <number{1-4}>
The port to be the Mirror Capture Port.
Note
If no port number is specified, then the port number of the Mirror Capture Port is shown.
REQUIRED
EXAMPLE:
=>eth switch mirror capture port=2
=>eth switch mirror capture
Mirror capture port = 2
=>
RELATED COMMANDS:
Enable or disable the specified port to be the Mirror Egress Port.
Enable or disable the specified port to be the Mirror Ingress Port.
E-DOC-CTC-20061027-0003 v2.0
307
Eth Commands
eth switch mirror egress
Enable or disable the specified port to be the Mirror Egress Port.
i
Only one port can be the Mirror Egress Port at any one time.
But a port can be the Mirror Egress Port and the
Mirror Ingress Port at the same time.
SYNTAX:
eth switch mirror egress where: port state port = <number{1-4}>
[state = <{enabled | disabled}>]
The port to be the Mirror Egress Port.
Note
If no port number is specified, then the port number of the current Mirror Egress Port is shown.
Enable or disable the port as Mirror Egress Port.
The default is
enabled
.
REQUIRED
OPTIONAL
EXAMPLE:
Here port 1 is enabled as Mirror Egress Port
=>eth switch mirror egress port=1
=>eth switch mirror egress
Egress mirror port = 1
=>
Here port 1 is disabled as Mirror Egress Port
=>eth switch mirror egress
Egress mirror port = 1
=>eth switch mirror egress port=1 state=disabled
=>eth switch mirror egress
=>
RELATED COMMANDS:
Define the specified port to be the Mirror Capture Port.
Enable or disable the specified port to be the Mirror Ingress Port.
E-DOC-CTC-20061027-0003 v2.0
308
Eth Commands
eth switch mirror ingress
Enable or disable the specified port to be the Mirror Ingress Port.
i
Only one port can be the Mirror Ingress Port at any one time.
But a port can be the Mirror Egress Port and the
Mirror Ingress Port at the same time.
SYNTAX:
eth switch mirror ingress where: port state port = <number{1-4}>
[state = <{enabled | disabled}>]
The port to be the Mirror Ingress Port.
Note
If no port number is specified, then the port number of the current Mirror Ingress Port is shown.
Enable or disable the port as Mirror Ingress Port.
The default is
enabled
.
REQUIRED
OPTIONAL
EXAMPLE:
Here port 2 is enabled as Mirror Ingress Port
=>eth switch mirror ingress port=2
=>eth switch mirror ingress
Ingress mirror port = 2
=>
Here port 2 is disabled as Mirror Ingress Port
=>eth switch mirror ingress
Ingress mirror port = 2
=>eth switch mirror ingress port=2 state=disabled
=>eth switch mirror ingress
=>
RELATED COMMANDS:
Define the specified port to be the Mirror Capture Port.
Enable or disable the specified port to be the Mirror Egress Port.
E-DOC-CTC-20061027-0003 v2.0
309
Eth Commands
eth switch share add
Add a port to be shared.
SYNTAX:
eth switch share add where: port shared port = <number{1-4}> shared = <number{1-4}>
A number between 1 and 4.
Represents the port.
A number between 1 and 4.
Represents the shared port.
RELATED COMMANDS:
Delete a shared port.
Display shared ports.
REQUIRED
REQUIRED
310
E-DOC-CTC-20061027-0003 v2.0
Eth Commands
eth switch share delete
Delete a shared port.
SYNTAX:
eth switch share delete where: port shared port = <number{1-4}> shared = <number{1-4}>
A number between 1 and 4.
Represents the port.
A number between 1 and 4.
Represents the shared port.
RELATED COMMANDS:
Add a port to be shared.
Display shared ports.
REQUIRED
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
311
eth switch share list
Display shared ports.
SYNTAX:
eth switch share list
RELATED COMMANDS:
Add a port to be shared.
Delete a shared port.
Eth Commands
312
E-DOC-CTC-20061027-0003 v2.0
Eth Commands
eth switch info
Display switch capabilities.
SYNTAX:
eth switch info
RELATED COMMANDS:
Not applicable
E-DOC-CTC-20061027-0003 v2.0
313
Eth Commands
eth switch qos config
Configure common qos parameters.
SYNTAX:
eth switch qos config state = <disabled|enabled>
[nbrOfQueues = <number{0-4}>]
[realtime = <disabled|enabled>] where: state nbrOfQueues realtime
RELATED COMMANDS:
Enable or disable QoS
Number of QoS queues
Enable or disable real time
Configure per port QoS parameters.
Display QoS configuration.
Configure the queue weights.
REQUIRED
OPTIONAL
OPTIONAL
314
E-DOC-CTC-20061027-0003 v2.0
Eth Commands
eth switch qos ifconfig
Configure per port QoS parameters.
SYNTAX:
eth switch qos ifconfig port = <number{1-4}> mode = <802.1p|diffserv|high|none|tos>
[flowcontrol = <disabled|enabled>] where:
Port
Mode
Fowcontrol
RELATED COMMANDS:
Port to be configured
QoS Classifier for the port
Enable or disable flow control
Configure common qos parameters.
Display QoS configuration.
Configure the queue weights.
REQUIRED
REQUIRED
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
315
eth switch qos list
Display QoS configuration.
SYNTAX:
eth switch qos list
RELATED COMMANDS:
Configure common qos parameters.
Configure per port QoS parameters.
Configure the queue weights.
Eth Commands
316
E-DOC-CTC-20061027-0003 v2.0
Eth Commands
eth switch qos weights
Configure the queue weights.
SYNTAX:
eth switch qos weights where:
QueueX queue0 = <number{0-100}> queue1 = <number{0-100}> queue2 = <number{0-100}> queue3 = <number{0-100}>
The weight of queue X in WFQ (percentage)
X=1 through 4
RELATED COMMANDS:
Configure common qos parameters.
Configure per port QoS parameters.
Display QoS configuration.
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
317
Eth Commands
eth switch shaper config
Configure common ingress shaper parameters.
SYNTAX:
eth switch shaper config shaper = <number{0-1}>
[unicast = <disabled|enabled>]
[multicast = <disabled|enabled>]
[broadcast = <disabled|enabled>]
[control = <disabled|enabled>]
[unknown = <disabled|enabled>]
[discard = <disabled|enabled>] where: shaper unicast multicast broadcast control unknown discard
The shaper instance
Shape unicast traffic.
Shape multicast traffic.
Shape broadcast traffic.
Shape MAC control traffic.
Shape traffic with unknown destination address.
Discard frame at overflow (else attempt for flow control)
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
RELATED COMMANDS:
Configure per port shaper parameters.
Display shaper configuration per port.
318
E-DOC-CTC-20061027-0003 v2.0
Eth Commands
eth switch shaper ifconfig
Configure per port shaper parameters.
SYNTAX:
eth switch shaper ifconfig port = <number{1-4}> ingress = <disabled|enabled> shaper = <number{0-1}>
[state = <disabled|enabled>]
[speed = <number{64000-100000000}>]
[burstsize = <number{6-126}>] where: port ingress shaper state speed burstsize
RELATED COMMANDS:
Port number
Enabled: port is ingress port
Disabled: port is egress port
Shaper instance
Enable/disable shaping
Speed in bits/sec.
Burst size in KBytes
Configure common ingress shaper parameters.
Display shaper configuration per port.
REQUIRED
REQUIRED
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
319
eth switch shaper iflist
Display shaper configuration per port.
SYNTAX:
eth switch shaper iflist
RELATED COMMANDS:
Configure common ingress shaper parameters.
Configure per port shaper parameters.
Eth Commands
320
E-DOC-CTC-20061027-0003 v2.0
Eth Commands
eth switch storm ifconfig
Configure per port storm control parameters.
SYNTAX:
eth switch storm ifconfig port = <number{1-4}>
[state = <disabled|enabled>]
[rate = <{33|50|100|200}>]
[burstsize = <number{2-8}>]
[broadcast = <disabled|enabled>
[multicast = <disabled|enabled>]
[unknown = <disabled|enabled>] where: port state rate burstsize broadcast multicast unknown
Port number
Enable/disable storm control
Rate in 10ths of percent
Burst size in KBytes
Storm control for broadcast traffic
Storm control for multicast traffic
Storm control for traffic with unknown destination address
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
RELATED COMMANDS:
Display storm control configuration per port.
E-DOC-CTC-20061027-0003 v2.0
321
eth switch storm iflist
Display storm control configuration per port.
SYNTAX:
eth switch storm iflist
RELATED COMMANDS:
Configure per port storm control parameters.
Eth Commands
322
E-DOC-CTC-20061027-0003 v2.0
Eth Commands
eth vlan add
Add a new VLAN.
SYNTAX:
eth vlan add name = <string> vid = <number{2-4094}>
[addrule = <{disabled | enabled}>] where: name vid addrule
The new VLAN name.
A number representing the new VLAN ID.
Note
The ID 1 is reserved for the default VLAN.
Add (enabled) the default bridge constraint or not (disabled).
The default is
enabled
.
EXAMPLE:
1
2
=>eth vlan list
Vid Name
---
1
---default
=>eth vlan add name=myVLAN vid=2
=>eth vlan list
Vid
---
Name
---default myVLAN
=>
RELATED COMMANDS:
Delete a VLAN.
Display all VLANs.
REQUIRED
REQUIRED
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
323
Eth Commands
eth vlan delete
Delete a VLAN.
SYNTAX:
eth vlan delete where: name name = <string>
The name of the VLAN to be deleted.
EXAMPLE:
=>eth vlan list
Vid Name
---
1
---default
2 myVLAN
=>eth vlan delete name=myVLAN vid=2
=>eth vlan list
Vid Name
---
1
=>
---default
RELATED COMMANDS:
Add a new VLAN.
Display all VLANs.
REQUIRED
324
E-DOC-CTC-20061027-0003 v2.0
Eth Commands
eth vlan flush
Flush all VLANs.
i
All the VLANs, except the default VLAN will be flushed.
SYNTAX:
eth vlan flush
EXAMPLE:
=>eth vlan list
Vid Name
---
1
---default
2
3 myVLAN yourVLAN
=>eth vlan flush
=>eth vlan list
Vid
---
1
=>
Name
---default
E-DOC-CTC-20061027-0003 v2.0
325
eth vlan list
Display all VLANs.
SYNTAX:
eth vlan list
EXAMPLE:
=>eth vlan list
Vid Name
---
1
---default
2
=> myVLAN
RELATED COMMANDS:
Add a new VLAN.
Delete a VLAN.
Eth Commands
326
E-DOC-CTC-20061027-0003 v2.0
Expr Commands
15 Expr Commands
Introduction
This chapter describes the commands of the expr command group.
Contents
This chapter covers the following commands:
Add a subexpression to an expression.
E-DOC-CTC-20061027-0003 v2.0
327
Expr Commands
expr add
Add a subexpression to an expression.
SYNTAX:
expr add name = <string> type = <{intf | ip | serv}> addr [!]= <ip-range>
[intf [!]= <string>]
[intfgroup [!]= <{wan|local|lan|tunnel|dmz|guest} or number>]
[tos [!]= <number{0-255}>]
[precedence [!]= <IP precedence type> or <number>]
[dscp [!]= <DSCP name> or <number>]
[proto = <supported IP protocol name> or <number>]
[srcport [!]= <supported TCP/UDP port name> or <number>]
[srcportend = <supported TCP/UDP port name> or <number>]
[dstport [!]= <supported TCP/UDP port name> or <number>]
[dstportend = <supported TCP/UDP port name> or <number>]
[icmptype [!]= <supported ICMP type name> or <number>]
[icmpcode [!]= <number{0-15}>]
[icmpcodeend = <number{0-15}>] i
If a value is preceded by a “!”, it means NOT.
For example “intfgroup=!wan” means “if the interface group is different from WAN”.
where: name type addr intf
The name of an existing expression.
The expression type.
Choose between:
>
intf
>
ip
>
serv.
The IP address (or range). Supports ip/mask notation.
Note
Only for expression type
ip
.
The IP interface name.
Note
Only for expression type
intf
.
REQUIRED
REQUIRED
REQUIRED
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
328
Expr Commands intfgroup tos precedence dscp proto srcport srcportend dstport dstportend icmptype
E-DOC-CTC-20061027-0003 v2.0
The IP interface group.
Choose between:
>
wan
>
local
>
lan
>
tunnel
>
dmz
>
guest.
Note
Only for expression type
intf
.
A number between 0 and 255.
Represents the Type of Service (ToS) specification in the IP packet.
Note
The parameters
tos
,
precedence
and
dscp
are mutually exclusive.
The precedence in the IP packet (part of tos).
Select an IP precedence (see “ IP Precedence” on page 752 ) or,
alternatively, specify the number.
Note
The parameters
tos
,
precedence
and
dscp
are mutually exclusive.
The Differentiated Services Code Point (DSCP) in the IP packet
(part of tos).
Note
The parameters
tos
,
precedence
and
dscp
are mutually exclusive.
The protocol (name or number) expected in the IP packet.
Select one of the following protocols:
icmp
,
igmp
,
ipinip
,
tcp
,
udp
,
ah
,
esp
,
ipcomp
or, alternatively, specify the protocol number.
The TCP/UDP port (or beginning of range) the packet is coming from.
Select one of the supported TCP/UDP port names (see
“ Supported TCP/UDP Port Names” on page 747 ) or,
alternatively, specify the port number.
The source TCP/UDP port range end (inclusive).
Select one of the supported TCP/UDP port names (see
“ Supported TCP/UDP Port Names” on page 747 ) or,
alternatively, specify the port number.
The TCP/UDP port (or beginning of range) the packet is going to.
Select one of the supported TCP/UDP port names (see
“ Supported TCP/UDP Port Names” on page 747 ) or,
alternatively, specify the port number.
The destination TCP/UDP port range end. (inclusive).
Select one of the supported TCP/UDP port names (see
“ Supported TCP/UDP Port Names” on page 747 ) or,
alternatively, specify the port number.
The Internet Control Message Protocol (ICMP) type (name or number) of the packet.
Select one of the supported ICMP types (see “ Supported ICMP
) or, alternatively, specify the type number.
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
329
Expr Commands icmpcode icmpcodeend
A number between 0 and 15.
Represents the ICMP code (or beginning of range) of the packet.
A number between 0 and 15.
Represents the ICMP code range end (inclusive).
OPTIONAL
OPTIONAL
330
E-DOC-CTC-20061027-0003 v2.0
Expr Commands
EXAMPLE:
=>expr list name type use flags expression
------------------------------------------------------------------------------------------
_myPPP_ppp intf 0 D 1. intf=myPPP_ppp
_eth0 wan intf intf
0 D
0
1. intf=eth0
1. intfgroup=0 lan local notwan intf intf intf
28
0
1
1. intfgroup=2
1. intfgroup=1
1. intfgroup=2
2. intfgroup=1
_10.0.0.138
_192.168.1.254
ip ip
0 D
0 D
1. addr=10.0.0.138
1. addr=192.168.1.254
...
DiffServ sip h323 serv serv serv
0
1
1
1. dscp=!0
1. proto=17 dst-prt=5060
2. proto=6 dst-prt=5060
1. proto=6 dst-prt=1720
2. proto=17 dst-prt=1718
3. proto=17 dst-prt=1719
=>expr add name=myEXPR type=intf intf=Internet intfgroup=lan
=>expr list name type use flags expression
------------------------------------------------------------------------------------------
_myPPP_ppp intf 0 D 1. intf=myPPP_ppp
_eth0 wan intf intf
0 D
0
1. intf=eth0
1. intfgroup=0 lan local notwan intf intf intf
28
0
1
1. intfgroup=2
1. intfgroup=1
1. intfgroup=2 myEXPR
_10.0.0.138
_192.168.1.254
intf ip ip
0
0 D
0 D
2. intfgroup=1
1. intf=Internet intfgroup=2
1. addr=10.0.0.138
1. addr=192.168.1.254
...
DiffServ sip h323
1. dscp=!0
1. proto=17 dst-prt=5060
2. proto=6 dst-prt=5060
1. proto=6 dst-prt=1720
2. proto=17 dst-prt=1718
3. proto=17 dst-prt=1719
=> serv serv serv
0
1
1
RELATED COMMANDS:
E-DOC-CTC-20061027-0003 v2.0
331
Expr Commands
expr delete
Delete an expression.
SYNTAX:
expr delete name = <string>
[index = <number>] where: name index
The name of the expression to be deleted.
The index of the subexpression to be deleted.
Note
If not specified, all the subexpressions wil be deleted.
REQUIRED
OPTIONAL
332
E-DOC-CTC-20061027-0003 v2.0
Expr Commands
EXAMPLE:
=>expr list name type use flags expression
------------------------------------------------------------------------------------------
_myPPP_ppp intf 0 D 1. intf=myPPP_ppp
_eth0 wan intf intf
0 D
0
1. intf=eth0
1. intfgroup=0 lan local notwan intf intf intf
28
0
1
1. intfgroup=2
1. intfgroup=1
1. intfgroup=2
2. intfgroup=1 myEXPR
_10.0.0.138
_192.168.1.254
intf ip ip
0
0 D
0 D
1. intf=Internet intfgroup=2
1. addr=10.0.0.138
1. addr=192.168.1.254
...
DiffServ sip h323 serv serv serv
0
1
1
1. dscp=!0
1. proto=17 dst-prt=5060
2. proto=6 dst-prt=5060
1. proto=6 dst-prt=1720
2. proto=17 dst-prt=1718
3. proto=17 dst-prt=1719
=>expr delete name=myEXPR
=>expr list name
DiffServ sip h323 type serv serv serv use flags expression
------------------------------------------------------------------------------------------
_myPPP_ppp intf 0 D 1. intf=myPPP_ppp
_eth0 intf 0 D 1. intf=eth0 wan lan local notwan
_10.0.0.138
_192.168.1.254
intf intf intf intf ip ip
0
28
0
1
0 D
0 D
1. intfgroup=0
1. intfgroup=2
1. intfgroup=1
1. intfgroup=2
2. intfgroup=1
1. addr=10.0.0.138
1. addr=192.168.1.254
...
0
1
1
1. dscp=!0
1. proto=17 dst-prt=5060
2. proto=6 dst-prt=5060
1. proto=6 dst-prt=1720
2. proto=17 dst-prt=1718
3. proto=17 dst-prt=1719
=>
RELATED COMMANDS:
Add a subexpression to an expression.
E-DOC-CTC-20061027-0003 v2.0
333
expr flush
Flush all the expressions.
SYNTAX:
expr flush
Expr Commands
334
E-DOC-CTC-20061027-0003 v2.0
Expr Commands
expr list
List the expressions.
SYNTAX:
expr list [name = <string>]
[type = <{intf | ip | serv}>]
[format = <{pretty | cli}>]
[string = <string>]
[beginstring = <string>] where: name type format string
The name of an existing expression.
Note
If not specified, all the expressions will be listed.
The expression type.
Choose between:
>
intf
>
ip
>
serv.
Note
If not specified, the expressions of all types will be shown.
Select the output format of the list.
Choose between:
>
pretty
: the expressions are shown as intuitive output in clear text.
>
cli
: the expressions are shown via the CLI commands configuration.
The default is
pretty
.
String matching condition
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
335
EXAMPLE 1:
=>expr list name
_LocalNetwork
HTTPI_if_0 type intf intf use flags expression
------------------------------------------------------------------------------------------
_Internet intf 0 D 1. intf=Internet
0 D
1 D
1. intf=LocalNetwork
1. intf=LocalNetwork
2. intf=LocalNetwork
3. intf=LocalNetwork
HTTP_if_0
HTTPs_if_0
FTP_if_0
TELNET_if_0
DNS-S_if_0
SNMP_AGENT_if_0
PING_RESPONDER_if_0 wan lan local
_10.0.0.138
_192.168.1.254
private intf intf intf intf intf intf intf intf intf intf ip ip ip
1 D
1 D
1 D
1 D
1 D
1 D
1 D
1
2
0
0 D
0 D
0
1. intfgroup=2
1. intfgroup=2
1. intfgroup=2
1. intfgroup=2
1. intfgroup=2
1. intfgroup=2
1. intfgroup=2
1. intfgroup=0
1. intfgroup=2
1. intfgroup=1
1. addr=10.0.0.138
1. addr=192.168.1.254
1. addr=10.0.0.0/8
2. addr=172.[16-31].*.*
3. addr=192.168.1.0/24
1. addr=239.255.255.250
ssdp_ip mdap_ip
HTTP_sv_0
HTTPs_sv_0
FTP_sv_0
TELNET_sv_0
RIP_sv_0 ip ip serv serv serv serv serv
1
1
1 D
1 D
1 D
1 D
1 D
1. addr=224.0.0.103
1. proto=6 dst-prt=80
1. proto=6 dst-prt=443
1. proto=6 dst-prt=21
1. proto=6 dst-prt=23
1. proto=17 src-prt=520 dst-prt=520
1. proto=17 dst-prt=520
1. proto=17 dst-prt=53
RIP-Query_sv_0
DNS-S_sv_0
SNMP_AGENT_sv_0
RAS_sv_0
SRAS_sv_0
ICMP_LISTEN_sv_0
SENDTO_LISTEN_sv_0
PING_RESPONDER_sv_0 serv serv serv serv serv serv serv serv
1 D
1 D
1 D
1 D
1 D
1 D
1 D
1 D
1. proto=17 dst-prt=161
1. proto=6 dst-prt=80
1. proto=6 dst-prt=443
1. proto=1
1. proto=17
1. proto=1 icmp-type=8
1. proto=6 dst-prt=8080
1. proto=1
HTTPI_sv_0 icmp igmp ftp telnet http httpproxy https
RPC
NBT serv serv serv serv serv serv serv serv serv serv
1
1
1
1
0
0
2
0
1 D
1
1. proto=2
1. proto=6 dst-prt=21
1. proto=6 dst-prt=23
1. proto=6 dst-prt=80
1. proto=6 dst-prt=8080
1. proto=6 dst-prt=443
1. proto=6 dst-prt=135
1. proto=17 dst-prt=137
SMB imap imap3 imap4-ssl imaps pop2 pop3 pop3s smtp ssh dns nntp ipsec serv serv serv serv serv serv serv serv serv serv serv serv serv
0
1
1
1
1
1
1
1
1
0
1
0
0
2. proto=17 dst-prt=138
3. proto=6 dst-prt=139
1. proto=6 dst-prt=445
1. proto=6 dst-prt=143
1. proto=6 dst-prt=220
1. proto=6 dst-prt=585
1. proto=6 dst-prt=993
1. proto=6 dst-prt=109
1. proto=6 dst-prt=110
1. proto=6 dst-prt=995
1. proto=6 dst-prt=25
1. proto=6 dst-prt=22
1. proto=6 dst-prt=53
2. proto=17 dst-prt=53
1. proto=6 dst-prt=119
1. proto=51 esp ah ike
DiffServ sip h323 dhcp rtsp ssdp_serv mdap_serv
=> serv serv serv serv serv serv serv serv serv serv
1
1
1
0
1
1
1
1
1
1
2. proto=50
3. proto=17 src-prt=500 dst-prt=500
1. proto=50
1. proto=51
1. proto=17 dst-prt=500
1. dscp=!0
1. proto=17 dst-prt=5060
2. proto=6 dst-prt=5060
1. proto=6 dst-prt=1720
2. proto=17 dst-prt=1718
3. proto=17 dst-prt=1719
1. proto=17 dst-prt=68
2. proto=17 dst-prt=67
1. proto=17 dst-prt=554
2. proto=6 dst-prt=554
1. proto=17 dst-prt=1900
1. proto=17 dst-prt=3235
Expr Commands
E-DOC-CTC-20061027-0003 v2.0
336
Expr Commands
EXAMPLE 2:
=>expr list format=cli
:expr add name=_Internet type=intf intf=Internet
:expr add name=_LocalNetwork type=intf intf=LocalNetwork
:expr add name=HTTPI_if_0 type=intf intf=LocalNetwork
:expr add name=HTTPI_if_0 type=intf intf=LocalNetwork
:expr add name=HTTPI_if_0 type=intf intf=LocalNetwork
:expr add name=HTTP_if_0 type=intf intfgroup=lan
:expr add name=HTTPs_if_0 type=intf intfgroup=lan
:expr add name=FTP_if_0 type=intf intfgroup=lan
:expr add name=TELNET_if_0 type=intf intfgroup=lan
:expr add name=DNS-S_if_0 type=intf intfgroup=lan
:expr add name=SNMP_AGENT_if_0 type=intf intfgroup=lan
:expr add name=PING_RESPONDER_if_0 type=intf intfgroup=lan
:expr add name=wan type=intf intfgroup=wan
:expr add name=lan type=intf intfgroup=lan
:expr add name=local type=intf intfgroup=local
:expr add name=_10.0.0.138 type=ip addr=10.0.0.138
:expr add name=_192.168.1.254 type=ip addr=192.168.1.254
:expr add name=private type=ip addr=10.0.0.0/8
:expr add name=private type=ip addr=172.[16-31].*.*
:expr add name=private type=ip addr=192.168.1.0/24
:expr add name=ssdp_ip type=ip addr=239.255.255.250
:expr add name=mdap_ip type=ip addr=224.0.0.103
:expr add name=HTTP_sv_0 type=serv proto=tcp dstport=www-http
:expr add name=HTTPs_sv_0 type=serv proto=tcp dstport=443
:expr add name=FTP_sv_0 type=serv proto=tcp dstport=ftp
:expr add name=TELNET_sv_0 type=serv proto=tcp dstport=telnet
:expr add name=RIP_sv_0 type=serv proto=udp srcport=rip dstport=rip
:expr add name=RIP-Query_sv_0 type=serv proto=udp dstport=rip
:expr add name=DNS-S_sv_0 type=serv proto=udp dstport=dns
:expr add name=SNMP_AGENT_sv_0 type=serv proto=udp dstport=snmp
:expr add name=RAS_sv_0 type=serv proto=tcp dstport=www-http
:expr add name=SRAS_sv_0 type=serv proto=tcp dstport=443
:expr add name=ICMP_LISTEN_sv_0 type=serv proto=icmp
:expr add name=SENDTO_LISTEN_sv_0 type=serv proto=udp
:expr add name=PING_RESPONDER_sv_0 type=serv proto=icmp icmptype=echo-request
:expr add name=HTTPI_sv_0 type=serv proto=tcp dstport=httpproxy
:expr add name=icmp type=serv proto=icmp
:expr add name=igmp type=serv proto=igmp
:expr add name=ftp type=serv proto=tcp dstport=ftp
:expr add name=telnet type=serv proto=tcp dstport=telnet
:expr add name=http type=serv proto=tcp dstport=www-http
:expr add name=httpproxy type=serv proto=tcp dstport=httpproxy
:expr add name=https type=serv proto=tcp dstport=443
:expr add name=RPC type=serv proto=tcp dstport=135
:expr add name=NBT type=serv proto=udp dstport=netbios-ns
:expr add name=NBT type=serv proto=udp dstport=netbios-dgm
:expr add name=NBT type=serv proto=tcp dstport=netbios-ssn
:expr add name=SMB type=serv proto=tcp dstport=445
:expr add name=imap type=serv proto=tcp dstport=imap2
:expr add name=imap3 type=serv proto=tcp dstport=imap3
:expr add name=imap4-ssl type=serv proto=tcp dstport=585
:expr add name=imaps type=serv proto=tcp dstport=993
:expr add name=pop2 type=serv proto=tcp dstport=pop2
:expr add name=pop3 type=serv proto=tcp dstport=pop3
:expr add name=pop3s type=serv proto=tcp dstport=995
:expr add name=smtp type=serv proto=tcp dstport=smtp
:expr add name=ssh type=serv proto=tcp dstport=22
:expr add name=dns type=serv proto=tcp dstport=dns
:expr add name=dns type=serv proto=udp dstport=dns
:expr add name=nntp type=serv proto=tcp dstport=nntp
:expr add name=ipsec type=serv proto=ah
:expr add name=ipsec type=serv proto=esp
:expr add name=ipsec type=serv proto=udp srcport=ike dstport=ike
:expr add name=esp type=serv proto=esp
:expr add name=ah type=serv proto=ah
:expr add name=ike type=serv proto=udp dstport=ike
:expr add name=DiffServ type=serv dscp=!cs0
:expr add name=sip type=serv proto=udp dstport=sip
:expr add name=sip type=serv proto=tcp dstport=sip
:expr add name=h323 type=serv proto=tcp dstport=h323
:expr add name=h323 type=serv proto=udp dstport=1718
:expr add name=h323 type=serv proto=udp dstport=1719
:expr add name=dhcp type=serv proto=udp dstport=bootpc
:expr add name=dhcp type=serv proto=udp dstport=bootps
:expr add name=rtsp type=serv proto=udp dstport=rtsp
:expr add name=rtsp type=serv proto=tcp dstport=rtsp
:expr add name=ssdp_serv type=serv proto=udp dstport=1900
:expr add name=mdap_serv type=serv proto=udp dstport=3235=>
E-DOC-CTC-20061027-0003 v2.0
337
RELATED COMMANDS:
Add a subexpression to an expression.
Expr Commands
338
E-DOC-CTC-20061027-0003 v2.0
Expr Commands
expr modify
Modify an expression.
SYN TAX:
expr modify name = <string> type = <{intf | ip | serv}> index = <number> addr [!]= <ip-range>
[intf [!]= <string>]
[intfgroup [!]= <{wan|local|lan|tunnel|dmz|guest} or number>]
[bridgeport [!]= <number>]
[tos [!]= <number{0-255}>]
[precedence [!]= <IP precedence type> or <number>]
[dscp [!]= <DSCP name> or <number>]
[proto = <supported IP protocol name> or <number>]
[srcport [!]= <supported TCP/UDP port name> or <number>]
[srcportend = <supported TCP/UDP port name> or <number>]
[dstport [!]= <supported TCP/UDP port name> or <number>]
[dstportend = <supported TCP/UDP port name> or <number>]
[icmptype [!]= <supported ICMP type name> or <number>]
[icmpcode [!]= <number{0-15}>]
[icmpcodeend = <number{0-15}>] i
If a value is preceded by a “!”, it means NOT.
For example “intfgroup=!wan” means “if the interface group is different from WAN”.
where: name type number addr intf
The name of the expression to be modified.
The expression type.
Choose between:
>
intf
>
ip
>
serv.
The index of the subexpression to be modified.
Tip
Use the command
:expr list to obtain the indexes of the subexpressions.
The IP address (or range). Supports ip/mask notation.
Note
Only for expression type
ip
.
The IP interface name.
Note
Only for expression type
intf
.
REQUIRED
REQUIRED
REQUIRED
REQUIRED
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
339
Expr Commands
340
intfgroup bridgeport tos precedence dscp proto srcport srcportend dstport dstportend icmptype
The IP interface group.
Choose between:
>
wan
>
local
>
lan
>
tunnel
>
dmz
>
guest.
Note
Only for expression type
intf
.
The bridge port number.
Note
Only for expression type
intf
.
A number between 0 and 255.
Represents the ToS specification in the IP packet.
Note
The parameters
tos
,
precedence
and
dscp
are mutually exclusive.
The precedence in the IP packet (part of tos).
Select an IP precedence (see “ IP Precedence” on page 752 ) or,
alternatively, specify the number.
Note
The parameters
tos
,
precedence
and
dscp
are mutually exclusive.
The DSCP in the IP packet (part of tos).
Select a DSCP (see “ Differentiated Services Code Point (DSCP)” on page 753 ).
Note
The parameters
tos
,
precedence
and
dscp
are mutually exclusive.
The protocol (name or number) expected in the IP packet.
Select one of the following protocols:
icmp
,
igmp
,
ipinip
,
tcp
,
udp
,
ah
,
esp
,
ipcomp
or, alternatively, specify the protocol number.
The TCP/UDP port (or beginning of range) the packet is coming from.
Select one of the supported TCP/UDP port names (see
“ Supported TCP/UDP Port Names” on page 747 ) or,
alternatively, specify the protocol number.
The source TCP/UDP port range end (inclusive).
Select one of the supported TCP/UDP port names (see
“ Supported TCP/UDP Port Names” on page 747 ) or,
alternatively, specify the protocol number.
The TCP/UDP port (or beginning of range) the packet is going to.
Select one of the supported TCP/UDP port names (see
“ Supported TCP/UDP Port Names” on page 747 ) or,
alternatively, specify the protocol number.
The destination TCP/UDP port range end (inclusive).
Select one of the supported TCP/UDP port names (see
“ Supported TCP/UDP Port Names” on page 747 ) or,
alternatively, specify the protocol number.
The ICMP type (name or number) of the packet.
Select one of the supported ICMP types (see “ Supported ICMP
) or, alternatively, specify the type number.
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
Expr Commands icmpcode icmpcodeend
A number between 0 and 15.
Represents the ICMP code (or beginning of range) of the packet.
A number between 0 and 15.
Represents the ICMP code range end (inclusive).
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
341
Expr Commands
342
E-DOC-CTC-20061027-0003 v2.0
Firewall Commands
16 Firewall Commands
Introduction
This chapter describes the commands of the firewall command group.
Contents
This chapter covers the following commands:
firewall rule debug traceconfig
Configure the firewall options.
Flush the firewall configuration.
List the firewall configuration.
Add a chain.
Delete a chain.
Flush all chains.
List all chains.
Clear the firewall statistics.
Display the firewall statistics.
Configure the firewall trace options.
Flush the security level configuration.
Set the security level or display the current security level.
Show a list of the firewall rules in a chain.
Clear the firewall rule statistics.
Show the firewall rule statistics.
Display or modify the rule trace configuration.
E-DOC-CTC-20061027-0003 v2.0
343
Firewall Commands
firewall config
Configure the firewall options.
SYNTAX:
firewall config where: state keep tcpchecks udpchecks icmpchecks
[state = <{disabled | enabled}>]
[keep = <{disabled | enabled}>]
[tcpchecks = <{none | fast | exact}>]
[udpchecks = <{disabled|enabled}>]
[icmpchecks = <{disabled | enabled}>]
[logdefault = <{disabled | enabled}>]
[logthreshold = <{disabled | enabled}>]
[tcpwindow = <number{0-1073725440}>]
Enable or disable the firewall.
The default is
enabled
.
The firewall keeps active connections (enabled) or not
(disabled) when the firewall rules change.
The default is
disabled
.
Select the level of TCP sequence number checks. Choose between:
>
none
: no TCP checks are done.
>
fast
: check all the combinations of flag and disallow all the possible illegal combinations shown below:
„
„
„
„
SYN PSH (SYN PSH URG,...)
SYN FIN (SYN FIN PSH, SYN FIN RST PSH,...)
FIN flag set without ACK
All flags set
„ No flags set.
>
exact
: check and permit only combinations of flag with the
TCP state of a connection:
„
„
„
„
SYN: request to open connection
SYN ACK: agree to open connection
A, PA, AU, PAU: acknowledgement of receipt
FA, FAP, FAU, FAP, FAPU, FAU, FPAU: request to close connection
„ R, RA, RP, RU, RPA, RPU, RAU, RPAU: tear down connection.
The default is
none
.
Disable or enable keeping UDP checks.
The default is
enabled
.
Disable or enable keeping ICMP checks.
The default is
enabled
.
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
344
Firewall Commands logdefault logthreshold tcpwindow
Disable or enable logging of default firewall rule.
The default is
disabled
.
Disable or enable log thresholding.
The default is
enabled
.
A number between 0 and 1073725440.
This parameter permits to modify the TCP window for fast TCP checks.
The default is
65536
.
OPTIONAL
OPTIONAL
OPTIONAL
EXAMPLE:
=>firewall config
:firewall config state=enabled keep=disabled tcpchecks=none udpchecks=enabled icmpchecks=enabled logdefault=disabled logthreshold=enabled tcpwindow=65536
=>
E-DOC-CTC-20061027-0003 v2.0
345
firewall clear
Flush the firewall configuration.
SYNTAX:
firewall clear
Firewall Commands
346
E-DOC-CTC-20061027-0003 v2.0
Firewall Commands
firewall list
List the firewall configuration.
SYNTAX:
firewall list where: format
[format = <{pretty | cli}>]
Select the output format in which the configuration must be shown.
Choose between:
>
pretty
: the configuration is shown as intuitive output in clear text.
>
cli
: the configuration is shown via the CLI commands configuration.
The default is
pretty
.
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
347
Firewall Commands
EXAMPLE of output in text mode:
=>firewall list
Config
======
State
Keep
TcpChecks
TcpWindow
IcmpChecks
LogDefault
LogThreshold
Modules
=======
Module
: enabled
: disabled
: exact
: 65536
: enabled
: disabled
: enabled
State Text Hooks
---------------------------------------------------------------------------------------------
----fire host_service enabled enabled
Firewall Administration Module
Firewall Host Service Module sink, forward, source forward level system_service
=> enabled Firewall Level Module enabled Firewall System Service Module forward sink
EXAMPLE of output in CLI mode:
=>firewall list format=cli
:firewall config state=enabled keep=disabled tcpchecks=exact icmpchecks=enabled logdefault=di sabled
| logthreshold=enabled tcpwindow=65536
:firewall debug traceconfig tcpchecks=disabled icmpchecks=disabled sink=none forward=none
| source=none
=>
348
E-DOC-CTC-20061027-0003 v2.0
Firewall Commands
firewall chain add
Add a chain.
SYNTAX:
firewall chain add where: chain chain = <string>
The name of the chain to be added.
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
349
EXAMPLE:
=>firewall chain list
Chains
======
Name Description
----------------------------------------------------------------sink forward source sink_fire system system system system forward_fire source_fire forward_host_service forward_level sink_system_service forward_level_BlockAll forward_level_Standard forward_level_Disabled
=>firewall chain add chain=myCHAIN
=>firewall chain list system system system system system system system system
Chains
======
Name Description
----------------------------------------------------------------sink forward source sink_fire forward_fire system system system system system source_fire forward_host_service forward_level sink_system_service forward_level_BlockAll forward_level_Standard forward_level_Disabled myCHAIN
=> system system system system system system system user
RELATED COMMANDS:
Delete a chain.
List all chains.
Firewall Commands
E-DOC-CTC-20061027-0003 v2.0
350
Firewall Commands
firewall chain delete
Delete a chain.
SYNTAX:
firewall chain delete where: chain chain = <string>
The name of the chain to be deleted.
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
351
EXAMPLE:
=>firewall chain list
Chains
======
Name Description
----------------------------------------------------------------sink forward source sink_fire system system system system forward_fire source_fire forward_host_service forward_level sink_system_service forward_level_BlockAll forward_level_Standard forward_level_Disabled myCHAIN
=>firewall chain delete chain=myCHAIN
=>firewall chain list system system system system system system system system user
Chains
======
Name Description
----------------------------------------------------------------sink system forward source sink_fire forward_fire source_fire forward_host_service system system system system system system forward_level sink_system_service forward_level_BlockAll forward_level_Standard forward_level_Disabled
=> system system system system system
RELATED COMMANDS:
Add a chain.
List all chains.
Firewall Commands
E-DOC-CTC-20061027-0003 v2.0
352
Firewall Commands
firewall chain flush
Flush all chains.
SYNTAX:
firewall chain flush
E-DOC-CTC-20061027-0003 v2.0
353
Firewall Commands
firewall chain list
List all chains.
SYNTAX:
firewall chain list where: format
[format = <{pretty | cli}>]
Select the output format in which the chains must be shown.
Choose between:
>
pretty
: the chains are shown as intuitive output in clear text.
>
cli
: the chains are shown via the CLI commands configuration.
The default is
pretty
.
OPTIONAL
EXAMPLE:
=>firewall chain list
Chains
======
Name Description
----------------------------------------------------------------sink forward source sink_fire system system system system forward_fire source_fire forward_host_service forward_level sink_system_service forward_level_BlockAll forward_level_Standard forward_level_Disabled
=> system system system system system system system system
RELATED COMMANDS:
Add a chain.
Delete a chain.
E-DOC-CTC-20061027-0003 v2.0
354
Firewall Commands
firewall debug clear
Clear the firewall statistics.
SYNTAX:
firewall debug clear
EXAMPLE:
=>firewall debug stats
Statistics
==========
Used rule contexts
Total rule contexts
Total packets parsed
Packets parsed in hook sink
: 0
: 256
: 2554
: 1461
Packets parsed in hook forward : 12
Packets parsed in hook source : 1041
Packets dropped in hook sink : 0
Packets dropped in hook forward : 0
Packets dropped in hook source : 0
TCP flag errors detected : 14
TCP seq/ack/win errors detected : 5
ICMP errors with partial info : 0
ICMP errors without cause
ICMP replies without request
Packet replay errors : 0
: 0
: 0
=>firewall debug clear
=>firewall debug stats
Statistics
==========
Used rule contexts
Total rule contexts
Total packets parsed
Packets parsed in hook sink
: 0
: 256
: 26
: 16
Packets parsed in hook forward : 0
Packets parsed in hook source : 10
Packets dropped in hook sink : 0
Packets dropped in hook forward : 0
Packets dropped in hook source : 0
TCP flag errors detected : 0
TCP seq/ack/win errors detected : 0
ICMP errors with partial info : 0
ICMP errors without cause
ICMP replies without request
Packet replay errors : 0
: 0
: 0
=>
RELATED COMMANDS:
Display the firewall statistics.
E-DOC-CTC-20061027-0003 v2.0
355
firewall debug stats
Display the firewall statistics.
SYNTAX:
firewall debug stats
EXAMPLE:
=>firewall debug stats
Statistics
==========
Used rule contexts
Total rule contexts
Total packets parsed
Packets parsed in hook sink
: 0
: 256
: 2554
: 1461
Packets parsed in hook forward : 12
Packets parsed in hook source : 1041
Packets dropped in hook sink : 0
Packets dropped in hook forward : 0
Packets dropped in hook source : 0
TCP flag errors detected : 14
TCP seq/ack/win errors detected : 5
ICMP errors with partial info : 0
ICMP errors without cause
ICMP replies without request
Packet replay errors : 0
: 0
: 0
=>
RELATED COMMANDS:
Clear the firewall statistics.
Firewall Commands
E-DOC-CTC-20061027-0003 v2.0
356
Firewall Commands
firewall debug traceconfig
Configure the firewall trace options.
SYNTAX:
firewall debug traceconfig [tcpchecks = <{disabled | enabled}>]
[udpchecks = <{disabled|enabled}>]
[icmpchecks = <{disabled | enabled}>]
[sink = <{none | all | accept | deny | drop
| reset} or number>]
[forward = <{none | all | accept | deny | drop reset} or number>]
[source = <{none | all | accept | deny | drop
| reset} or number>] where: tcpchecks udpchecks icmpchecks sink forward source
Disable or enable tcpchecks traces.
The default is
disabled
.
Disable or enable udpchecks traces.
The default is
disabled
.
Disable or enable icmpchecks traces.
The default is
disabled
.
Specify the action traced by the firewall for sink traffic.
The default is
none
.
Specify the action traced by the firewall for forward traffic.
The default is
none
.
Specify the action traced by the firewall for source traffic.
The default is
none
.
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
EXAMPLE:
=>firewall debug traceconfig
Trace Config
============ tcpchecks icmpchecks sink forward source
=>
: disabled
: disabled
: none
: none
: none
E-DOC-CTC-20061027-0003 v2.0
357
Firewall Commands
firewall level add
Add a security level.
SYNTAX:
firewall level add name = <string>
[index = <number>]
[readonly = <{disabled | enabled}>]
[udptrackmode = <{strict | loose}>]
[service = <{disabled | enabled}>]
[proxy = <{disabled|enabled}>]
[text = <quoted string>] where: name index readonly udptrackmode proxy service text
The name of the security level to be added.
The index of the security level.
Tip
Use the command
:firewall level list to obtain a list of indexes.
Note
If not specified, the new security level will be added at the bottom of the list.
Select whether the security level is readonly (enabled) or not
(disabled).
The default is
enabled
.
Select the UDP connection tracking mode.
Choose between:
>
strict
: replies to a request from a client must be in a specific window to the client.
>
loose
: inbound packets are allowed on the port that was first used to start the communication with the server (for example to allow a client of an online game to obtin peerto-peer information from other clients of that same online game).
The default is
strict
.
Enable or disable proxy system services for this security level.
Disable or enable host service definitions.
The default is
disabled
.
Description of the security level.
Note
The maximum length is 39 characters.
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
RELATED COMMANDS:
E-DOC-CTC-20061027-0003 v2.0
358
Firewall Commands
firewall level delete
Delete a security level.
SYNTAX:
firewall level delete where: name name = <string>
The name of the security level to be deleted.
RELATED COMMANDS:
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
359
firewall level flush
Flush the security level configuration.
SYNTAX:
firewall level flush
Firewall Commands
360
E-DOC-CTC-20061027-0003 v2.0
Firewall Commands
firewall level list
List all the security levels.
SYNTAX:
firewall level list [format = <{pretty | cli}>]
[string = <string>]
[beginstring = <string>] where: format string beginstring
Select the output format in which the security levels must be shown.
Choose between:
>
pretty
: the security levels are shown as intuitive output in clear text.
>
cli
: the security levels are shown via the CLI commands configuration.
The default is
pretty
.
String matching condition
Beginstring matching condition
OPTIONAL
OPTIONAL
OPTIONAL
RELATED COMMANDS:
E-DOC-CTC-20061027-0003 v2.0
361
Firewall Commands
firewall level modify
Configure a security level.
SYNTAX:
firewall level modify where: name index readonly udptrackmode proxy service text name = <string>
[index = <number>]
[readonly = <{disabled | enabled}>]
[udptrackmode = <{strict | loose}>]
[service = <{disabled | enabled}>]
[proxy = <{disabled|enabled}>]
[text = <quoted string>]
The name of the security level to be added.
The index of the security level.
Tip
Use the command
:firewall level list to obtain a list of indexes.
Select whether the security level is readonly (enabled) or not
(disabled).
Select the UDP connection tracking mode.
Choose between:
>
strict
: replies to a request from a client must be in a specific window to the client.
>
loose
: inbound packets are allowed on the port that was first used to start the communication with the server (for example to allow a client of an online game to obtin peerto-peer information from other clients of that same online game).
The default is
strict
.
Enable or disable proxy system services for this security level.
Disable or enable service definitions for this security level.
Description of the security level.
Note
The maximum length is 39 characters.
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
362
Firewall Commands
firewall level set
Set the security level or display the current security level.
SYNTAX:
firewall level set where: name
[name = <string>]
The name of the security level to be set.
Note
If no security level is specified, the current security level will be shown.
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
363
Firewall Commands
firewall rule add
Add a firewall rule.
SYNTAX:
firewall rule add chain = <chain name>
[index = <number>]
[name = <string>]
[clink = <chain name>]
[srcintf [!]= <string>]
[srcip [!]= <string>]
[dstip [!]= <string>]
[serv [!]= <string>]
[log = <{disabled | enabled}>]
[state = <{disabled | enabled}>] action = <{accept|deny|drop|reset|count|link}> i
If a value is preceded by a “!”, it means NOT.
For example “srcintf=!wan” means “if the source interface is different from WAN”.
where: chain index name clink srcintf srcip dstintf dstip serv log state action
The name of the chain which contains the rule.
The number of the rule in the chain.
The name of the new rule.
The name of the chain to be parsed when this rule applies.
The name of the source interface expression.
The name of the source IP expression.
The name of the destination interface expression.
The name of the destination IP expression.
The name of the service expression.
Disable or enable logging is done when this rule applies.
Enable or disable this rule.
The action to be taken when this rule applies ('link' when clink is used).
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
REQUIRED
RELATED COMMANDS:
E-DOC-CTC-20061027-0003 v2.0
364
Firewall Commands
firewall rule delete
Delete a firewall rule.
SYNTAX:
firewall rule delete where: chain index chain = <string> index = <number>
The name of the chain in which a rule must be deleted.
The number of the rule in the chain.
RELATED COMMANDS:
firewall rule add Add a firewall rule.
REQUIRED
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
365
Firewall Commands
firewall rule flush
Flush all firewall rules.
SYNTAX:
firewall rule flush where: chain
[chain = <string>]
The name of the chain for which the rules must be flushed.
Note
If not specified, the rules of all the chains will be flushed.
OPTIONAL
366
E-DOC-CTC-20061027-0003 v2.0
Firewall Commands
firewall rule list
Show a list of the firewall rules in a chain.
SYNTAX:
firewall rule list [chain = <string>]
[format = <{pretty | cli}>]
[string = <string>]
[beginstring = <string>] where: chain format string beginstring
The name of the chain for which the rules must be listed.
Note
If not specified, the rules of all the chains are shown.
Select the output format in which the list must be shown.
Choose between:
>
pretty
: the list is shown as intuitive output in clear text.
>
cli
: the list is shown via the CLI commands configuration.
The default is
pretty
.
String matching condition
Beginstring matching condition
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
367
Firewall Commands
EXAMPLE:
=>firewall rule list
Rules (flags: C=Constant, D=Dynamic, E=Enable, L=Log)
=====
Chain Nr.
Flags Rule
--------------------------------------------------------------------------------------sink 1
2
CDE
CDE
: link
: link sink_fire sink_system_service sink_fire sink_system_service
1
1
2
C E
CDE
DE
SSDP
HTTPI
: accept
: accept ssdp_serv lan.* > *.ssdp_ip
HTTPI_sv_0 HTTPI_if_0.* > *.*
PING_RESPONDER : accept PING_RESPONDER_sv_0 PING_RESPON
DER_
3
4
5
6
7
8
9
10
11
12
13
14
15
CD
D
CD
CD
CDE
CDE
CD
CDE
CDE
CD
CDE
CDE
CDE
SENDTO_LISTEN
ICMP_LISTEN
SRAS
RAS
MDAP
SNMP_AGENT
DHCP-S
DHCP-R
DNS-S
RIP-Query
RIP
TELNET
FTP if_0.* > *.*
: accept SENDTO_LISTEN_sv_0 *.* > *.*
: accept ICMP_LISTEN_sv_0 *.* > *.*
: accept SRAS_sv_0 *.* > *.*
: accept RAS_sv_0 *.* > *.*
: accept MDAP_sv_0 *.* > *.*
: accept SNMP_AGENT_sv_0 SNMP_AGENT_ if_0.* > *.*
: accept DHCP-S_sv_0 *.* > *.*
: accept DHCP-R_sv_0 DHCP-R_if_0.* > *.*
: accept DNS-S_sv_0 DNS-S_if_0.* > *.*
: accept RIP-Query_sv_0 *.* > *.*
: accept RIP_sv_0 *.* > *.*
: accept TELNET_sv_0 TELNET_if_0.* > *.*
: accept FTP_sv_0 FTP_if_0.* > *.* forward forward_level forward_level_Disabled 1 source source_fire
1
1
2
3
1
16
17
1
CDE
CDE
CDE
CDE
CDE
CDE
HTTPs
HTTP
: accept HTTPs_sv_0 HTTPs_if_0.* > *.*
: accept HTTP_sv_0 HTTP_if_0.* > *.*
: link
: link
: link
: link forward_fire forward_host_service forward_level forward_level_Disabled
C E
CDE
C E
AnyTraffic
AnyTraffic
: accept *.* > *.*
: link source_fire
: accept *.* > *.*
=>
=>firewall rule list format=cli
:firewall rule add chain=sink_fire index=1 name=SSDP srcintf=lan dstip=ssdp_ip serv=ssdp_serv
| log=disabled state=enabled action=accept
:firewall rule add chain=source_fire index=1 name=AnyTraffic log=disabled state=enabled
| action=accept
:firewall rule add chain=forward_level_BlockAll index=1 name=AnyTraffic log=disabled state=en abled
| action=drop
:firewall rule add chain=forward_level_Standard index=1 name=FromLAN srcintf=lan log=disabled
| state=enabled action=accept
:firewall rule add chain=forward_level_Disabled index=1 name=AnyTraffic log=disabled state=en abled
| action=accept
=>
E-DOC-CTC-20061027-0003 v2.0
368
Firewall Commands
firewall rule modify
Modify a firewall rule.
SYNTAX:
firewall rule modify chain = <string> index = <number>
[newindex = <number>]
[name = <string>]
[clink = <chain name>]
[srcintf [!]= <string>]
[srcip [!]= <string>]
[dstintf [!]= <string>]
[dstip [!]= <string>]
[serv [!]= <string>]
[log = <{disabled | enabled}>]
[state = <{disabled | enabled}>]
[action = <action>] i
If a value is preceded by a “!”, it means NOT.
For example “srcintf=!wan” means “if the source interface is different from WAN”.
where: chain index newindex name clink srcintf srcip dstintf dstip serv log state action
The name of the chain which contains the rule.
The number of the rule in the chain.
The number of the rule in the chain.
The name of the new rule.
The name of the chain to be parsed when this rule applies.
The name of the source interface expression.
The name of the source IP expression.
The name of the destination interface expression.
The name of the destination IP expression.
The name of the service expression.
Disable or enable logging when this rule applies.
Disable or enable this rule.
The action to be taken when this rule applies ('link' when clink is used).
REQUIRED
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
RELATED COMMANDS:
E-DOC-CTC-20061027-0003 v2.0
369
Firewall Commands
firewall rule debug clear
Clear the firewall rule statistics.
SYNTAX:
firewall rule debug clear [chain = <string>]
[index = <number>] where: chain index
The name of the chain which contains the rule.
The number of the rule in the chain.
Note
If not specified, the statistics for all the rules in the chain will be cleared.
OPTIONAL
OPTIONAL
370
E-DOC-CTC-20061027-0003 v2.0
Firewall Commands
EXAMPLE:
=>firewall rule debug stats chain index packets bytes
---------------------------------------------------------------------------sink 1
2
0
4
0
192 forward
3
1
1
2
10
0
0
0
480
0
0
0 source sink_fire source_fire forward_level sink_system_service
1
1
1
1
0
0
10
1
0 forward_level_BlockAll forward_level_Standard forward_level_Disabled
=>firewall rule debug clear
16
17
2
...
1
1
1
0
2
0
0
10
0
96
0
0
480
480
48
0
0
0
=>firewall rule debug stats chain index packets bytes
---------------------------------------------------------------------------sink 1
2
0
0
0
0 forward 1 0 0 source sink_fire source_fire forward_level sink_system_service
1
1
1
2
3
1
0
0
0
0
0
0
0
0 forward_level_BlockAll forward_level_Standard forward_level_Disabled
=>
16
17
1
1
1
1
2
...
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
RELATED COMMANDS:
Show the firewall rule statistics.
E-DOC-CTC-20061027-0003 v2.0
371
Firewall Commands
firewall rule debug stats
Show the firewall rule statistics.
SYNTAX:
firewall rule debug stats [chain = <chain name>]
[index = <number>] where: chain index
The name of the chain for which the statistics must be shown.
Note
If not specified, the statistics for all the chains will be shown.
The number of the rule in the chain.
Note
If not specified, the statistics for all the rules in the chain are shown.
OPTIONAL
OPTIONAL
372
E-DOC-CTC-20061027-0003 v2.0
Firewall Commands
EXAMPLE:
forward_level_BlockAll forward_level_Standard forward_level_Disabled
=>
RELATED COMMANDS:
Clear the firewall rule statistics.
16
17
1
1
1
10
11
12
13
14
15
8
9
6
7
4
5
2
3
0
10
0
2
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
96
0
0
480
48
0
0
0
0
0
0
0
0
0
0
0
0
0
E-DOC-CTC-20061027-0003 v2.0
373
Firewall Commands
firewall rule debug traceconfig
Display or modify the rule trace configuration.
SYNTAX:
firewall rule debug traceconfig where: trace
[trace = <{disabled | enabled}>]
Enable or disable rule traces.
The default is
disabled
.
OPTIONAL
EXAMPLE:
=>firewall rule debug traceconfig
:firewall rule debug traceconfig state=disabled
=>
374
E-DOC-CTC-20061027-0003 v2.0
GRP Commands
17 GRP Commands
Introduction
This chapter describes the commands of the grp command group.
Contents
This chapter covers the following commands:
Set the Generic Routing Protocol (GRP) configuration settings.
Flush the GRP interface settings and parameters.
Show the current routes in the GRP interfaces routing table.
Configure the RIP settings.
Flush the RIP interface settings and global parameters.
Configure a RIP interface.
Show the RIP settings and the routes in the RIP database.
E-DOC-CTC-20061027-0003 v2.0
375
GRP Commands
grp config
Set the Generic Routing Protocol (GRP) configuration settings.
SYNTAX:
grp config [cdistance = <number{0-255}>]
[kdistance = <number{0-255}>]
[rdistance = <number{0-255}>]
[trace = <{disabled | enabled}>] where: cdistance kdistance rdistance trace
A number between 0 and 255.
Sets the distance of the connected route type.
The default is
0
.
A number between 0 and 255.
Sets the distance of the kernel route type.
The default is
1
.
A number between 0 and 255.
Sets the distance of the RIP route type.
The default is
120
.
Enable or disable verbose console messaging.
The default is
disabled
.
EXAMPLE:
=>grp config
Distance of the connected route type : 0
Distance of the kernel route type : 1
Distance of the RIP route type : 120
Tracing : disabled
=>
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
376
GRP Commands
grp flush
Flush the GRP interface settings and parameters.
SYNTAX:
grp flush
E-DOC-CTC-20061027-0003 v2.0
377
GRP Commands
grp rtlist
Show the current routes in the GRP interfaces routing table.
SYNTAX:
grp rtlist where: dst dstmask
[dst = <ip-address>]
[dstmask = <ip-mask (dotted or cidr)>]
The destination IP address of the route.
Supports IP/mask notation.
Note
If no destination IP address is specified, all the current routes will be shown.
The destination IP address mask, either in dotted or in numerical cidr notation.
OPTIONAL
OPTIONAL
EXAMPLE:
=>grp rtlist
Codes : K - kernel, C - connected, S - static, R - rip, * - FIB route destination : 10.0.0.0/24 *
Route type : "C" distance : 0
Nexthop : LocalNetwork destination : 10.0.0.0/24
Route type : "K" distance : 1
Nexthop : 10.0.0.138
destination : 127.0.0.0/8 *
Route type : "C" distance : 0
Nexthop : loop destination : 192.168.1.0/24 *
Route type : "C" distance : 0
Nexthop : LocalNetwork destination : 192.168.1.0/24
Route type : "K" distance : 1
Nexthop : 192.168.1.254
destination : 255.255.255.255/32 *
Route type : "K" distance : 1
Nexthop : 127.0.0.1
=>
E-DOC-CTC-20061027-0003 v2.0
378
GRP Commands
grp rip config
Configure the RIP settings.
SYNTAX:
grp rip config state = <{disabled | enabled}>
[version = <{rip_unspec | rip_v1 | rip_v2}>]
[defmetric = <number{1-16}>]
[updatetime = <number{1-3600}>]
[timeouttime = <number{1-3600}>]
[garbagetime = <number{1-3600}>]
[impcrt = <{disabled | enabled}>]
[impkrt = <{disabled | enabled}>]
[impsrt = <{disabled | enabled}>]
[impdefkrt = <{disabled | enabled}>]
[impdefsrt = <{disabled | enabled}>]
[exprt = <{disabled | enabled}>]
[expdefrt = <{disabled | enabled}>]
[txdefrt = <{disabled | enabled}>]
[trace = <{disabled | enabled}>] where: state version defmetric updatetime timeouttime garbagetime impcrt impkrt
Enable or disable the RIP daemon.
The default is
enabled
.
Configure the RIP version to be applied.
Choose between:
>
rip_unspec
: No RIP version is specified as such. The actual RIP version to be used is negotiated with the remote side.
>
rip_v1
: RIP version 1 is used.
>
rip_v2
: RIP version 2 is used.
The default is
rip_v2
.
A number between 1 and 16 (hops).
Represents the default RIP metric for imported routes.
The default is
1
.
A number between 1 and 3600 (seconds).
Represents the update timer value of the RIP routing table.
The default is
30
.
A number between 1 and 3600 (seconds).
Represents the timeout timer value of the RIP routing info.
The default is
180
.
A number between 1 and 3600 (seconds).
Represents the garbage collection timer value.
The default is
120
.
Enable or disable the import of connected routes.
The default is
enabled
.
Enable or disable the import of kernel routes.
The default is
enabled
.
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
379
GRP Commands impsrt impdefkrt impdefsrt exprt expdefrt txrt trace
Enable or disable the import of static routes.
The default is
enabled
.
Enable or disable the import of the default kernel route.
The default is
enabled
.
Enable or disable the import of the default static route.
The default is
enabled
.
Enable or disable the export of received RIP routes.
The default is
enabled
.
Enable or disable the export of the received RIP default route.
The default is
enabled
.
Enable or disable the transmission of the RIP default route.
The default is
enabled
.
Enable or disable verbose console messaging.
The default is
disabled
.
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
380
E-DOC-CTC-20061027-0003 v2.0
GRP Commands
EXAMPLE:
=>grp rip show
RIP routing protocol config dump
------------------------------------
RIP daemon is enabled
Global RIP queries received : 0
Global RIP route changes : 0
Default version : send rip_v2, receive rip_v2
Default redistribution metric is 1
Sending routing table updates every 30 seconds with +/-5%
Route timeout after 180 seconds
Route garbage collect after 120 seconds
Import of connected routes is enabled
Import of kernel routes is enabled
Import of static routes is enabled
Import of default kernel route is enabled
Import of default static route is enabled
Export of RIP routes is enabled
Export of default RIP route is enabled
Transmission of default RIP route is enabled
Interface Send Recv AuthMode Passive SplitHorizon BadPackets
BadRoutes SentUpdates
---------------------------------------------------------------------------------------------
-------------------
lan1 rip_unspec rip_unspec none enabled enabled 0 0
0
Internet rip_unspec rip_unspec none enabled enabled 0 0
0
RIP routing table dump
--------------------------
Codes : K - Kernel, C - connected, S - Static, R - RIP, * - FIB route
Network Next Hop Metric From Flags
----------------------------------------------------------------------
C 10.0.0.0/24 1 <> *
C 192.168.1.0/24 1 <> *
=>
RELATED COMMANDS:
Show the RIP settings and the routes in the RIP database.
E-DOC-CTC-20061027-0003 v2.0
381
grp rip flush
Flush the RIP interface settings and global parameters.
SYNTAX:
grp rip flush
GRP Commands
382
E-DOC-CTC-20061027-0003 v2.0
GRP Commands
grp rip ifconfig
Configure a RIP interface.
SYNTAX:
grp rip ifconfig intf = <string>
[rip = <{disabled | enabled}>]
[rxversion = <{rip_unspec | rip_v1 | rip_v2 | rip_v1-2}>]
[authmode = <{none | cleartext}>]
[authstring = <quoted string>]
[splithorizon = <{disable | enable}>] where: intf REQUIRED rip rxversion authmode authstring splithorizon
The name of the RIP interface to be configured.
Tip
Use the command
:grp iflist to obtain a list of available interfaces.
Enabled or disabled RIP on this interface.
The default is
disabled
.
Configure the RIP receive version to be applied.
Choose between:
>
rip_unspec
: No RIP version is specified as such. The actual RIP version to be used is negotiated with the remote side.
>
rip_v1
: RIP version 1 is used.
>
rip_v2
: RIP version 2 is used.
>
rip_v1-2
: RIP version 1 and RIP version 2 are used.
The default is
rip_unspec
.
Configure the RIP authentication mode.
Enter the mode in cleartext or specify none in case no authentication mode is required.
The default is
none
.
Configure the authentication string for the RIP authentication password.
Note
Leave
authstring
unspecified in case
authmode
is
none
.
Enable or disable the split horizon status for this interface.
The default is
enabled
.
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
383
EXAMPLE:
=>grp rip ifconfig intf = myPPP_ppp
[rip] = disabled
[rxversion] = rip_unspec
[authmode] = none
[authstr] =
[passive] = disabled
[splithorizon] = enabled
:grp rip ifconfig intf=myPPP_ppp
=>
GRP Commands
384
E-DOC-CTC-20061027-0003 v2.0
GRP Commands
grp rip show
Show the RIP settings and the routes in the RIP database.
SYNTAX:
grp rip show
EXAMPLE:
=>grp rip show
RIP routing protocol config dump
------------------------------------
RIP daemon is enabled
Global RIP queries received : 0
Global RIP route changes : 3
Default version : send rip_v2, receive rip_v2
Default redistribution metric is 1
Sending routing table updates every 30 seconds with +/-5%
Route timeout after 180 seconds
Route garbage collect after 120 seconds
Import of connected routes is enabled
Import of kernel routes is enabled
Import of static routes is enabled
Import of default kernel route is enabled
Import of default static route is enabled
Export of RIP routes is enabled
Export of default RIP route is enabled
Transmission of default RIP route is enabled
Intf ates
Send Recv AuthMode Passive SplitHorizon BadPackets BadRoutes SentUpd
---------------------------------------------------------------------------------------------
---eth0 rip_unspec rip_unspec none off on 0 58
62
RIP route table dump
----------------------
Codes : K - Kernel, C - connected, S - Static, R - RIP, * - FIB route
Network Next Hop Metric From Flags
---------------------------------------------------------------------
R 0.0.0.0/0 192.6.11.150
3 192.6.11.150
<> *
C 10.0.0.0/8
K 129.132.2.21/32
C 138.203.4.0/22
C 172.16.1.0/24
=>
138.203.7.146
1
1
1
1
<> *
<> *
<> *
<> *
E-DOC-CTC-20061027-0003 v2.0
385
GRP Commands
386
E-DOC-CTC-20061027-0003 v2.0
Hostmgr Commands
18 Hostmgr Commands
Introduction
This chapter describes the commands of the hostmgr command group.
Contents
This chapter covers the following commands:
Add host device info to the host manager.
Remove all the hosts from the list.
Configure the host manager parameters.
Delete the host device info from the host manager.
Flush the host manager configuration.
E-DOC-CTC-20061027-0003 v2.0
387
Hostmgr Commands
hostmgr add
Add host device info to the host manager.
SYNTAX:
hostmgr add mac_addr = <hardware-address>
[ip_addr = <ip-address>]
[name = <string>]
[type = <{generic_device|desktop_computer|laptop_computer| set_top_box|pda|gaming_console|phone|mobile_phone| printer|mass_storage_device}>]
[ipintf = <string>]
[ethintf = <string>]
[physintf = <string>] where: mac_addr ip_addr name type
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL ipintf ethintf physintf
The MAC address of the host to be added.
The host IP address.
The host name.
The host type.
Choose between:
>
generic_device
>
desktop_computer
>
laptop_computer
>
set_top_box
>
pda
>
gaming_console
>
phone
>
mobile_phone
>
printer
>
mass_storage_device
The default is
Generic Device
.
The IP interface name.
The Ethernet interface name.
The physical interface name.
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
388
Hostmgr Commands
EXAMPLE:
=>hostmgr list
MAC-address
-----------
IP-address
----------
00:10:a4:ad:32:cf 192.168.1.64
=>hostmgr add mac_addr=00:10:a4:33:56:53 name=Play type=Playstation
=>hostmgr list
MAC-address
-----------
IP-address
----------
Flags Type
----- ----
Intf
----
00:10:a4:33:56:53 0.0.0.0
00:10:a4:ad:32:cf 192.168.1.64
C
Playstation ethif1
Generic Device LocalNetwork
=>
Flags Type
----- ----
C
Intf
----
Generic Device LocalNetwork
Hw Intf
------ethif4
Hostname
--------
MyComputer
Hw Intf
------ethif1 ethif4
Hostname
--------
Play
MyComputer
RELATED COMMANDS:
Delete the host device info from the host manager.
E-DOC-CTC-20061027-0003 v2.0
389
Hostmgr Commands
hostmgr clear
Remove all the hosts from the list.
SYNTAX:
hostmgr clear
EXAMPLE:
=>hostmgr list
MAC-address
-----------
IP-address
----------
00:10:a4:33:56:53 0.0.0.0
00:10:a4:ad:32:cf 192.168.1.64
er
=>hostmgr clear
=>hostmgr list
No hosts found.
=>
Flags
-----
C
Type
----
Intf
----
Playstation ethif1
Generic Device LocalNetwork
Hw Intf
------ethif1 ethif4
Hostname
--------
Play
MyComput
RELATED COMMANDS:
Delete the host device info from the host manager.
390
E-DOC-CTC-20061027-0003 v2.0
Hostmgr Commands
hostmgr config
Configure the host manager parameters.
SYNTAX:
hostmgr config [state = <{disabled | enabled}>]
[scantime = <number{10-600}>]
[autosave = <{disabled | enabled}>]
[trace = <{disabled | enabled}>] where: state scantime autosave trace
Enable or disable the host manager daemon.
The default is
enabled
.
A number between 10 an 600 (seconds).
Represents the time between two scans.
The default is
30
(seconds).
Enable or disable automatic saves to flash memory.
The default is
enabled
.
Enable or disable the host manager traces.
The default is
disabled
.
EXAMPLE:
=>hostmgr config state : enabled scantime : 30 sec.
autosave : enabled trace : disabled
=>
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
391
Hostmgr Commands
hostmgr delete
Delete the host device info from the host manager.
SYNTAX:
hostmgr delete where: mac_addr mac_addr = <hardware-address>
The MAC address of the host to be removed.
REQUIRED
EXAMPLE:
=>hostmgr list
MAC-address
-----------
IP-address
----------
00:10:a4:33:56:53 0.0.0.0
00:10:a4:ad:32:cf 192.168.1.64
er
Flags
-----
C
Type
----
Playstation
Generic Device
Intf
---ethif1
LocalNetwork
=>hostmgr delete mac_addr=00:10:a4:fa:33:56
=>hostmgr list
MAC-address
-----------
00:10:a4:ad:32:cf 192.168.1.64
er
IP-address
----------
Flags
-----
C
Type
----
Intf
----
Generic Device LocalNetwork
=>
Hw Intf
------ethif1 ethif4
Hostname
--------
Play
MyComput
Hw Intf
------ethif4
Hostname
--------
MyComput
RELATED COMMANDS:
Add host device info to the host manager.
Remove all the hosts from the list.
E-DOC-CTC-20061027-0003 v2.0
392
Hostmgr Commands
hostmgr flush
Flush the host manager configuration.
The host manager configuration is cleaned and returned to default values.
SYNTAX:
hostmgr flush
E-DOC-CTC-20061027-0003 v2.0
393
Hostmgr Commands
hostmgr list
List all the host devices.
SYNTAX:
hostmgr list
EXAMPLE:
=>hostmgr list
MAC-address
-----------
IP-address
----------
00:10:a4:33:56:53 0.0.0.0
00:10:a4:ad:32:cf 192.168.1.64
er
=>
Flags
-----
C
Type
----
Intf
----
Playstation ethif1
Generic Device LocalNetwork
Hw Intf
------ethif1 ethif4
Hostname
--------
Play
MyComput
RELATED COMMANDS:
Add host device info to the host manager.
Delete the host device info from the host manager.
394
E-DOC-CTC-20061027-0003 v2.0
IDS Commands
19 IDS Commands
Introduction
This chapter describes the commands of the ids command group.
Contents
This chapter covers the following commands:
Reset the IDS statistics.
Display/modify the Intrusion Detection System (IDS) configuration.
Display the IDS parser configuration.
Modify the IDS parser configuration.
Reset the pattern tracker.
Display the patterns in the pattern tracker.
Display the pattern tracker statistics.
Displays the ids signature configuration
Modify the states of the signatures.
Reset the IDS thresholds to their default values.
Display the IDS thresholds.
E-DOC-CTC-20061027-0003 v2.0
395
ids clear
Reset the IDS statistics.
SYNTAX:
ids clear
RELATED COMMANDS:
ids parser list Display the IDS parser configuration.
IDS Commands
396
E-DOC-CTC-20061027-0003 v2.0
IDS Commands
ids config
Display/modify the Intrusion Detection System (IDS) configuration.
SYNTAX:
ids config where: state trace
[state = <{disabled | enabled}>]
[trace = <{disabled|enabled}>]
Enable or disable IDS checks.
The default is
enabled
.
Enable or disable tracing.
The default is
disabled
.
EXAMPLE:
=>ids config
IDS configuration:
================= state : enabled traces ::disabled
=>
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
397
IDS Commands
ids parser list
Display the IDS parser configuration.
SYNTAX:
ids parser list where: parser
[parser = <parser>]
The name of the parser
EXAMPLE:
=>ids parser list parser state
----------------------------------------fragment scan enabled enabled dos proto rate
=> enabled enabled enabled
REQUIRED
398
E-DOC-CTC-20061027-0003 v2.0
IDS Commands
ids parser modify
Modify the IDS parser configuration.
SYNTAX:
ids parser modify where: parser state parser = <string> state = <{disabled | enabled}>
The name of the IDS parser of which the configuration must be modifi ed.
Disable or enable the parser.
REQUIRED
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
399
IDS Commands
EXAMPLE:
=>ids list
Resources:
========== resource total maximum
--------------------------------parsers signatures
5
38
10
50
Signatures:
========== parser signature hits action state
--------------------------------------------------------------------------------------fragment fragment fragment fragment fragment sweep zero-length fragment size small fragment size fragment size overrun
0 log, drop
0 log, drop
0 log, drop
0 log, drop enabled enabled enabled enabled fragment fragment
...
fragment overlap fragment out-of-order
0 log, drop
0 log enabled enabled
=>ids parser modify parser=fragment state=disabled
=>ids list
Resources:
========== resource total maximum
--------------------------------parsers 5 10 signatures 38 50
Signatures:
========== parser signature hits action state
--------------------------------------------------------------------------------------fragment fragment fragment fragment fragment fragment
...
fragment sweep zero-length fragment size small fragment size fragment size overrun fragment overlap fragment out-of-order
0 log, drop
0 log, drop
0 log, drop
0 log, drop
0 log, drop
0 log disabled disabled disabled disabled disabled disabled
=>
E-DOC-CTC-20061027-0003 v2.0
400
IDS Commands
ids pattern clear
Reset the pattern tracker.
SYNTAX:
ids pattern clear
EXAMPLE:
=>ids pattern stats
Pattern tracker statistics:
--------------------------memory maximum number of patterns number of active patterns number of recycled patterns number of pattern searches number of new patterns
: 32768 bytes
: 512
: 8
: 0
: 9
: 8 maximum number of hash collisions : 1
% of hash entries with collisions : 0.09
% of hash entries unused : 99.31
=>ids pattern clear
=>ids pattern stats
Pattern tracker statistics:
--------------------------memory maximum number of patterns number of active patterns number of recycled patterns number of pattern searches number of new patterns
: 32768 bytes
: 512
: 0
: 0
: 0
: 0 maximum number of hash collisions : 0
% of hash entries with collisions : 0.00
% of hash entries unused : 100.00
=>
RELATED COMMANDS:
Display the patterns in the pattern tracker.
Display the pattern tracker statistics.
E-DOC-CTC-20061027-0003 v2.0
401
IDS Commands
ids pattern list
Display the patterns in the pattern tracker.
SYNTAX:
ids pattern list where: size
[size = <{10 | 100 | full} or number>]
The size of the IDS pattern list that will be shown.
Choose between:
>
10
>
100
>
full or, alternatively, specify a number.
The default is
full
.
OPTIONAL
EXAMPLE:
=>ids pattern list
1. # 40002# UDP period: [00001564..00001565]
2. # 30002# UDP period: [00001564..00001566]
3. # 5000a# UDP period: [00001411..00001425]
=>
*.*.*.*:*
*.*.*.*:*
*.*.*.*:*
-> *.*.*.*:*
-> 255.255.255.255:67
-> 255.255.255.255:* count:1 count:1 count:1
RELATED COMMANDS:
Reset the pattern tracker.
Display the pattern tracker statistics.
E-DOC-CTC-20061027-0003 v2.0
402
IDS Commands
ids pattern stats
Display the pattern tracker statistics.
SYNTAX:
ids pattern stats
EXAMPLE:
=>ids pattern stats
Pattern tracker statistics:
--------------------------memory maximum number of patterns number of active patterns number of recycled patterns number of pattern searches number of new patterns
: 32768 bytes
: 512
: 8
: 0
: 9
: 8 maximum number of hash collisions : 1
% of hash entries with collisions : 0.09
% of hash entries unused : 99.31
=>
RELATED COMMANDS:
Reset the pattern tracker.
Display the patterns in the pattern tracker.
E-DOC-CTC-20061027-0003 v2.0
403
IDS Commands
ids signature list
Displays the ids signature configuration
SYNTAX
ids signature list [signature = <fragment_sweep|zerolength_fragment_size| small_fragment_size|fragment_size_ove rrun| fragment_overlap|fragment_outof-order| ip_protocol_scan|tcp_port_scan|tcp_sy n_scan| stealth_tcp_null_scan|stealth_tcp_fin
_scan| stealth_tcp_xmas_scan|
stealth_tcp_syn-fin_scan| udp_port_scan|ping_sweep_scan|tcp_syn
_flood| stealth_tcp_full_xmas_scan| stealth_tcp_vecna_scan| udp_flood|ping_flood|icmp_unreachable
_storm| smurf_broadcast_attack|smurf_storm_at tack| fraggle_broadcast_attack| fraggle_storm_attack|land_attack}>] where signature The name of the signature OPTIONAL
EXAMPLE:
=>ids signature list signature fragment_sweep signature parser hits action state
------------------------------------------------------------------------------------fragment_sweep fragment 0 log enabled
=>
E-DOC-CTC-20061027-0003 v2.0
404
IDS Commands
ids signature modify
Modify the states of the signatures.
SYNTAX
ids signature modify [signature = <fragment_sweep| zero-length_fragment_size| small_fragment_size| fragment_size_overrun| fragment_overlap| fragment_out-of-order| ip_protocol_scan| tcp_port_scan|tcp_syn_scan| stealth_tcp_null_scan| stealth_tcp_fin_scan| stealth_tcp_xmas_scan| stealth_tcp_full_xmas_scan| stealth_tcp_vecna_scan| stealth_tcp_syn-fin_scan| udp_port_scan|ping_sweep_scan| tcp_syn_flood|udp_flood|ping_flood| icmp_unreachable_storm| smurf_broadcast_attack| smurf_storm_attack| fraggle_broadcast_attack| fraggle_storm_attack|land_attack}>] state = <{disabled|enabled}> where signature state
The name of the signature
The desired state of the signature.
EXAMPLE:
=>ids signature modify
[signature] = ip_protocol_scan state = disabled
:ids signature modify signature=ip_protocol_scan state=disabled
=>
REQUIRED
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
405
ids threshold clear
Reset the IDS thresholds to their default values.
SYNTAX:
ids threshold clear
EXAMPLE:
=>ids threshold list index name window limit scaling
-----------------------------------------------------------------
1.
ids scan
2.
ids flood
20
2
20
100 enabled disabled
3.
ids tcp rate
4.
ids udp rate
5.
ids icmp rate
6.
ids ip rate
10
1
1
1
300
200
200
200 enabled disabled disabled disable
=>ids threshold clear
=>ids threshold list index name window limit scaling
-----------------------------------------------------------------
1.
ids scan
2.
ids flood
3.
ids tcp rate
4.
ids udp rate
5.
ids icmp rate
6.
ids ip rate
20
2
1
1
1
1
20
100
200 enabled disabled disabled
200 disabled
200 disabled
200 disabled
=>
RELATED COMMANDS:
Display the IDS thresholds.
IDS Commands
E-DOC-CTC-20061027-0003 v2.0
406
IDS Commands
ids threshold list
Display the IDS thresholds.
SYNTAX:
ids threshold list
EXAMPLE:
=>ids threshold list index name window limit scaling
-----------------------------------------------------------------
1.
ids scan
2.
ids flood
20
2
20
100 enabled disabled
3.
ids tcp rate
4.
ids udp rate
5.
ids icmp rate
6.
ids ip rate
1
1
1
1
200
200
200
200 disabled disabled disabled disabled
=>
RELATED COMMANDS:
Reset the IDS thresholds to their default values.
E-DOC-CTC-20061027-0003 v2.0
407
IDS Commands
ids threshold modify
Modify the IDS thresholds.
SYNTAX:
ids threshold modify index = <number>
[window = <number>]
[limit = <number>]
[scaling = <{disabled | enabled}>] where: index window limit scaling
The index of the IDS threshold to be modified.
Tip
Use the command
:ids threshold list to obtain the indexes.
A number (of seconds).
Represents the time window of the threshold.
A number.
Represents the limit of the threshold.
Enable or disable scaling of the threshold window.
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
EXAMPLE:
=>ids threshold list index name window limit scaling
-----------------------------------------------------------------
1.
ids scan
2.
ids flood
20
2
20
100 enabled disabled
3.
ids tcp rate
4.
ids udp rate
5.
ids icmp rate
6.
ids ip rate
1
1
1
1
200
200
200
200 disabled disabled disabled disabled
=>ids threshold modify index=3 window=10 limit=300 scaling=enabled
=>ids threshold list index name window limit scaling
-----------------------------------------------------------------
1.
ids scan
2.
ids flood
20
2
20 enabled
100 disabled
3.
ids tcp rate
4.
ids udp rate
5.
ids icmp rate
6.
ids ip rate
=>
10
1
1
1
300 enabled
200 disabled
200 disabled
200 disable
RELATED COMMANDS:
Reset the IDS thresholds to their default values.
Display the IDS thresholds.
E-DOC-CTC-20061027-0003 v2.0
408
IGMP Commands
20 IGMP Commands
Introduction
This chapter describes the commands of the
IGMP command group.
Contents
This chapter covers the following commands:
Display or modify global IGMP configuration.
Flush the IGMP settings.
Show the IGMP groups.
Show the IGMP groups.
Show the configuration of the IGMP interfaces.
Clear IGMP statistics.
Print IGMP statistics.
Configure the IGMP proxy.
Flush all IGMP proxy settings and learned groups.
Show the learned groups on an IGMP proxy interface.
Configure an IGMP proxy interface.
Show the configuration of an IGMP proxy interface.
Show the IGMP proxy membership database (merge of all learned groups.
Clear IGMP proxy statistics.
Print IGMP proxy statistics.
Modify IGMP proxy trace configuration.
417
419
420
421
422
423
414
415
416
411
412
412
424
425
426
E-DOC-CTC-20061027-0003 v2.0
409
IGMP Commands
igmp host config
Display or modify global IGMP configuration.
SYNTAX:
igmp host config where: requirera
[requirera = <{disabled | enabled}>]
Enable or disable the router alert IP option check.
The default is
disabled
.
OPTIONAL
EXAMPLE:
=>igmp host confighostmgr list
Router alert IP option check : disabled
=>
RELATED COMMANDS:
Show the IGMP groups.
410
E-DOC-CTC-20061027-0003 v2.0
IGMP Commands
igmp host flush
Flush the IGMP settings.
SYNTAX:
igmp host flush
E-DOC-CTC-20061027-0003 v2.0
411
IGMP Commands
igmp host list
Show the IGMP groups.
SYNTAX:
igmp host list where: intf expand
[intf = <string>]
[expand = <{disabled | enabled}>]
The IP interface name.
Enable or disable expanded listing of IGMP groups.
The default is
disabled
.
OPTIONAL
OPTIONAL
EXAMPLE:
4
4
=>igmp host list
Interface
=> lan1 lan1
Group
224.0.0.103
239.255.255.250
Filter-Mode Source
EXCLUDE none
EXCLUDE none
412
E-DOC-CTC-20061027-0003 v2.0
IGMP Commands
igmp host ifconfig
Configure an IGMP interface.
SYNTAX:
igmp host ifconfig where: intf version intf = <string> version = <{none |IGMPv1 |IGMPv2 |IGMPv3}>
The IP interface name.
The IGMP version of the IP interface.
Choose between:
>
IGMPv1
>
IGMPv2
>
IGMPv3
> none
REQUIRED
REQUIRED
EXAMPLE:
=>igmp host ifconfig intf = lan1 version = IGMPv1
:igmp host ifconfig intf=lan1 version=IGMPv1
=>
RELATED COMMANDS:
Show the configuration of the IGMP interfaces.
E-DOC-CTC-20061027-0003 v2.0
413
IGMP Commands
igmp host iflist
Show the configuration of the IGMP interfaces.
SYNTAX:
igmp host iflist where: expand
[expand = <{disabled | enabled}>]
Enable or disable expanded listing of IGMP interfaces configuration.
The default is
disabled
.
OPTIONAL
EXAMPLE:
4
5
2
3
0
1
=>igmp host iflist
Interface loop
Internet
ISDN_backup
ISDN_backup_trigger lan1 wan1
6
7
=> dmz1 guest1
Version
IGMPv3
IGMPv3
IGMPv3
IGMPv3
IGMPv3
IGMPv3
IGMPv3
IGMPv3
RELATED COMMANDS:
E-DOC-CTC-20061027-0003 v2.0
414
IGMP Commands
igmp host debug clear
Clear IGMP statistics.
SYNTAX:
igmp host debug clear
RELATED COMMANDS:
Print IGMP statistics.
E-DOC-CTC-20061027-0003 v2.0
415
igmp host debug stats
Print IGMP statistics.
SYNTAX:
igmp host debug stats
EXAMPLE:
=>igmp host debug stats
Total IGMP messages received
Too small IGMP messages received
Too long IGMP messages received
IGMP messages with bad checksum received
IGMP messages with bad TTL received
IGMP messages with no router alert IP option received
IGMPv1 membership queries received
IGMPv2 membership queries received
IGMPv3 membership queries received
IGMP bad queries received
IGMP failing membership queries
IGMPv1/v2 membership reports received
IGMPv1/v2 invalid membership reports received
IGMPv1/v2 membership reports received for our groups
IGMPv1/v2 membership reports transmitted
IGMPv3 membership reports transmitted
=>
: 0
: 0
: 0
: 0
: 0
: 0
: 0
: 0
: 0
: 0
: 0
: 0
: 0
: 0
: 0
: 0
RELATED COMMANDS:
Clear IGMP statistics.
IGMP Commands
E-DOC-CTC-20061027-0003 v2.0
416
IGMP Commands
igmp proxy config
Configure the IGMP proxy.
SYNTAX:
igmp proxy config where: state qi qri lmqi rv requirera localgroup
[state = <{disabled | enabled}>]
[qi = <number{1-86400}>]
[qri = <number{1-86400}>]
[lmqi = <number{1-86400}>]
[rv = <number{2-10}>]
[requirera = <{disabled | enabled}>]
[localgroup = <{disabled | enabled}>]
Enable or disable the IGMP proxy.
The default is
enabled
.
A number between 1 and 86400.
Represents the interval in seconds between general queries sent by the querier.
A number between 1 and 86400.
Represents the maximum response time in seconds for an IGMP client in reply to general queries.
A number between 1 and 86400.
Represents the maximum response time in seconds for an IGMP client in reply to group specific queries.
A number between 2 and 10.
Represents the robustness variable, which allows tuning for expected IGMP packet loss.
Enable or disable the router alert IP option check.
The default is
disabled
.
Enable or disable the processing of a local multicast group in an
IGMP packet.
The default is
disabled
.
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
417
EXAMPLE:
=>igmp proxy config
IGMP proxy state
Query Interval
Query Response Interval
Last Member Query Interval
Robustness variable
Router alert IP option check
Process local multicast group
=>
: disabled
: 0 days, 0:02:05
: 0 days, 0:00:10
: 0 days, 0:00:01
: 2
: disabled
: disabled
RELATED COMMANDS:
Show the learned groups on an IGMP proxy interface.
IGMP Commands
418
E-DOC-CTC-20061027-0003 v2.0
IGMP Commands
igmp proxy flush
Flush all IGMP proxy settings and learned groups.
SYNTAX:
igmp proxy flush
E-DOC-CTC-20061027-0003 v2.0
419
IGMP Commands
igmp proxy grouplist
Show the learned groups on an IGMP proxy interface.
SYNTAX:
igmp proxy grouplist where: intf expand
[intf = <string>]
[expand = <{disabled | enabled}>]
The name of the IGMP proxy interface to be listed.
Enable or disable expanded listing of the learned groups on an
IGMP proxy interface.
The default is
disabled
.
OPTIONAL
OPTIONAL
RELATED COMMANDS:
Configure the IGMP proxy.
420
E-DOC-CTC-20061027-0003 v2.0
IGMP Commands
igmp proxy ifconfig
Configure an IGMP proxy interface.
SYNTAX:
igmp proxy ifconfig intf = <string>
[state = <{inactive | downstream | upstream}>]
[version = <{IGMPv1 | IGMPv2 | IGMPv3}>]
[fastleave = <{disabled | enabled}>] where: intf state
REQUIRED
OPTIONAL version fastleave
The name of the IGMP proxy interface to be configured.
The state of the IGMP proxy interface.
Choose between:
>
inactive
>
downstream
>
upstream
The IGMP version of the IGMP proxy interface.
Choose between:
>
IGMPv1
>
IGMPv2
>
IGMPv3
>
none
Enable or disable the immediate deletion of a group when a leave is received.
The default is
disabled
.
OPTIONAL
OPTIONAL
EXAMPLE:
=>igmp proxy ifconfig intf = lan1
[state] = downstream
[version] = IGMPv3
[fastleave] = disabled
=>
RELATED COMMANDS:
Show the configuration of an IGMP proxy interface.
E-DOC-CTC-20061027-0003 v2.0
421
IGMP Commands
igmp proxy iflist
Show the configuration of an IGMP proxy interface.
SYNTAX:
igmp proxy iflist where: expand
[expand = <{disabled | enabled}>]
Enable or disable expanded listing of IGMP proxy interface configuration.
The default is
disabled
.
OPTIONAL
EXAMPLE:
3
2
5
4
7
6
=>igmp proxy iflist
Interface guest1 dmz1
1
=> wan1 lan1
ISDN_backup_trigger
ISDN_backup
Internet
State inactive inactive inactive downstream inactive inactive inactive
Version
-
-
-
-
-
-
-
Querier
-
-
-
-
-
-
-
RELATED COMMANDS:
Configure an IGMP proxy interface.
422
E-DOC-CTC-20061027-0003 v2.0
IGMP Commands
igmp proxy mbslist
Show the IGMP proxy membership database (merge of all learned groups.
SYNTAX:
igmp proxy mbslist
E-DOC-CTC-20061027-0003 v2.0
423
igmp proxy debug clear
Clear IGMP proxy statistics.
SYNTAX:
igmp proxy debug clear
RELATED COMMANDS:
Print IGMP proxy statistics.
Modify IGMP proxy trace configuration.
IGMP Commands
424
E-DOC-CTC-20061027-0003 v2.0
IGMP Commands
igmp proxy debug stats
Print IGMP proxy statistics.
SYNTAX:
igmp proxy debug stats
EXAMPLE:
=>igmp proxy debug stats
IGMP proxy statistics:
Total IGMP packets recv
Too short IGMP packets recv
IGMP packets with bad checksum recv
IGMP packets with bad ttl recv
IGMP packets with no route alert option recv
IGMPv1 queries recv
IGMPv2 queries recv
IGMPv3 queries recv
IGMP bad queries recv
IGMP queries fail
IGMPv1 reports recv
IGMPv2 reports recv
IGMPv3 reports recv
IGMP bad reports recv
IGMP leave reports recv
IGMP bad leave reports recv
IGMPv1 queries sent
IGMPv2 queries sent
IGMPv3 queries sent
IGMP query election switch
=>
RELATED COMMANDS:
Clear IGMP proxy statistics.
Modify IGMP proxy trace configuration.
: 0
: 0
: 0
: 0
: 0
: 0
: 0
: 0
: 0
: 0
: 0
: 0
: 0
: 0
: 0
: 0
: 0
: 0
: 0
: 0
E-DOC-CTC-20061027-0003 v2.0
425
IGMP Commands
igmp proxy debug traceconfig
Modify IGMP proxy trace configuration.
SYNTAX:
igmp proxy debug traceconfig where: state
[state = <{disabled | enabled}>]
Enable or disable tracing.
The default is
disabled
.
OPTIONAL
RELATED COMMANDS:
Clear IGMP proxy statistics.
Print IGMP proxy statistics.
426
E-DOC-CTC-20061027-0003 v2.0
Interface Commands
21 Interface Commands
Introduction
This chapter describes the commands of the interface command group.
Contents
This chapter covers the following commands:
interface list Display interfaces.
E-DOC-CTC-20061027-0003 v2.0
427
Interface Commands
interface list
Display interfaces.
SYNTAX:
interface list [expand = <{disabled | enabled}>]
[reverse = <{disabled | enabled}>] where: expand reverse
Enable or disable expanded listing of interfaces.
The default is
disabled
.
Enable or disable reverse listing (lower layer first instead of upper layer first).
The default is
disabled
.
OPTIONAL
OPTIONAL
428
E-DOC-CTC-20061027-0003 v2.0
Interface Commands
EXAMPLE:
=>interface list
Name ethif1 ethif4
Type physical physical physical eth eth atm
State connected connected connected usbif1
RELAY bridge atm_0_35 connected connected connected connected atm_8_35 ethoa_0_35 ethoa_8_35 atm eth eth
Internet_ppp ppp
Internet eth0 ip ip connected connected not-connected not-connected connected
=>
=>interface list expand=enabled
Name ethif1 ethif4
Type physical physical
State connected connected
Flags....: INTERNAL
1
1
1
1
1
1
Use UL Interfaces
1 bridge
0
0
1
0
0 bridge bridge
Internet_ppp eth0 ethoa_0_35 ethoa_8_35
Internet
Use UL Interfaces
1 bridge
Flags....: INTERNAL
Phys.....: intf: 0 type eth speed: 100 Mbps
1 bridge usbif1
RELAY
Phys.....: intf: 3 type eth speed: 100 Mbps physical connected 1 bridge
Flags....: INTERNAL
Phys.....: intf: 4 type usb speed: 12 Mbps eth connected 1 Internet_ppp bridge atm_0_35
Flags....: INTERNAL DYNAMIC RELAY
Eth......: port: 65535 ip_cid: 200 arp_cid: 0 eth connected 1 eth0
Flags....: DYNAMIC
Eth......: port: 0 ip_cid: 16385 arp_cid: 16386 atm connected 1 ethoa_0_35 atm_8_35
Flags....:
Atm......: cid: 8196 atm_cid: 8196 llc_cid: 0 ppp_cid: 0 atm connected 1 ethoa_8_35
Flags....:
Atm......: cid: 8198 atm_cid: 8198 llc_cid: 0 ppp_cid: 0 eth connected 0 ethoa_0_35 ethoa_8_35
Eth......: port: 2 ip_cid: 16389 arp_cid: 16390
Internet_ppp ppp not-connected 1 Internet
Flags....:
Ppp......: cid: 0 ip_cid: 0
Internet
Flags....:
Eth......: port: 1 ip_cid: 16387 arp_cid: 16388 eth
Flags....: connected 0 eth0 ip not-connected
Flags....: DYNAMIC
0
Ip.......: dest: Internet_ppp ip connected 0
Flags....:
Ip.......: dest: bridge
=>
E-DOC-CTC-20061027-0003 v2.0
429
Interface Commands
430
E-DOC-CTC-20061027-0003 v2.0
IP Commands
22 IP Commands
This chapter describes the commands of the ip command group.
Contents
This chapter covers the following commands:
ip arpadd Add an entry to the ARP cache of a broadcast Internet Protocol
Delete an entry from the ARP cache.
Show/set global IP stack configuration options.
Flush all the static IP parameters.
Configure the parameters of an IP interface.
Display all the IP interfaces.
Wait for a status change of an IP interface.
Assign an IP address to an IP interface.
Modify an IP address configuration.
Remove an IP address from an IP interface.
Display all the configured IP addresses.
Add a multicast route to the multicast routing table.
Delete a multicast route from the multicast routing table.
Display the multicast routing table.
Flush the multicast routing table.
Add a route to the routing table.
Delete a route from the routing table.
Select and assign a link-local address to an autoIP interface.
Configure an autoIP interface.
Delete an existing autoIP interface.
Release the link-local address for the given autoIP interface.
Display the autoIP interfaces.
Send a HTTP probe.
E-DOC-CTC-20061027-0003 v2.0
431
Send UDP packets.
Display IP statistics.
Display/modify the IP stack trace configuration.
IP Commands
432
E-DOC-CTC-20061027-0003 v2.0
IP Commands
ip arpadd
Add an entry to the ARP cache of a broadcast Internet Protocol (IP) interface.
SYNTAX:
ip arpadd intf = <string> ip = <ip-range>
[hwaddr = <hardware-address>] where: intf ip hwaddr
The IP interface name.
The IP address (or range) of the entry to be added to the Address
Resolution Protocol (ARP) cache.
The hardware address (for example the Ethernet MAC address) of the entry to be added.
REQUIRED
REQUIRED
OPTIONAL
EXAMPLE:
=>ip arplist
Interface
2 eth0
IP-address
10.0.0.1
=>ip arpadd intf=eth0 ip=10.0.0.2
HW-address Type
00:10:a4:ad:32:cf STATIC
=>ip arplist
Interface
2
2 eth0 eth0
IP-address
10.0.0.1
10.0.0.2
HW-address Type
00:10:a4:ad:32:cf STATIC
00:00:00:00:00:00 DYNAMIC
=>ip arpadd intf=eth0 ip=10.0.0.3 hwaddr=00:a0:24:ae:66:e1
2
2
=>ip arplist
Interface eth0 eth0
2
=> eth0
IP-address
10.0.0.1
10.0.0.2
10.0.0.3
HW-address Type
00:10:a4:ad:32:cf STATIC
00:00:00:00:00:00 DYNAMIC
00:a0:24:ae:66:e1 STATIC
RELATED COMMANDS:
Delete an entry from the ARP cache.
E-DOC-CTC-20061027-0003 v2.0
433
IP Commands
ip arpdelete
Delete an entry from the ARP cache.
SYNTAX:
ip arpdelete intf = <string> ip = <ip-range>
[hwaddr = <hardware-address>] where: intf ip hwaddr
The IP interface name.
The IP address (or range) of the entry to be deleted.
The hardware address (for example the Ethernet MAC address) of the entry to be deleted.
REQUIRED
REQUIRED
OPTIONAL
EXAMPLE:
2
2
=>ip arplist
Interface
2
2
2 eth0 eth0 eth0
IP-address
10.0.0.1
10.0.0.2
10.0.0.3
HW-address Type
00:10:a4:ad:32:cf STATIC
00:00:00:00:00:00 DYNAMIC
00:a0:24:ae:66:e1 STATIC
=>ip arpdelete intf=eth0 ip=10.0.0.3 hwaddr=00:a0:24:ae:66:e1
=>ip arplist
Interface eth0 eth0
IP-address
10.0.0.1
10.0.0.2
HW-address Type
00:10:a4:ad:32:cf STATIC
00:00:00:00:00:00 DYNAMIC
=>
RELATED COMMANDS:
Add an entry to the ARP cache of a broadcast Internet Protocol (IP) interface.
E-DOC-CTC-20061027-0003 v2.0
434
IP Commands
ip arplist
Display the ARP cache.
SYNTAX:
ip arplist
EXAMPLE:
2
2
=>ip arplist
Interface eth0 eth0
2
=> eth0
IP-address
10.0.0.1
10.0.0.2
10.0.0.3
RELATED COMMANDS:
HW-address Type
00:10:a4:ad:32:cf STATIC
00:00:00:00:00:00 DYNAMIC
00:a0:24:ae:66:e1 STATIC
Add an entry to the ARP cache of a broadcast Internet Protocol (IP) interface.
Delete an entry from the ARP cache.
E-DOC-CTC-20061027-0003 v2.0
435
IP Commands
ip config
Show/set global IP stack configuration options.
SYNTAX:
ip config [forwarding = <{disabled | enabled}>]
[redirects = <{disabled | enabled}>]
[checkoptions = <{disabled|enabled|transparent}>]
[netbroadcasts = <{disabled | enabled}>]
[ttl = <number{0-255}>]
[defragmode = <{disabled | enabled}>]
[addrcheck = <{off | own | static | dynamic}>]
[mssclamping = <{disabled | enabled}>]
[natloopback = <{disabled|enabled}>]
[loadbalancing = <{disabled|roundrobin}>]
[bitrate-window(sec) = <number{10-3600}>]
[acceleration = <{disabled|enabled}>] where: forwarding redirects checkoptions netbroadcasts ttl defragmode
Disable or enable the IP routing functionality.
The default is
enabled
.
Disable or enable the sending of ICMP redirect messages.
A router can send a redirect message in case a shorter path than the path followed is discovered.
The default is
enabled
(for security reasons).
Disallow/Allow packets with IP options.
The default is
enabled
.
Disable or enable net directed broadcasts.
The default is
disabled
.
In case netbroadcasts are allowed, no traces of netbroadcasts are generated.
A number between 0 and 255.
Represents the default Time To Live (TTL) for locally generated IP packets. This parameter determines the number of hop counts the IP packet may pass before it is dropped.
By limiting the TTL, continuous circulation of IP packets on the network without ever reaching a destination is avoided.
The default is
64
.
Disallow (disabled) or allow (enabled) defragmenting IP fragments.
The default is
enabled
.
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
436
IP Commands addrcheck mssclamping natloopback loadbalancing bitratewindow(sec) acceleration
Set the level of IP address checks.
Choose between:
>
off
: No address checking is performed. For advanced users only; in normal circumstances there should always be some kind of address checking.
>
own
: Minimum level of checking.
Only the address configuration on the Thomson ST is checked.
>
static
: Checking of the address configuration of the Thomson ST and also of traffic: addresses of incoming packets; this checking is related to constants (for example an address may not be entirely composed of one‘s or zero‘s).
>
dynamic
: Besides the address configuration of the Thomson ST itself, and besides the checking of traffic on a constants level, additional checking is performed on the IP addresses that are determined by the configuration, more specifically by the network.
The default is
dynamic
.
Disable or enable mss clamping for low MTU interfaces.
Enabling mss clamping assures that the size of a TCP packet never exceeds the available Maximum Transmission Unit (MTU) of the outgoing interface.
The default is
on
.
Note
It is recommended not to disable this parameter.
Disable/Enable NAT loopback.
The default is
enabled
.
Select loadbalancing mechanism
A number between 10 and 3600.
Set the window to calculate the bitrate (multiple of 10).
The default is
30
.
Disable/Enable IP acceleration
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
EXAMPLE:
=>ip config
Forwarding enabled
Sendredirects enabled
IP options enabled
NetBroadcasts disabled
Default TTL 64
Fraglimit 64 fragments
Fragcount currently 0 fragments
Defragment mode : enabled
Address checks : dynamic
Mss Clamping : enabled
NAT Loopback : enabled
Bitrate window (sec), multiple of 10 : 30
=>
E-DOC-CTC-20061027-0003 v2.0
437
IP Commands
ip flush
Flush all the static IP parameters.
Dynamic configurations (for example from PPP or CIP links) remain.
i
The flush command does not impact previously saved configurations.
!
The command
:ip flush deletes all local IP connectivity.
Do not use this command during an IP based local connection, for example a Telnet CLI session, or web based CLI access.
SYNTAX:
ip flush
438
E-DOC-CTC-20061027-0003 v2.0
IP Commands
ip ifadd
Create an IP interface.
SYNTAX:
ip ifadd where: intf dest intf = <string> dest = <string>
The name of the IP interface to be created.
An network interface name.
REQUIRED
REQUIRED
EXAMPLE:
2
3
0
1
=>ip iflist
Interface
0
1
2
3 loop
Internet
RtPPPoE_ppp
LocalNetwork
Group MTU local wan wan lan
65535 122062
1500
1500
RX
0
0
1500 84105
=>ip ifadd intf=myIPintf dest=RtPPPoE_eth
=>ip iflist
Interface
4
=> loop
Internet
RtPPPoE_ppp
LocalNetwork myIPintf
Group MTU RX local 65535 123966 wan wan lan wan
1500
1500
1500
1500
0
0
86589
0
0
0
TX
72987
123358
TX
75177
0
0
125262
0
0
0
TX-Drop Status HW-address
0 [UP] 00:0e:50:0f:fc:2c
0
DOWN
DOWN
[UP] 00:0e:50:0f:fc:2c
0
0
0
0
TX-Drop Status HW-address
0 [UP] 00:0e:50:0f:fc:2c
DOWN
DOWN
[UP]
DOWN
00:0e:50:0f:fc:2c
00:0e:50:0f:fc:2c
RELATED COMMANDS:
Display all the IP interfaces.
Wait for a status change of an IP interface.
E-DOC-CTC-20061027-0003 v2.0
439
IP Commands
ip ifattach
Attach an IP interface.
SYNTAX:
ip ifattach where: intf intf = <string>
The name of the IP interface to be attached.
REQUIRED
EXAMPLE:
2
3
0
1
=>ip iflist
Interface
0
1
2
3
4 loop
Internet
RtPPPoE_ppp
LocalNetwork myIPintf
Group MTU local wan wan lan wan
=>ip ifattach intf=myIPintf
RX
65535 123966
1500
1500
1500
1500
0
0
86589
0
=>ip iflist
Interface
4
=> loop
Internet
RtPPPoE_ppp
LocalNetwork myIPintf
Group MTU RX local 65535 123966 wan wan lan wan
1500
1500
1500
1500
0
0
86589
0
0
0
TX
75177
125262
0
0
0
0
0
TX-Drop Status HW-address
0 [UP] 00:0e:50:0f:fc:2c
DOWN
DOWN
[UP]
DOWN
00:0e:50:0f:fc:2c
00:0e:50:0f:fc:2c
0
0
TX
75177
125262
0
0
0
0
0
TX-Drop Status HW-address
0 [UP] 00:0e:50:0f:fc:2c
DOWN
DOWN
[UP]
[UP]
00:0e:50:0f:fc:2c
00:0e:50:0f:fc:2c
RELATED COMMANDS:
ip ifdetach Detach an IP interface.
E-DOC-CTC-20061027-0003 v2.0
440
IP Commands
ip ifconfig
Configure the parameters of an IP interface.
SYNTAX:
ip ifconfig intf = <string>
[mtu = <number{68-65535}>]
[status = <{down | up}>]
[hwaddr = <hardware-address>]
[group = <string> or number]
[linksensing = <{disabled | enabled}>]
[primary = <{disabled | enabled}>]
[mcastpromisc = <{disabled|enabled}>] where: intf mtu status hwaddr group linksensing primary mcastpromisc
The name of the IP interface to be configured.
A number between 68 and 65535.
Represents the MTU (the maximum packet size (including IP header)) to be used on this interface.
Note
The default value depends on the connection and packet service for which the interface was created.
The administrative state of the interface.
Choose between:
>
down
>
up
.
The hardware address (for example the Ethernet MAC address) of this IP interface.
The group to which this interface belongs. Can be used for firewalling, for example.
The IP interface's awareness of link state transitions.
The default is
enabled
.
Make the IP interface the primary interface (enabled) or not
(disabled).
The default is
disabled
.
Make the IP interface multicast promiscuous.
Choose between:
>
disabled
>
enabled
The default is
disabled
.
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
441
IP Commands
EXAMPLE:
0
1
=>ip iflist
Interface loop
Internet
2
3
RtPPPoE_ppp
LocalNetwork
4 myIPintf
=>ip ifconfig
Group MTU local 65535 123966 wan wan lan wan
1500
1500 intf = myIPintf
[mtu] = 1500
[status] = up
[hwaddr] = 00:0e:50:0f:fc:2c
[group] = wan
[linksensing] = enabled
[primary] = enabled
:ip ifconfig intf=myIPintf
RX
0
0
1500 86589
1500 0
2
3
4
=>
0
1
=>ip iflist
Interface loop
Internet
RtPPPoE_ppp
LocalNetwork myIPintf
Group MTU local 65535 123966 wan wan lan wan
1500
1500
RX
0
0
1500 86589
1500 0
0
0
TX
75177
125262
0
0
0
0
0
TX-Drop Status HW-address
0 [UP] 00:0e:50:0f:fc:2c
DOWN
DOWN
[UP]
DOWN
00:0e:50:0f:fc:2c
00:0e:50:0f:fc:2c
0
0
TX
75177
125262
0
0
0
0
0
TX-Drop Status HW-address
0 [UP] 00:0e:50:0f:fc:2c
DOWN
DOWN
[UP]
[UP]
00:0e:50:0f:fc:2c
00:0e:50:0f:fc:2c i
If the STATUS is shown between square brackets, then interface.
linksensing
is disabled for that particular
442
E-DOC-CTC-20061027-0003 v2.0
IP Commands
ip ifdelete
Delete an IP interface.
SYNTAX:
ip ifdelete where: intf intf = <string>
The name of the IP interface to be deleted.
REQUIRED
EXAMPLE:
2
3
0
1
=>ip iflist
Interface
0
1
2
3
4 loop
Internet
RtPPPoE_ppp
LocalNetwork myIPintf
Group MTU local wan wan lan wan
=>ip ifdelete intf=myIPintf
RX
65535 123966
1500
1500
1500
1500
0
0
86589
0
=>ip iflist
Interface loop
Internet
RtPPPoE_ppp
LocalNetwork
Group MTU RX local 65535 123966 wan wan lan
1500
1500
1500
0
0
86589
=>
0
0
TX
75177
125262
0
0
0
0
0
TX-Drop Status HW-address
0 [UP] 00:0e:50:0f:fc:2c
DOWN
DOWN
[UP]
[UP]
00:0e:50:0f:fc:2c
00:0e:50:0f:fc:2c
0
0
TX
75177
125262
0
0
TX-Drop Status HW-address
0 [UP] 00:0e:50:0f:fc:2c
0
DOWN
DOWN
[UP] 00:0e:50:0f:fc:2c
RELATED COMMANDS:
Display all the IP interfaces.
Wait for a status change of an IP interface.
E-DOC-CTC-20061027-0003 v2.0
443
IP Commands
ip ifdetach
Detach an IP interface.
SYNTAX:
ip ifdetach where: intf intf = <string>
The name of the IP interface to be detached.
REQUIRED
EXAMPLE:
=>ip iflist expand=enabled
Interface
0 loop
Group MTU RX local 65535 130597
BRHW-address : ff:ff:ff:ff:ff:ff
RX unicastpkts: 1304 brcastpkts : 0
TX
82240
TX-Drop
0
Status HW-address
[UP]
TX unicastpkts: 1994
Oper state : UP
Flags brcastpkts : 0
Admin State: UP droppkts:0
: ARP BROADCAST ARPTABLE LOOP MULTICAST INTERNAL
00:0e:50:0f:fc:2c
...
4 myIPintf wan 1500 0
BRHW-address : ff:ff:ff:ff:ff:ff
RX unicastpkts: 0
TX unicastpkts: 0
Oper state
Flags brcastpkts : 0 brcastpkts : 0
0 0 DOWN 00:0e:50:0f:fc:2c droppkts:0
: DOWN Admin State: UP
: PRIMARY ARP BROADCAST BOUND ARPTABLE MULTICAST LINKSENSING STATIC
=>ip ifdetach intf=myIPintf
=>ip iflist expand=enabled
Interface
0 loop
Group MTU RX local 65535 133683
BRHW-address : ff:ff:ff:ff:ff:ff
RX unicastpkts: 1332 brcastpkts : 0
TX
83949
TX-Drop
0
Status HW-address
[UP] 00:0e:50:0f:fc:2c
TX unicastpkts: 2036
Oper state : UP
Flags brcastpkts : 0
Admin State: UP droppkts:0
: ARP BROADCAST ARPTABLE LOOP MULTICAST INTERNAL
...
4 myIPintf wan 1500 0
BRHW-address : ff:ff:ff:ff:ff:ff
RX unicastpkts: 0
TX unicastpkts: 0
Oper state
Flags brcastpkts : 0 brcastpkts : 0
0 0 DOWN 00:0e:50:0f:fc:2c droppkts:0
: DOWN Admin State: DOWN
: PRIMARY ARP BROADCAST ARPTABLE MULTICAST LINKSENSING STATIC
=>
RELATED COMMANDS:
ip ifattach Attach an IP interface.
E-DOC-CTC-20061027-0003 v2.0
444
IP Commands
ip iflist
Display all the IP interfaces.
SYNTAX:
ip iflist [expand = <{disabled | enabled}>]
[string = <string>]
[beginstring = <string>] where: expand string beginstring
Enable or disable expanded listing.
The default is
disabled
.
String matching conditions
Bginstring matching conditions
EXAMPLE:
2
3
4
=>
0
1
=>ip iflist
Interface loop
Internet
RtPPPoE_ppp
LocalNetwork myIPintf
Group MTU RX local 65535 123966 wan wan
1500
1500
0
0 lan wan
1500 86589
1500 0
0
0
TX
75177
125262
0
0
0
0
0
TX-Drop Status HW-address
0 [UP] 00:0e:50:0f:fc:2c
DOWN
DOWN
[UP]
[UP]
00:0e:50:0f:fc:2c
00:0e:50:0f:fc:2c
OPTIONAL
OPTIONAL
OPTIONAL
RELATED COMMANDS:
Wait for a status change of an IP interface.
E-DOC-CTC-20061027-0003 v2.0
445
IP Commands
ip ifwait
Wait for a status change of an IP interface.
SYNTAX:
ip ifwait intf = <string>
[timeout = <number{1-600000}>]
[adminstatus = <{down | up}>]
[operstatus = <{down | up}>]
[linkstatus = <{down | up}>] where: intf timeout adminstatus operstatus linkstatus
The IP interface name.
A number between 1 and 600000 (seconds).
Represents the timeout.
The administrative state of the interface.
Choose between:
>
down
>
up
.
The operational state of the interface.
Choose between:
>
down
>
up
.
The link state of the interface.
Choose between:
>
down
>
up
.
RELATED COMMANDS:
Display all the IP interfaces.
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
446
IP Commands
ip ipadd
Assign an IP address to an IP interface.
SYNTAX:
ip ipadd intf = <string> addr = <ip-address>
[netmask = <ip-mask(dotted or cidr)>]
[pointopoint = <ip-address>]
[addroute = <{disabled | enabled}>] where: intf addr netmask pointopoi nt addroute
The IP interface name.
The new IP address to be added.
The subnetmask associated with this address.
The remote IP address in case of a dedicated point-to-point link.
Add typical net/subnet routes automatically according to the default (or specified) subnet mask (enabled) or not (disabled).
The default is
disabled
.
REQUIRED
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
EXAMPLE:
1
1
=>ip iplist
Interface
0 eth0 eth0 loop
Type
Ethernet
Ethernet
Ethernet
IP-address
10.0.0.138
169.254.141.11
127.0.0.1
Point-to-point/Mask
255.255.255.0
255.255.0.0
255.0.0.0
1
1
0
=>
=>ip ipadd intf=eth0 addr=10.0.0.2/24 addroute=enabled
=>ip iplist
Interface
1 eth0
Type
Ethernet
IP-address
10.0.0.2
Point-to-point/Mask
255.255.255.0
eth0 eth0 loop
Ethernet
Ethernet
Ethernet
10.0.0.138
169.254.141.11
127.0.0.1
255.255.255.0
255.255.0.0
255.0.0.0
RELATED COMMANDS:
Remove an IP address from an IP interface.
Display all the configured IP addresses.
E-DOC-CTC-20061027-0003 v2.0
447
IP Commands
ip ipconfig
Modify an IP address configuration.
SYNTAX:
ip ipconfig addr = <ip-address>
[preferred = <{disabled | enabled}>]
[primary = <{disabled | enabled}>] where: addr preferred primary
The IP address to be configured.
Make this IP address the preferred address for that subnet (enabled) or not (disabled).
The default is
disabled
.
Make this IP address the primary address for the interface (enabled) or not (disabled).
The default is
disabled
.
REQUIRED
OPTIONAL
OPTIONAL
EXAMPLE:
1
1
=>ip iplist
Interface
1
1
0 eth0 eth0 loop
Type
Ethernet
Ethernet
Ethernet
IP-address
10.0.0.138
169.254.141.11
127.0.0.1
Point-to-point/Mask
255.255.255.0
255.255.0.0
255.0.0.0
=>ip ipconfig addr=169.254.141.11 preferred=enabled primary=enabled
=>ip iplist
Interface
0
=> eth0 eth0 loop
Type
Ethernet
Ethernet
Ethernet
IP-address
10.0.0.138
*169.254.141.11
127.0.0.1
Point-to-point/Mask
255.255.255.0
255.255.0.0
255.0.0.0
i
The primary IP address is marked with “*” in the list.
E-DOC-CTC-20061027-0003 v2.0
448
IP Commands
ip ipdelete
Remove an IP address from an IP interface.
SYNTAX:
ip ipdelete where: addr addr = <ip-address>
The IP address to be deleted.
EXAMPLE:
1
0
1
1
=>ip iplist
Interface eth0 eth0 eth0 loop
1
0
=>ip ipdelete addr=10.0.0.2
=>ip iplist
Interface
1 eth0
Type
Ethernet eth0 loop
Ethernet
Ethernet
=>
Type
Ethernet
Ethernet
Ethernet
Ethernet
IP-address
10.0.0.2
10.0.0.138
169.254.141.11
127.0.0.1
Point-to-point/Mask
255.255.255.0
255.255.255.0
255.255.0.0
255.0.0.0
IP-address
10.0.0.138
169.254.141.11
127.0.0.1
Point-to-point/Mask
255.255.255.0
255.255.0.0
255.0.0.0
RELATED COMMANDS:
Assign an IP address to an IP interface.
Display all the configured IP addresses.
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
449
ip iplist
Display all the configured IP addresses.
SYNTAX:
ip iplist
EXAMPLE:
2
2
=>ip iplist
Interface
LocalNetwork
LocalNetwork
0
=> loop
Type
Ethernet
Ethernet
Ethernet
RELATED COMMANDS:
IP-address
10.0.0.138
*192.168.1.254
127.0.0.1
Point-to-point/Mask
255.255.255.0
255.255.255.0
255.255.255.255
Assign an IP address to an IP interface.
Remove an IP address from an IP interface.
IP Commands
450
E-DOC-CTC-20061027-0003 v2.0
IP Commands
ip mcast rtadd
Add a multicast route to the multicast routing table.
SYNTAX:
ip mcast rtadd srcintf = <string>
[src = <ip-address>] grp = <ip-address> dstintf = <string>
[ttl = <number{1-255}>]
[ttlincr = {disabled | enabled}] where: srcintf src grp dstintf ttl ttlincr
The source IP interface.
The source IP address.
The multicast group IP address.
The destination IP interface.
The time-to-live for that destination IP interface.
Increment TTL before packet is send.
RELATED COMMANDS:
Delete a multicast route from the multicast routing table.
Display the multicast routing table.
Flush the multicast routing table.
REQUIRED
OPTIONAL
REQUIRED
REQUIRED
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
451
IP Commands
ip mcast rtdelete
Delete a multicast route from the multicast routing table.
SYNTAX:
ip mcast rtdelete srcintf = <string>
[src = <ip-address>] grp = <ip-address> dstintf = <string> where: srcintf src grp dstintf
The source IP interface.
The source IP address.
The multicast group IP address.
The destination IP interface.
RELATED COMMANDS:
Add a multicast route to the multicast routing table.
Display the multicast routing table.
Flush the multicast routing table.
REQUIRED
OPTIONAL
REQUIRED
REQUIRED
452
E-DOC-CTC-20061027-0003 v2.0
IP Commands
ip mcast rtlist
Display the multicast routing table.
SYNTAX:
ip mcast rtlist where: expand
[expand = <{disabled | enabled}>}]
Enable or disable expanded listing.
The default is
disabled
.
RELATED COMMANDS:
Add a multicast route to the multicast routing table.
Delete a multicast route from the multicast routing table.
Flush the multicast routing table.
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
453
ip mcast flush
Flush the multicast routing table.
SYNTAX:
ip mcast flush
RELATED COMMANDS:
Add a multicast route to the multicast routing table.
Delete a multicast route from the multicast routing table.
Display the multicast routing table.
IP Commands
454
E-DOC-CTC-20061027-0003 v2.0
IP Commands
ip rtadd
Add a route to the routing table.
SYNTAX:
ip rtadd dst = <ip-address>
[dstmsk = <ip-mask(dotted or cidr)>]
[label = <string>]
[gateway = <ip-address>]
[intf = <string>]
[srcintf = <string>]
[metric = <number{0-255}>] where: dst dstmsk label gateway intf srcintf metric
The destination IP address(es) for this route.
Note
Supports ip/mask notation.
The destination IP address mask.
The name of the label.
The IP address of the next hop (direct connected gateway or extended route).
Note
The parameters
gateway
and
intf
are mutually exclusive.
Only for special interface routes: the outgoing IP interface name.
Note
The parameters
gateway
and
intf
are mutually exclusive.
Use this interface for source address selection.
The metric for this route (weight factor).
The lower the metric, the higher the weight.
The default is
0
.
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
455
EXAMPLE:
=>ip rtlist
Destination Label
10.0.0.0/24
10.0.0.140/32
127.0.0.1/32
Gateway
10.0.0.140
10.0.0.140
127.0.0.1
Intf Mtrc Status eth0 eth0 loop
0
0
0
[UP]
[UP]
[UP]
=>ip rtadd dst=10.10.0.0/24 label=Interactive gateway=10.0.0.140
=>ip rtlist
Destination Label
10.0.0.0/24
10.10.0.0/24 Interactive
10.0.0.140/32
127.0.0.1/32
Gateway
10.0.0.140
10.0.0.140
10.0.0.140
127.0.0.1
Intf Mtrc Status eth0 eth0 eth0 loop
0
0
0
0
[UP]
[UP]
[UP]
[UP]
=>
RELATED COMMANDS:
Delete a route from the routing table.
IP Commands
456
E-DOC-CTC-20061027-0003 v2.0
IP Commands
ip rtdelete
Delete a route from the routing table.
SYNTAX:
ip rtdelete dst = <ip-address>
[dstmsk = <ip-mask(dotted or cidr)>]
[label = <string>]
[gateway = <ip-address>]
[intf = <string>] where: dst dstmsk label gateway intf
The destination IP address(es) for this route.
Note
Supports cidr notation.
The destination IP address mask.
The name of the label.
The IP address of the next hop. The next hop must be directly connected.
Note
The parameters
gateway
and
intf
are mutually exclusive.
Only for special interface routes: the outgoing IP interface name.
Note
The parameters
gateway
and
intf
are mutually exclusive.
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
EXAMPLE:
=>ip rtlist
Destination Label
10.0.0.0/24
10.10.0.0/24 Interactive
10.0.0.140/32
127.0.0.1/32
Gateway
10.0.0.140
10.0.0.140
10.0.0.140
127.0.0.1
Intf Mtrc Status eth0 eth0 eth0 loop
0
0
0
[UP]
[UP]
[UP]
0 [UP]
=>ip rtdelete dst=10.10.0.0/24 label=Interactive gateway=10.0.0.140
=>ip rtlist
Destination Label
10.0.0.0/24
10.0.0.140/32
127.0.0.1/32
Gateway
10.0.0.140
10.0.0.140
127.0.0.1
Intf Mtrc Status eth0 eth0 loop
0
0
0
[UP]
[UP]
[UP]
=>
RELATED COMMANDS:
Add a route to the routing table.
E-DOC-CTC-20061027-0003 v2.0
457
IP Commands
ip rtlist
Display the routing table.
SYNTAX:
ip rtlist where: expand
[expand = <{disabled | enabled}>]
Enable or disable expanded listing.
The default is
disabled
.
OPTIONAL
EXAMPLE:
=>ip rtlist
Destination Label
10.0.0.138/32
127.0.0.1/32
10.0.0.0/24
=>ip rtlist expand=enabled
32
Destination Label
10.0.0.138/
127.0.0.1
loop
127.0.0.1/
32 127.0.0.1
loop
10.0.0.0/
24
=>
10.0.0.138
eth0
Gateway Interface
127.0.0.1
loop
127.0.0.1
loop
10.0.0.138
eth0
Gateway
0
0
0
Interface
[UP]
[UP]
[UP]
Metric Status
0
0
0
[UP]
[UP]
[UP]
Metric Status Source-selection default default default
127.0.0.1
127.0.0.1
10.0.0.138
RELATED COMMANDS:
Add a route to the routing table.
Delete a route from the routing table.
E-DOC-CTC-20061027-0003 v2.0
458
IP Commands
ip auto flush
Flush the autoIP interfaces.
SYNTAX:
ip auto flush
E-DOC-CTC-20061027-0003 v2.0
459
IP Commands
ip auto ifadd
Create an autoIP interface.
SYNTAX:
ip auto ifadd where: intf dest intf = <string>
[addr = <ip-address>]
The name of the IP interface for which a link-local address has to be allocated.
The preferred link-local IP address.
REQUIRED
OPTIONAL
EXAMPLE:
=>ip auto ifadd intf=eth0
=> ip auto iflist eth0 : [INIT] 0.0.0.0
poolstart = 169.254.1.1
poolend = 169.254.254.254
netmask = 255.255.0.0
claim : 10 defence : 5 probe : 4 interval : 2 (sec) probes sent = 0 collisions = 0
=>
RELATED COMMANDS:
Delete an existing autoIP interface.
Display the autoIP interfaces.
E-DOC-CTC-20061027-0003 v2.0
460
IP Commands
ip auto ifattach
Select and assign a link-local address to an autoIP interface.
SYNTAX:
ip auto ifattach where: intf intf = <string>
The name of the autoIP interface for which a link-local address has to be attached.
REQUIRED
EXAMPLE:
=> ip auto iflist ipsec0 : [INIT] 0.0.0.0
poolstart = 169.254.1.1
poolend = 169.254.254.254
netmask = 255.255.0.0
claim : 10 defence : 5 probe : 4 interval : 2 (sec) probes sent = 0 collisions = 0
=>ip auto ifattach intf=ipsec0
=> ip auto iflist ipsec0 : [SELECTING] 169.254.80.236
poolstart = 169.254.1.1
poolend = 169.254.254.254
netmask = 255.255.0.0
claim : 10 defence : 5 probe : 4 interval : 2 (sec) probes sent = 2 collisions = 0
=>
RELATED COMMANDS:
ip auto ifdetach Release the link-local address for the given autoIP interface.
E-DOC-CTC-20061027-0003 v2.0
461
IP Commands
ip auto ifconfig
Configure an autoIP interface.
SYNTAX:
ip auto ifconfig intf = <string>
[addr = <ip-address>]
[poolstart = <ip-address>]
[poolend = <ip-address>]
[netmask = <ip-mask(dotted or cidr)>]
[claim = <number{0-65535}>]
[defence = <number{0-65535}>]
[probe = <number{0-65535}>]
[interval = <number{1-65535}>] where: intf addr poolstart poolend netmask claim defence probe interval
The name of the autoIP interface to be configured.
The preferred link-local IP address.
The start IP address of the link-local address pool.
The default is
169.254.1.1
.
The end IP address of the link-local address pool.
The default is
169.254.254.254
.
The netmask of the link-local IP address pool.
The default is
16
.
A number between 0 and 65535.
Represents the number of link-local address selection retries before giving up.
The default is
10
.
A number between 0 and 65535.
Represents the number of times the link-local address is defended before releasing the address.
The default is
5
.
A number between 0 and 65535.
Represents the number of ARP probes to be sent before accepting a linklocal address.
The default is
4
.
A number between 1 and 65535 (seconds).
Represents the time interval between two ARP probe transmissions.
The default is
2
.
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
462
IP Commands
EXAMPLE:
=> ip auto iflist eth0 : [INIT] 0.0.0.0
poolstart = 169.254.1.1
poolend = 169.254.254.254
netmask = 255.255.0.0
claim : 10 defence : 5 probe : 4 interval : 2 (sec) probes sent = 0 collisions = 0
=>ip auto ifconfig intf=ipsec0 claim=5 probe=5
=> ip auto iflist ipsec0 : [INIT] 0.0.0.0
poolstart = 169.254.1.1
poolend = 169.254.254.254
netmask = 255.255.0.0
claim : 5 defence : 5 probe : 5 interval : 2 (sec) probes sent = 0 collisions = 0
=>
E-DOC-CTC-20061027-0003 v2.0
463
IP Commands
ip auto ifdelete
Delete an existing autoIP interface.
SYNTAX:
ip auto ifdelete where: intf intf = <string>
The name of the IP interface to be deleted.
REQUIRED
EXAMPLE:
=>ip auto iflist ipsec0 : [SELECTING] 169.254.80.236
poolstart = 169.254.1.1
poolend = 169.254.254.254
netmask = 255.255.0.0
claim : 10 defence : 5 probe : 4 interval : 2 (sec) probes sent = 2 collisions = 0
=>ip auto ifdelete intf=ipsec0
=>ip auto iflist
=>
RELATED COMMANDS:
Display the autoIP interfaces.
464
E-DOC-CTC-20061027-0003 v2.0
IP Commands
ip auto ifdetach
Release the link-local address for the given autoIP interface.
SYNTAX:
ip auto ifdetach where: intf intf = <string>
The name of the autoIP interface for which a link-local address has to be detached.
REQUIRED
EXAMPLE:
=>ip auto iflist ipsec0 : [SELECTING] 169.254.80.236
poolstart = 169.254.1.1
poolend = 169.254.254.254
netmask = 255.255.0.0
claim : 10 defence : 5 probe : 4 interval : 2 (sec) probes sent = 2 collisions = 0
=>ip auto ifdetach intf=ipsec0
=>ip auto iflist ipsec0 : [INIT] 169.254.80.236
poolstart = 169.254.1.1
poolend = 169.254.254.254
netmask = 255.255.0.0
claim : 10 defence : 5 probe : 4 interval : 2 (sec) probes sent = 0 collisions = 0
=>
RELATED COMMANDS:
Select and assign a link-local address to an autoIP interface.
E-DOC-CTC-20061027-0003 v2.0
465
IP Commands
ip auto iflist
Display the autoIP interfaces.
SYNTAX:
ip auto iflist where: intf
[intf = <string>]
The name of the autoIP interface to be listed.
Note
If not specified, all the autoIP interfaces are shown.
OPTIONAL
EXAMPLE:
=>ip auto iflist eth0 : [CLAIMED] 169.254.138.1
poolstart = 169.254.1.1
poolend = 169.254.254.254
netmask = 255.255.0.0
claim : 10 defence : 5 probe : 4 interval : 2 (sec) probes sent = 2 collisions = 0
=>
RELATED COMMANDS:
Delete an existing autoIP interface.
466
E-DOC-CTC-20061027-0003 v2.0
IP Commands
ip debug httpprobe
Send a HTTP probe.
This HTTP probe will measure the Round Trip Time (RTT) taken to connect and access data from a HTTP server.
SYNTAX:
ip debug httpprobe url = <string>
[version = <{1.0 | 1.1}>] where: url version
The Uniform Resource Locator (URL) identifying the HTTP server.
The version of the HTTP server.
The default is
1.0
.
REQUIRED
OPTIONAL
EXAMPLE:
The first example shows the measured time for a file that was downloaded:
=>ip httpprobe url=http://download.winzip.com/wzipse22.exe
DNS Lookup-RTT = 19 ms
TCP Connect-RTT = 20 ms
HTTP transaction-RTT = 18772 ms
Total RTT
PageSize
Download speed
=>
= 18811 ms
= 385712 Bytes
= 20.54 KByte/s
If the URL of a normal HTML page is used the figures are not so relevant, as shown in the example below:
=>ip httpprobe url=http://www.google.be
DNS Lookup-RTT = 19 ms
TCP Connect-RTT = 75 ms
HTTP transaction-RTT = 401 ms
Total RTT
PageSize
=>
= 495 ms
= 3448 Bytes
DESCRIPTION:
>
RTT taken to perform domain name lookup.
>
RTT taken to perform a TCP connect to the HTTP Server.
>
RTT taken to send a request and get a response back from the HTTP Server (the probe retrieves the base
HTML page only as body, and does not request hyperlinks within this page).
The SpeedTouch will send the HTTP request, receive the reply, and report the RTT statistics (including the size of the page returned).
E-DOC-CTC-20061027-0003 v2.0
467
IP Commands
ip debug sendto
Send UDP packets.
SYNTAX:
ip debug sendto addr = <ip-address>
[count = <number{1-1000000}>]
[size = <number{0-20000}>]
[interval = <number{1-1000000}>]
[listen = <{disabled | enabled}>]
[dffield = <{disabled | enabled}>]
[srcaddr = <ip-address>]
[srcport = <number{1-65535}>] dstport = <number{1-65535}>
[dstintf = <string>] where: addr count size interval listen dffield srcaddr srcport dstport dstintf
The destination IP address.
A number between 1 and 1000000.
Represents the number of UDP packets to send.
The default is
1
.
A number between 0 and 20000 (bytes).
Represents the size of the ping packet(s).
The default is
1
.
A number between 1 and 10000000 (milliseconds).
Represents the intermediate interval between two sent UDP packets.
The default is
100
.
Listen for incoming ICMP packets (enabled) or only send ICMP packets
(disabled).
The default is
disabled
.
Enable or disable setting of the don’t fragment flag in the IP headers of the ping.
The IP source address to use.
The UDP source port number to use.
The UDP destination port number to send to.
The IP interface name.
By specifying the destination interface with the dstintf parameter, a direct send is performed instead of a routed send. This means that the statefull firewall will be bypassed for the outbound packet. As a result, the returning icmp packet can not be associated with an existing udp connection (because there isn’t any) and is legally dropped by the firewall. To prevent this packet from being dropped, disable the
ICMPchecks and UDPchecks in the firewall configuration.
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
REQUIRED
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
468
IP Commands
EXAMPLE:
=>ip debug sendto addr=10.0.0.148 listen=on srcport=19 dstport=1025
=>ip debug sendto addr=10.0.0.148 listen=on srcport=19 dstport=1025
1 bytes from 10.0.0.148:1025
41 A
=>ip debug sendto addr=10.0.0.148 count=3 listen=on srcport=19 dstport=1025
1 bytes from 10.0.0.148:1025
41
1 bytes from 10.0.0.148:1025
41
A
A
1 bytes from 10.0.0.148:1025
41
=>
A
E-DOC-CTC-20061027-0003 v2.0
469
ip debug stats
Display IP statistics.
SYNTAX:
ip debug stats
EXAMPLE:
=>ip debug stats
Total datagrams received
IP header errors
Datagrams forwarded
Datagram forwarding errors
Datagram forwarding resource errors
Total Fragments received
Fragments dropped due to resources or timeouts
Datagrams reassembled
Datagrams fragmented successfully
Datagram fragmentation errors
Total Datagram fragments created successfully
=>
: 8599
: 0
: 23
: 3
: 0
: 0
: 0
: 0
: 0
: 0
: 0
IP Commands
470
E-DOC-CTC-20061027-0003 v2.0
IP Commands
ip debug traceconfig
Display/modify the IP stack trace configuration.
SYNTAX:
ip debug traceconfig [input = <{none | label | -telnet | -host |
-broadcast | all}>]
[forward = <{none | label | -telnet | -host |
-broadcast | all}>]
[output = <{none | label | -telnet | -host |
-broadcast | all}>]
[drop = <{none | label | -telnet | -host |
-broadcast | all}>]
[path = <{none | label | -telnet | -host |
-broadcast | all}>]
[mode = <{line | dump}>]
[arp = <{none | all}>] where: input OPTIONAL forward output drop path mode arp
Define the input packets that will be traced.
The default is
none
.
Define the forward packets that will be traced.
The default is
none
.
Define the output packets that will be traced.
The default is
none
.
Define the packet drops that will be traced.
The default is
all
.
Define the packet that will be path-traced.
The default is
none
.
Select the packet dump method.
Choose between:
>
line
:
>
dump
: .
The default is
line
.
Define the ARP packets that will be traced.
The default is
none
.
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
471
IP Commands
EXAMPLE:
=>ip debug traceconfig
Input traces : none
Forward traces : none
Output traces : none
Drop traces
Path traces
Trace mode
ARP traces
=>
: all
: none
: line
: none
EXAMPLE:
=>ip debug traceroute addr = 192.193.195.250 count=3 size=1 interval=1000 maxhops=30 dstport=
33433 maxfail=5 type=icmp utime=yes
:ip debug traceroute addr=192.193.195.250
ttl=1 192.193.195.250 676 us 1351 us 648 us
=>
472
E-DOC-CTC-20061027-0003 v2.0
IPQoS Commands
23 IPQoS Commands
Introduction
This chapter describes the commands of the ipqos command group.
Contents
This chapter covers the following commands:
Configure IPQoS for a given destination interface for the IPQoS queues instantiation.
Display the IPQoS configuration.
Configure the IPQoS Expedited Forwarding (EF) timer for an interface.
Display the IPQoS EF timer statistics.
Modify the IPQoS subqueue configuration.
Display the IPQoS subqueue configuration.
Show the IPQoS subqueue statistics.
E-DOC-CTC-20061027-0003 v2.0
473
IPQoS Commands
ipqos config
Configure IPQoS for a given destination interface for the IPQoS queues instantiation.
i
When enabling or disabling IPQoS, take the following into account:
>
if the WAN interface (for example PPPoA, IP oA,...) is detached at the time of enabling/disabling
IPQoS, then the WAN interface has to be attached in order for the enabling/disabling of IPQoS to take effect.
>
if the WAN interface is attached at the time of enabling/disabling IPQoS, then the WAN interface has to be detached and then re-attached in order for the enabling/disabling of IPQoS to take effect.
SYNTAX:
ipqos config dest = <string>
[state = <{disabled | enabled}>]
[discard = <{tail | early}>]
[priority = <{wfq | strict | wrr}>]
[realtimerate = <number{1-100}>]
[burstsize = <number{1-128}>]
[weight1 = <number{1-97}>]
[weight2 = <number{1-97}>]
[weight3 = <number{1-97}>]
[weight4 = <number{1-97}>]
[maxpackets = <number{0-100}>]
[maxbytes = <number{0-128}>] where: dest state discard
The destination interface for the IPQoS queues instantiation.
This is an ATM phonebook entry.
Disable or enable IPQoS for the interface.
The default is
disabled
.
Determines the packet discard strategy in case of congestion.
Choose between:
>
tail
: Tail Drop: arriving packets will be dropped as soon as the destination queue is in an overflow state.
>
early
: Early Packet discard: arriving packets will be dropped early according to the BLUE active queue management algorithm.
The default is
early
.
REQUIRED
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
474
IPQoS Commands priority realtimerate burstsize weight1 weight2 weight3 weight4 maxpackets maxbytes
Select the subqueue priority algorithm.
Choose between:
>
wfq
: Weighted Fair Queuing (WFQ) is used for the four AF queues.
The realtime queue has priority over the WFQ queues, which have priority over the best-effort queue.
>
strict
: Priority queuing is used. Strict Priority scheduling is used between all queues. The higher the queue number, the higher the priority.
>
wrr
: Weighted Round Robin (WRR) is used for the four AF queues.
Each queue is scheduled in turn, with a circular “round” wrapping.
The default is
wfq
.
A number between 1 and 100.
Represents a percentage of the interface bandwidth for rate-limiting of the Real Time queue.
In case of congestion, the Real Time queue will only use this percentage of the interface bandwidth when there is also traffic on the other queues.
The default is
80
.
A number between 1 and 64.
Represents the Real Time queue burstsize (in kilobytes) for rate limiting.
The default is
2
.
A number between 1 and 97.
Represents the weight of queue 1 used for WFQ or WRR.
The default is
25
(%).
A number between 1 and 97.
Represents the weight of queue 2 used for WFQ or WRR.
The default is
25
(%).
A number between 1 and 97.
Represents the weight of queue 3 used for WFQ or WRR.
The default is
25
(%).
A number between 1 and 97.
Represents the weight of queue 4 used for WFQ or WRR.
The default is
25
(%).
A number between 0 and 250.
Represents the maximum number of packets in all IPQoS queues instantiated for one interface.
The default is
250
.
A number between 0 and 128.
Represents the maximum size in kilobytes in all IPQoS queues instantiated for one interface.
The default is
56
.
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
475
IPQoS Commands
EXAMPLE:
=>ipqos config dest=atm_pvc_8_35 state=enabled
=>ipqos list
Name State Discard Priority Size Size Rate Burst
(Packets) (KBytes) (%) (KBytes)
Weights
Weights atm_pvc_0_35 disabled atm_pvc_8_35 enabled
=> early early wfq wfq
250
250
56
56
80%
80%
2
2
25% 25% 25% 25%
25% 25% 25% 25%
RELATED COMMANDS:
ipqos list Display the IPQoS configuration.
476
E-DOC-CTC-20061027-0003 v2.0
IPQoS Commands
ipqos list
Display the IPQoS configuration.
SYNTAX:
ipqos list
EXAMPLE:
=>ipqos list
Name State Discard atm_pvc_0_35 disabled early
% atm_pvc_8_35 enabled
% early
=>
Priority Size Size Rate Burst
(Packets) (KBytes) (%) (KBytes)
Weights
Weights wfq 250 56 80% 2 25% 25% 25% 25 wfq 250 56 80% 2 25% 25% 25% 25
RELATED COMMANDS:
Configure IPQoS for a given destination interface for the IPQoS queues instantiation.
E-DOC-CTC-20061027-0003 v2.0
477
ipqos ef config
Configure the IPQoS Expedited Forwarding (EF) timer for an interface.
SYNTAX:
ipqos ef config intf = <string>
[state = <{disabled | enabled}>]
[timeout = <number{100-10000}>]
[mtu = <number{68-65535}>] where: intf state timeout mtu
The name of the IP interface.
Enable or disable the IPQoS EF timer for the interface.
The default is
disabled
.
A number between 100 and 10000 milliseconds.
Represents the timeout.
The default is
1000
.
A number between 68 and 65535.
Represents the MTU of the IP interface in case of EF data.
The default is
1500
.
EXAMPLE:
The example below shows the default configuration:
=>ipqos ef list
Interface State loop disabled
Rt_PPPoA2 disabled
Timeout
(ms)
1000
1000
MTU
(bytes)
65535
1500 eth0 disabled 1000 1500
=>ipqos ef config intf=Rt_PPPoA2 state=enabled
=>ipqos ef list
Interface State loop disabled
Timeout
(ms)
1000
MTU
(bytes)
65535
Rt_PPPoA2 enabled eth0 disabled
=>
1000
1000
1500
1500
RELATED COMMANDS:
Display the IPQoS EF timer statistics.
IPQoS Commands
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
478
IPQoS Commands
ipqos ef list
Display the IPQoS EF timers.
SYNTAX:
ipqos ef list
EXAMPLE:
=>ipqos ef list
Interface State loop disabled
Rt_PPPoA2 enabled eth0
=> disabled
Timeout
(ms)
1000
1000
1000
MTU
(bytes)
65535
1500
1500
RELATED COMMANDS:
Configure the IPQoS Expedited Forwarding (EF) timer for an interface.
Display the IPQoS EF timer statistics.
E-DOC-CTC-20061027-0003 v2.0
479
IPQoS Commands
ipqos ef stats
Display the IPQoS EF timer statistics.
SYNTAX:
ipqos ef stats
EXAMPLE:
=>ipqos ef stats
Interface State loop active
Rt_PPPoA2 active eth0
=> disabled
Remain
(ms)
900
900
0
RELATED COMMANDS:
Configure the IPQoS Expedited Forwarding (EF) timer for an interface.
480
E-DOC-CTC-20061027-0003 v2.0
IPQoS Commands
ipqos queue clear
Clear the IPQoS statistics.
SYNTAX:
ipqos queue clear
EXAMPLE:
=>ipqos queue stats
Name Queue # packets # packets # packets # packets # packets Marking
PVC_1 0
1
2
3
4
5
=>ipqos queue clear added
1240
0
0
234
0
1345 marked
0
0
0
0
0
0 removed
1240
0
0
234
0
1345 dropped
0
0
0
0
0
0 replaced
0
0
0
0
0
0
0
0
0
0
0
0
=>ipqos queue stats
Name Queue # packets # packets # packets # packets # packets Marking added marked removed dropped replaced
PVC_1 0
1
2
3
4
5
=>
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
RELATED COMMANDS:
ipqos queue stats Show the IPQoS subqueue statistics.
E-DOC-CTC-20061027-0003 v2.0
481
IPQoS Commands
ipqos queue config
Modify the IPQoS subqueue configuration.
SYNTAX:
ipqos queue config dest = <string> queue = <number{0-5}>
[propagate = <{disabled | enabled}>]
[ecnmarking = <{disabled | enabled}>]
[ackfiltering = <{disabled | enabled}>]
[maxpackets = <number{0-250}>]
[maxbytes = <number{0-128}>]
[respackets = <number{0-250}>]
[resbytes = <number{0-128}>]
[hold = <number>]
[markprob = <number{1-1000}>] where: dest queue propagate ecnmarking ackfiltering maxpackets
The destination interface for the IPQoS queues instantiation.
Typically, an ATM phonebook entry.
A number between 0 and 5.
Represents the number of the queue, where:
>
5 is the Real time queue
>
4 is the Assured Forwarding (AF) queue 4
>
3 is the AF queue 3
>
2 is the AF queue 2
>
1 is the AF queue 1
>
0 is the Best Effort queue.
Higher priority packets will be queued in a lower priority queue, instead of being dropped, as soon as the destination queue is in overflow state.
The packet will be put in a lower priority queue only once.
Choose between disabled or enabled.
The default is
disabled
.
Note
The propagate flag for the lowest priority subqueue (the Best
Effort queue) has no meaning.
Enable Explicit Congestion Notification (ECN) for IP packets in this subqueue (enabled) or not (disabled).
The default is
disabled
.
Enable filtering of TCP ACK packets (enabled) or not (disabled).
The default is
disabled
.
A number between 0 and 250.
Represents the maximum number of packets in this queue.
The default is
0
for the Real time queue and
100
for the other queues.
Note
0 means that a maximum size is not enforced.
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
482
IPQoS Commands maxbytes respackets resbytes hold markprob
A number between 0 and 128.
Represents the maximum size in kilobytes of this queue.
The default is
0
for the Real time queue and
20
for the other queues.
Note
0 means that a maximum size is not enforced.
A number between 0 and 250.
Represents the reserved number of packets in this queue.
The default is
30
for the Real time queue and
13
for the other queues.
A number between 0 and 128
Represents the reserved size in kilobytes of this queue.
The default is
12
for the Real time queue and
4
for the other queues.
A number (of microseconds).
Represents the hold time in microseconds for early discard strategy.
The default is
50000
.
A number between 1 and 1000.
Represents the maximum packet marking probability in parts per mille for early discard strategy.
The default is
1000
.
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
EXAMPLE:
=>ipqos queue list
Name Queue
Holdtime Markprob
(usecs) atm_pvc_0_35 0
50000 1000
1
50000
50000
50000
1000
2
1000
3
1000
50000
4
1000
5
50000 1000 atm_pvc_8_35 0
50000 1000
50000
50000
50000
50000
50000
=>
1
1000
2
1000
3
1000
4
1000
5
1000
Propagate ECN AckFilter Size Size Reserved Reserved
(Packets) (KBytes) (Packets) (KBytes) disabled disabled 100 disabled disabled disabled 100
20
20
13
13
4
4 disabled disabled disabled 100 disabled disabled disabled 100
20
20
13
13
4
4 disabled disabled disabled 100 disabled disabled disabled 0 disabled disabled 100 disabled disabled disabled 100 disabled disabled disabled 100 disabled disabled disabled 100 disabled disabled disabled 100 disabled disabled disabled 0
20
0
20
20
20
20
20
0
13
30
13
13
13
13
13
30
4
4
4
4
12
4
4
12
RELATED COMMANDS:
ipqos queue list Display the IPQoS subqueue configuration.
E-DOC-CTC-20061027-0003 v2.0
483
IPQoS Commands
ipqos queue list
Display the IPQoS subqueue configuration.
SYNTAX:
ipqos queue list where: dest
[dest = <string}>]
The destination interface for the IPQoS queues instantiation.
This is an ATM phonebook entry.
Note
If not specified, the IPQoS subqueue configuration for all the interfaces will be shown.
OPTIONAL
EXAMPLE:
=>ipqos queue list
Name Queue time Markprob cs) atm_pvc_0_35 0
0 1000
1
0 1000
2
0 1000
3
0 1000
4
0 1000
5
0 1000 atm_pvc_8_35 0
0 1000
1
0 1000
2
0 1000
3
0 1000
4
0 1000
5
0
=>
1000
Propagate ECN AckFilter Size Size Reserved Reserved Hold
(Packets) (KBytes) (Packets) (KBytes) (use disabled disabled 100 disabled disabled disabled 100
20
20
13
13
4
4
5000
5000 disabled disabled disabled 100 disabled disabled disabled 100 disabled disabled disabled 100
20
20
20
13
13
13
4
4
4
5000
5000
5000 disabled disabled disabled 0 disabled disabled 100 disabled disabled disabled 100 disabled disabled disabled 100 disabled disabled disabled 100 disabled disabled disabled 100 disabled disabled disabled 0
0
20
20
20
20
20
0
30
13
13
13
13
13
30
12
4
4
4
4
4
12
5000
5000
5000
5000
5000
5000
5000
RELATED COMMANDS:
ipqos queue config Modify the IPQoS subqueue configuration.
E-DOC-CTC-20061027-0003 v2.0
484
IPQoS Commands
ipqos queue stats
Show the IPQoS subqueue statistics.
SYNTAX:
ipqos queue stats where: dest
[dest = <string}>]
The destination interface for the IPQoS queues instantiation.
This is an ATM phonebook entry.
Note
If not specified, the IPQoS subqueue statistics for all the interfaces will be shown.
EXAMPLE:
=>ipqos queue stats
Name Queue # packets # packets # packets # packets # packets Marking
PVC_1 0
1
2
3
4
5 added
1240
0
0
234
0
145 marked
0
0
0
0
0
0 removed
1240
0
0
234
0
145 dropped
0
0
0
0
0
0 replaced
0
0
0
0
0
0
0%
0%
0%
0%
0%
0%
=>
RELATED COMMANDS:
ipqos queue clear Clear the IPQoS statistics.
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
485
IPQoS Commands
486
E-DOC-CTC-20061027-0003 v2.0
Label Commands
24 Label Commands
Introduction
This chapter describes the commands of the label command group.
Contents
This chapter covers the following commands:
Modify a label configuration.
Display a list of chains.
Display a list of label rules.
Clear the label rule statistics.
Display the label rule statistics.
Display or modify the rule trace configuration.
E-DOC-CTC-20061027-0003 v2.0
487
Label Commands
label add
Create a new label.
SYNTAX:
label add where: name name = <string>
The name of the label to be added.
REQUIRED
EXAMPLE:
=>label list
Name
DSCP
VoIP default
VoIP default myLABEL
=>
Class overwrite
Interactive increase
Management increase
Video increase ignore
Def dscp
8
12
Ack defclass
8
12
10
14 disabled disabled disabled tos 0 disabled disabled disabled tos 0 disabled disabled disabled tos enabled enabled disabled tos default prioritize disabled disabled disabled tos 0
=>label add name=myLABEL
=>label list
Name
DSCP increase increase
10 overwrite 14 increase
Class overwrite
Interactive increase
Management increase
Video
Def dscp
8
12
10 overwrite 14 default prioritize disabled disabled disabled tos
0
Ack defclass
8
12
10
14
0
Bidirect Inherit Tosmark Type Value Ttlover disabled disabled disabled tos disabled disabled disabled tos
0
0
0
0
0
Ttl disabled 0 disabled 0 disabled 0 disabled 0 disabled 0 disabled 0
Use
0
0
0
0
0
0
Trace disabled disabled disabled disabled disabled disabled
Bidirect Inherit Tosmark Type Value Ttlover Ttl Use Trace disabled disabled disabled tos 0 disabled disabled disabled tos disabled disabled disabled tos disabled disabled disabled tos
0
0
0 enabled enabled disabled tos 0 disabled 0 disabled 0 disabled 0 disabled 0 disabled 0 disabled 0 disabled 0
0
0
0
0
0
0
0 disabled disabled disabled disabled disabled disabled disabled
RELATED COMMANDS:
E-DOC-CTC-20061027-0003 v2.0
488
Label Commands
label delete
Delete a label.
SYNTAX:
label delete where: name force name = <string>
[force = <{disabled | enabled}>]
The name of the label to be deleted.
Force delete and cleanup references even when the label is still in use (enabled) or not (disabled).
The default is
disabled
.
REQUIRED
OPTIONAL
EXAMPLE:
=>label list
Name
DSCP
Interactive increase
Management increase
Video
VoIP default myLABEL increase 10 overwrite 14 default prioritize disabled disabled disabled tos
0 disabled disabled disabled tos
=>label delete name=myLABEL force=yes
=>label list
Name
DSCP
Class Def overwrite dscp
Interactive increase
Management
Video
VoIP default
=>
Class overwrite increase ignore increase increase 10 overwrite 14 increase
Def dscp
8
12
8
12
Ack defclass
8
12
10
14
0
Ack defclass
8
12
10
14
Bidirect Inherit disabled disabled disabled tos disabled disabled disabled tos disabled disabled disabled tos disabled disabled disabled tos enabled enabled disabled tos
Bidirect Inherit
Tosmark
Tosmark
Type
Type disabled disabled disabled tos disabled disabled disabled tos disabled disabled disabled tos disabled disabled disabled tos enabled enabled disabled tos default prioritize disabled disabled disabled tos
Value Ttlover
0
0
0
0
0
0
0 disabled 0 disabled 0 disabled 0 disabled 0 disabled 0 disabled 0 disabled 0
Value Ttlover
0
0
0
0
0
0
Ttl Use Trace
0
0
0
0
0
0
0 disabled disabled disabled disabled disabled disabled disabled
Ttl Use Trace disabled 0 disabled 0 disabled 0 disabled 0 disabled 0 disabled 0
0
0
0
0
0
0 disabled disabled disabled disabled disabled disabled
RELATED COMMANDS:
E-DOC-CTC-20061027-0003 v2.0
489
label flush
Flush all labels.
i
The flush command does not impact previously saved configurations.
SYNTAX:
label flush
Label Commands
490
E-DOC-CTC-20061027-0003 v2.0
Label Commands
label list
Display the labels.
SYNTAX:
label list where: name
[name = <string>]
The name of the label to be displayed.
Note
If not specified, all the labels will be displayed.
OPTIONAL
EXAMPLE:
=>label list
Name
DSCP
Management increase
Video
VoIP default
=>
=>label list name=Interactive
Name increase
Interactive increase
=>
Class overwrite
Interactive increase overwrite 14 increase
Class
Def dscp
8
12
10
Def
8
Ack defclass
8
12
10
14 default prioritize disabled disabled disabled tos
Ack
8
Bidirect Inherit disabled disabled disabled tos disabled disabled disabled tos disabled disabled disabled tos enabled enabled disabled tos
Bidirect Inherit
Tosmark
Tosmark
Type disabled disabled disabled tos
Type disabled disabled disabled tos
Value Ttlover
0
0
0
0
0
0
Value Ttlover
0
Ttl disabled 0 disabled 0 disabled 0 disabled 0 disabled 0 disabled 0
Ttl disabled 0
Use Trace
0
0
0
0
0
0 disabled disabled disabled disabled disabled disabled
Use Trace
0 disabled
RELATED COMMANDS:
E-DOC-CTC-20061027-0003 v2.0
491
Label Commands
label modify
Modify a label configuration.
SYNTAX:
label modify name = <string>
[classification = <{ignore | overwrite | increase}>]
[defclass = <number{0-15} | dscp | default>]
[ackclass = <number{0-15} | defclass | prioritize>]
[bidirectional = <{disabled | enabled}>]
[inheritance = <{disabled | enabled}>]
[tosmarking = <{disabled | enabled}>]
[tos = <number{0-255}>]
[dscp = <{DSCP name> | <number>}]
[precedence = <{IP precedence type> | <number>}]
[trace = <{disabled | enabled}>] where: name classification defclass
The name of the label to be configured.
Select the method of classification, in other words, determine what the Layer 3 class assignment must do with the priority of the data packet (as set by Layer 2).
Choose between:
>
ignore
: Ignore the class parameters
defclass
and
ackclass
, but use the class as set by Layer 2 (VLAN user priority, ATM
QoS).
>
overwrite
: Change the class to
defclass
and
ackclass
, overwriting the value set by Layer 2 (VLAN user priority,
ATM QoS).
>
increase
: Change the class according to
defclass
and
ackclass
, but only if the defclass value is higher than the class value already set by Layer 2.
The default is
ignore
.
Note
The class as set by Layer 2 is derived from:
>
the VLAN user priority (in case of VLAN or priority tagged frames)
>
the ATM PVC QoS class (in case the packet is received from an ATM PVC).
For non-VLAN frames or non-PVC received data, Layer
2 sets the internal class (priority) to
4
by default.
The default priority class of the assigned connection.
Choose between:
>
A number between 0 and 15
>
dscp
>
default.
The default is
0
.
REQUIRED
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
492
Label Commands ackclass bidirectional inheritance tosmarking tos dscp precedence trace
The priority class of the ACK segments of the TCP connection.
Choose between:
>
A number between 0 and 15
>
prioritize
>
defclass.
The default is
0
.
The label applies to the initiator stream, the returning stream
(the current connection) as well as to the child connections
(enabled) or not (disabled).
The default is
disabled
.
The label will be copied to all child connection streams in the same direction (enabled) or not (disabled).
The default is
disabled
.
Enable or disable tos marking.
The default is
disabled
.
A number between 0 and 255.
Represents the ToS specification in the IP packet (used for tosmarking).
The default is
0
.
Note
The parameters
tos
,
precedence
and
dscp
are mutually exclusive.
The DSCP in the IP packet (part of tos).
Select a DSCP (see
“ Differentiated Services Code Point
) or, alternatively, specify the number.
Note
The parameters
tos
,
precedence
and
dscp
are mutually exclusive.
The precedence in the IP packet (part of tos).
Select an IP precedence (see “ IP Precedence” on page 752 ) or,
alternatively, specify the number.
Note
The parameters
tos
,
precedence
and
dscp
are mutually exclusive.
Enable or disable IP tracing for this label.
The default is
disabled
.
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
493
Label Commands
EXAMPLE:
=>label list
Name
DSCP
Class overwrite
Interactive increase
Management increase
Video
Def dscp
8
12 increase 10 overwrite 14
Ack defclass
8
12
10
14
Bidirect Inherit Tosmark Type Value disabled disabled disabled tos disabled disabled disabled tos disabled disabled disabled tos disabled disabled disabled tos enabled enabled disabled tos default prioritize disabled disabled disabled tos
0
0
0
0
0
0
0
Use
0
0
0
0
0
Trace
0
0
0
0
0
0 disabled disabled disabled disabled
VoIP default increase ignore
0
0 disabled disabled myLABEL 0 disabled disabled disabled tos 0 0 disabled
=>label modify name=myLABEL classification=increase defclass=7 ackclass=7 bidirectional=enabled inheritance=enabled tosmarking=enabled tos=234 trace=enabled
=>label list
Name
DSCP
Management
Video
VoIP default myLABEL
=>
Class Def overwrite dscp
Interactive increase increase
8
12 increase 10 overwrite 14 increase increase 7 default
7
Ack defclass
8
12
10
14
Bidirect Inherit Tosmark Type Value disabled disabled disabled tos disabled disabled disabled tos disabled disabled disabled tos disabled disabled disabled tos enabled enabled disabled tos prioritize disabled disabled disabled tos enabled enabled enabled tos 234
0
0
0
0
0
0
Use Trace
0
0
0
0
0
0
0
0
0
0
0
0
0
0 disabled disabled disabled disabled disabled disabled enabled
494
E-DOC-CTC-20061027-0003 v2.0
Label Commands
label chain add
Add a new label chain.
SYNTAX:
label chain add where: chain chain = <string>
The name of the chain to be added.
EXAMPLE:
=>label chain list
Chains
======
Name Description
------------------------------------------------routing_labels rt_user_labels rt_default_labels qos_labels system user user system qos_user_labels qos_default_labels
=>label chain add chain=myChain
=>label chain list user user
Chains
======
Name Description
------------------------------------------------routing_labels rt_user_labels rt_default_labels qos_labels system user user system qos_user_labels qos_default_labels myChain
=> user user user
RELATED COMMANDS:
Display a list of chains.
E-DOC-CTC-20061027-0003 v2.0
REQUIRED
495
Label Commands
label chain delete
Delete a label chain.
SYNTAX:
label chain delete where: chain chain = <string>
The name of the chain to be deleted.
EXAMPLE:
=>label chain list
Chains
======
Name Description
------------------------------------------------routing_labels rt_user_labels rt_default_labels qos_labels system user user system qos_user_labels qos_default_labels myChain user
=>label chain delete chain=myChain
=>label chain list user user
Chains
======
Name Description
------------------------------------------------routing_labels rt_user_labels rt_default_labels qos_labels qos_user_labels qos_default_labels
=> system user user system user user
RELATED COMMANDS:
Display a list of chains.
496
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
Label Commands
label chain flush
Flush all label chains.
SYNTAX:
label chain flush
E-DOC-CTC-20061027-0003 v2.0
497
Label Commands
label chain list
Display a list of chains.
SYNTAX:
label chain list where: format
[format = <{pretty | cli}>]
Select the output format of the list.
Choose between:
>
pretty
: the configuration is shown as intuitive output in clear text.
>
cli
: the configuration is shown via the CLI commands configuration.
The default is
pretty
.
EXAMPLE:
=>label chain list
Chains
======
Name Description
------------------------------------------------routing_labels rt_user_labels rt_default_labels qos_labels qos_user_labels qos_default_labels system user user system user user
=>label chain list format=cli
:label chain add chain=rt_user_labels
:label chain add chain=rt_default_labels
:label chain add chain=qos_user_labels
:label chain add chain=qos_default_labels
=>
RELATED COMMANDS:
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
498
Label Commands
label rule add
Add a label rule.
SYNTAX:
label rule add chain = <chain name>
[index = <number>]
[name = <string>]
[clink = <chain name>]
[srcintf [!]= <string>]
[srcip [!]= <{ip address | private}>]
[dstip [!]= <{ip address | private}>]
[serv [!]= <{service name}>]
[log = <{disabled | enabled}>]
[state = <{disabled | enabled}>] label = <string> i
If a value is preceded by a “!”, it means NOT.
For example “srcintf=!wan” means “if srcintf is different from WAN”.
where: chain index name clink srcintf srcip dstip serv log state label
The name of the chain in which the rule must be inserted.
The index number of the rule before which the new rule must be added.
Tip
Use the command
:label rule list to obtain the index number of the applicable rule.
The name of the new rule.
The name of the chain to be parsed when this rule applies.
The name of the source interface expression.
The name of the source IP expression.
The name of the destination IP expression.
The name of the service expression.
Disable or enable logging when this rule applies.
The default is
disabled
.
Disable or enable this rule.
The default is
enabled
.
Choose between:
>
None
>
link (when clink is used)
>
label name.
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
499
Label Commands
EXAMPLE:
=>label rule list
Rules (flags: C=Constant, D=Dynamic, E=Enable, L=Log)
=====
Chain Nr.
Flags Rule
--------------------------------------------------------------------------------------------routing_labels qos_labels qos_default_labels
| label=myLABEL
=>label rule list
1
2
1
2
13
14
15
16
9
10
11
12
7
8
5
6
3
4
1
2
17
18
19
20
21
22
C E
C E
C E
C E
C E
C E
C E
C E
CDE
CDE
CDE
CDE
C E
C E
C E
C E
C E
C E
C E
C E
C E
C E
E
C E
C E
C E default
: link
: link
: link
: link
: VoIP
: VoIP
: Interactive
: Interactive
: Interactive
: Interactive
: Interactive
: Interactive
: Interactive
: Interactive
: Interactive
: Interactive
: Interactive
: Interactive
: Interactive
: Interactive
: Management
: Management
: Management
: Video
: Video
: default rt_user_labels rt_default_labels qos_user_labels qos_default_labels sip *.* > *.* h323 *.* > *.* telnet *.* > *.* smtp *.* > *.* imap4-ssl *.* > *.* imap3 *.* > *.* imap *.* > *.* imaps *.* > *.* pop3s *.* > *.* pop3 *.* > *.* pop2 *.* > *.* httpproxy *.* > *.* http *.* > *.* https *.* > *.* esp *.* > *.* ah *.* > *.* dns *.* > *.* ike *.* > *.* icmp *.* > *.* rtsp *.* > *.* igmp *.* > *.*
!wan.* > *.*
=>label rule add chain=myChain name=myRule dstip=150.150.150.150 serv=DiffServ log=enabled state=enabled
Rules (flags: C=Constant, D=Dynamic, E=Enable, L=Log)
=====
Chain Nr.
Flags Rule
-------------------------------------------------------------------------------------------------routing_labels qos_labels qos_default_labels myChain
=>
1
2
1
2
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
1
CDE
CDE
CDE
CDE
C E
C E
C E
C E
C E
C E
C E
C E
C E
C E
C E
C E
C E
C E
C E
C E
C E
C E
E
C E
C E
C E
C EL default myRule
: link
: link
: link
: link
: VoIP
: VoIP
: Interactive
: Interactive
: Interactive
: Interactive
: Interactive
: Interactive
: Interactive
: Interactive
: Interactive
: Interactive
: Interactive
: Interactive
: Interactive
: Interactive
: Management
: Management
: Management
: Video
: Video
: default rt_user_labels rt_default_labels qos_user_labels qos_default_labels sip *.* > *.* h323 *.* > *.* telnet *.* > *.* smtp *.* > *.* imap4-ssl *.* > *.* imap3 *.* > *.* imap *.* > *.* imaps *.* > *.* pop3s *.* > *.* pop3 *.* > *.* pop2 *.* > *.* httpproxy *.* > *.* http *.* > *.* https *.* > *.* esp *.* > *.* ah *.* > *.* dns *.* > *.* ike *.* > *.* icmp *.* > *.* rtsp *.* > *.* igmp *.* > *.*
!wan.* > *.*
: myLABEL DiffServ *.* > *.150.150.150.150
RELATED COMMANDS:
label rule delete Delete a label rule.
E-DOC-CTC-20061027-0003 v2.0
500
Label Commands
label rule list Display a list of label rules.
E-DOC-CTC-20061027-0003 v2.0
501
Label Commands
label rule delete
Delete a label rule.
SYNTAX:
label rule delete where: chain index chain = <string> index = <number>
The name of the chain in which a rule must be deleted.
The index number of the rule in the chain.
Tip
Use the command
:label rule list to obtain the index number of the applicable rule.
REQUIRED
REQUIRED
EXAMPLE:
=>label rule list
Rules (flags: C=Constant, D=Dynamic, E=Enable, L=Log)
=====
Chain Nr.
Flags Rule
-------------------------------------------------------------------------------------------------routing_labels qos_labels 1
2
1
2 qos_default_labels 1
2
3
CDE
CDE
CDE
CDE
C E
C E
C E
: link
: link
: link
: link
: VoIP
: VoIP
: Interactive rt_user_labels rt_default_labels qos_user_labels qos_default_labels sip *.* > *.* h323 *.* > *.* telnet *.* > *.*
...
19
20
21
22
E
C E
C E
C E myChain 1 C EL
=>label rule delete chain=myChain index=1
=>label rule list default myRule
: Management
: Video
: Video
: default icmp *.* > *.* rtsp *.* > *.* igmp *.* > *.*
!wan.* > *.*
: myLABEL DiffServ *.* > *.150.150.150.150
Rules (flags: C=Constant, D=Dynamic, E=Enable, L=Log)
=====
Chain Nr.
Flags Rule
-------------------------------------------------------------------------------------------------routing_labels qos_labels 1
2
1
2 qos_default_labels 1
2
3
CDE
CDE
CDE
CDE
C E
C E
C E
: link
: link
: link
: link
: VoIP
: VoIP
: Interactive rt_user_labels rt_default_labels qos_user_labels qos_default_labels sip *.* > *.* h323 *.* > *.* telnet *.* > *.*
...
19
20
21
22
E
C E
C E
C E default
: Management
: Video
: Video
: default icmp *.* > *.* rtsp *.* > *.* igmp *.* > *.*
!wan.* > *.*
=>
E-DOC-CTC-20061027-0003 v2.0
502
Label Commands
RELATED COMMANDS:
Display a list of label rules.
E-DOC-CTC-20061027-0003 v2.0
503
Label Commands
label rule flush
Flush all label rules.
The chains themselves are not removed.
i
The flush command does not impact previously saved configurations.
SYNTAX:
label rule flush where: chain
[chain = <string>]
The name of the chain to be flushed.
Note
If not specified, all the rules for all the chains are flushed.
OPTIONAL
504
E-DOC-CTC-20061027-0003 v2.0
Label Commands
label rule list
Display a list of label rules.
SYNTAX:
label rule list [chain = <string>]
[format = <{pretty | cli}>]
[string = <string>]
[beginstring = <string>] where: chain format string beginstring
The name of the chain for which the rules must be listed.
Note
If not specified, all rules for all chains are shown.
Select the output format of the list.
Choose between:
>
pretty
: the configuration is shown as intuitive output in clear text.
>
cli
: the configuration is shown via the CLI commands configuration.
The default is
pretty
.
String matching condition
Beginstring matching condition
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
505
Label Commands
EXAMPLE:
=>label rule list format=cli
:label rule add chain=qos_default_labels index=1 serv=sip log=disabled state=enabled label=VoIP
:label rule add chain=qos_default_labels index=2 serv=h323 log=disabled state=enabled label=VoIP
:label rule add chain=qos_default_labels index=3 serv=telnet log=disabled state=enabled label=Interactive
:label rule add chain=qos_default_labels index=4 serv=smtp log=disabled state=enabled label=Interactive
:label rule add chain=qos_default_labels index=5 serv=imap4-ssl log=disabled state=enabled label=Interactive
:label rule add chain=qos_default_labels index=6 serv=imap3 log=disabled state=enabled label=Interactive
:label rule add chain=qos_default_labels index=7 serv=imap log=disabled state=enabled label=Interactive
:label rule add chain=qos_default_labels index=8 serv=imaps log=disabled state=enabled label=Interactive
:label rule add chain=qos_default_labels index=9 serv=pop3s log=disabled state=enabled label=Interactive
:label rule add chain=qos_default_labels index=10 serv=pop3 log=disabled state=enabled label=Interactive
:label rule add chain=qos_default_labels index=11 serv=pop2 log=disabled state=enabled label=Interactive
:label rule add chain=qos_default_labels index=12 serv=httpproxy log=disabled state=enabled label=Interactive
:label rule add chain=qos_default_labels index=13 serv=http log=disabled state=enabled label=Interactive
:label rule add chain=qos_default_labels index=14 serv=https log=disabled state=enabled label=Interactive
:label rule add chain=qos_default_labels index=15 serv=esp log=disabled state=enabled label=Interactive
:label rule add chain=qos_default_labels index=16 serv=ah log=disabled state=enabled label=Interactive
:label rule add chain=qos_default_labels index=17 serv=dns log=disabled state=enabled label=Management
:label rule add chain=qos_default_labels index=18 serv=ike log=disabled state=enabled label=Management
:label rule add chain=qos_default_labels index=19 serv=icmp log=disabled state=enabled label=Management
:label rule add chain=qos_default_labels index=20 serv=rtsp log=disabled state=enabled label=Video
:label rule add chain=qos_default_labels index=21 serv=igmp log=disabled state=enabled label=Video
:label rule add chain=qos_default_labels index=22 name=default srcintf=!wan log=disabled state=enabled
| label=default
=>
RELATED COMMANDS:
E-DOC-CTC-20061027-0003 v2.0
506
Label Commands
label rule modify
Modify a label rule.
SYNTAX:
label rule modify chain = <chain name> index = <number>
[newindex = <number>]
[name = <string>]
[clink = <chain name>]
[srcintf [!]= <string>]
[srcip [!]= <{ip address | private}>]
[dstip [!]= <{ip address | private}>]
[serv [!]= <{service name}>]
[log = <{disabled | enabled}>]
[state = <{disabled | enabled}>]
[label = <string>] i
If a value is preceded by a “!”, it means “NOT”.
For example “srcintf=!wan” means “if srcintf is different from WAN”.
where: chain index newindex name clink srcintf srcip dstip serv log state label
The name of the chain which contains the rule.
The number of the rule in the chain.
The new number of the rule in the chain.
The name of the new rule.
The name of the chain to be parsed when this rule applies.
The name of the source interface expression.
The name of the source IP expression.
The name of the destination IP expression.
The name of the device expression.
Disable or enable logging when this rule applies.
Disable or enable this rule.
Choose between:
>
None
>
link (when clink is used)
>
label name.
REQUIRED
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
507
Label Commands
label rule debug clear
Clear the label rule statistics.
SYNTAX:
label rule debug clea r where: chain index
[chain = <string>]
[index = <number>]
The name of the chain in which the rule is to be found.
Note
If not specified, the statistics for all the rules in all chains will be cleared.
The index number (determined by the position) of the rule in the chain.
Note
If not specified, the statistics for all the rules in a chain will be cleared.
OPTIONAL
OPTIONAL
508
E-DOC-CTC-20061027-0003 v2.0
Label Commands
EXAMPLE:
0
0
0
0
0
0
4
0
168
0
0
0
0
0
0
0
15
16
17
18
19
20
0
4
177
0
0
5
0
0
329
0
452
17573
=>
RELATED COMMANDS:
Display the label rule statistics.
E-DOC-CTC-20061027-0003 v2.0
509
Label Commands
label rule debug stats
Display the label rule statistics.
SYNTAX:
label rule debug stat s where: chain index
[chain = <string>]
[index = <number>]
The name of the chain for which the statistics must be shown.
Note
If not specified, the statistics for the rules applicable to all chains are shown.
The index number of the rule for which the statistics must be shown.
Tip
Use the command
:label rule list to obtain the index number of the applicable rule.
Note
If not specified, the statistics for all rules applicable to the specified chain are shown.
OPTIONAL
OPTIONAL
EXAMPLE:
=>label rule debug stats chain=qos_labels chain index packets bytes
-----------------------------------------------------------qos_labels 1
2
0
167
0
15690
=>
=>label rule debug stats chain=qos_default_labels index=20 chain index packets bytes
-----------------------------------------------------------qos_default_labels
=>
19 165 16421
RELATED COMMANDS:
Clear the label rule statistics.
E-DOC-CTC-20061027-0003 v2.0
510
Label Commands
label rule debug traceconfig
Display or modify the rule trace configuration.
SYNTAX:
label rule debug trac econfig where: trace
[trace = <{disabled | enabled}>]
Disable or enable rule traces.
The default is
disabled
.
EXAMPLE:
=>label rule debug traceconfig
:label rule debug traceconfig state=disabled
=>
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
511
Label Commands
512
E-DOC-CTC-20061027-0003 v2.0
Language Commands
25 Language Commands
Introduction
This chapter describes the commands of the language command group.
Contents
This chapter covers the following commands:
Delete one or all language archives.
List the available language archives.
E-DOC-CTC-20061027-0003 v2.0
513
Language Commands
language config
Select a language.
SYNTAX:
language config where: language complete
[language = <string>]
[complete = <{yes | no}>]
Language code: OSI language code (2 chars) for language.
Example:
en
for english.
Enable translation for expert pages.
The default is
yes
.
OPTIONAL
OPTIONAL
EXAMPLE:
=>language config language : en complete
=>
: no
RELATED COMMANDS:
Delete one or all language archives.
List the available language archives.
514
E-DOC-CTC-20061027-0003 v2.0
Language Commands
language delete
Delete one or all language archives.
SYNTAX:
language delete where: file all
[file = <string>]
[all = <{yes | no}>]
The filename of the language archive to be removed.
Remove all languages archives (yes) or not (no).
The default is
no
.
RELATED COMMANDS:
List the available language archives.
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
515
Language Commands
language list
List the available language archives.
SYNTAX:
language list
EXAMPLE:
=>language list
CODE LANGUAGE en* English
=>
VERSION
5.3.0.10.0
FILENAME
<system> i
The currently selected language is indicated by a “*” next to the OSI language code.
RELATED COMMANDS:
Delete one or all language archives.
516
E-DOC-CTC-20061027-0003 v2.0
MBUS Commands
26 MBUS Commands
Introduction
This chapter describes the commands of the mbus command group.
Contents
This chapter covers the following commands:
Display the object instances.
Display the registered objecttypes.
Display the registered enumtypes.
Display the context instances .
Display the subscription instances .
Load object instances of registered objecttypes.
Unregister a client/plugin context .
Unregister cli client from mbus .
525
E-DOC-CTC-20061027-0003 v2.0
517
mbus client config
Modify client parameters.
SYNTAX:
mbus client config [writelock = <{enabled | disabled}>]
[wlgetimeout = <number>]
[wlidletimeout = <number>]
[path = <quoted string>]
[type = <idpath | keypath>] where: writelock wlgetimeout wlidletimeout path type
Enable or disable mbus writelock.
The default is
enabled
.
Writelock get timeout in seconds.
<forever=-1, *default=nowait=0>
Writelock idle timeout in seconds.
<forever=-1, *default=nowait=30>
Fully qualified mbus path.
Path type.
The default is
idpath
.
RELATED COMMANDS:
MBUS Commands
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
518
MBUS Commands
mbus client exec
Execute mbus command.
SYNTAX:
mbus client exec cmd = <{addobject | deleteobject | getparamattributes
| getparamcount | getparamnames | getparamvalues | getpath | setparamvalue}>
[param = <quoted string>]
[value = <quoted string>]
[gettype = <{object | parameter | path}>]
[depth = <number>]
[processcmd = <{disabled | enabled}>]
[readcommitted = <{disabled | enabled}>]
[onerrorrollback = <{disabled | enabled}>] where: cmd REQUIRED param value gettype depth processcmd readcommitted onerrorrollback
Mbus command name.
Choose between:
>
addobject
>
deleteobject
>
getparamattributes
>
getparamcount
>
getparamnames
>
getparamvalues
>
getpath
>
setparamvalue
Parameter name.
Parameter value to set.
Get type elements.
Choose between:
>
object
>
parameter
>
path
The default is
parameter
.
Number of levels to recurse, default=-1 (all).
Enable or disable the process SET_PARAMVALUE command flag.
The default is
enabled
.
Enable or disable the read committed data only
(MBUS_CMD_GET_PARAMVALUES) flag.
The default is
enabled
.
Enable or disable the on error rollback flag.
The default is
enabled
.
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
519
RELATED COMMANDS:
MBUS Commands
520
E-DOC-CTC-20061027-0003 v2.0
MBUS Commands
mbus client register
Register cli client to mbus.
SYNTAX:
mbus client register
RELATED COMMANDS:
E-DOC-CTC-20061027-0003 v2.0
521
mbus debug stats
Display mbus statistics.
SYNTAX:
mbus debug stats
RELATED COMMANDS:
MBUS Commands
522
E-DOC-CTC-20061027-0003 v2.0
MBUS Commands
mbus debug clearstats
Reset MBUS statistics .
SYNTAX:
mbus debug clearstats
RELATED COMMANDS:
E-DOC-CTC-20061027-0003 v2.0
523
mbus debug traceconfig
Modify mbus trace settings.
SYNTAX:
mbus debug traceconfig [level = <number{0-4}>] where: level A number between 0 and 4.
Represents the mbus trace level.
RELATED COMMANDS:
mbus debug stats Display mbus statistics.
MBUS Commands
OPTIONAL
524
E-DOC-CTC-20061027-0003 v2.0
MBUS Commands
mbus listobjects
Display the object instances.
SYNTAX:
mbus listobjects [path = <quoted string>]
[type = <{idpath | keypath}>]
[output = <{list | tree}>]
[expand = <{disabled | enabled}>] where: path type output expand
Fully qualified mbus path to list.
Path type.
Choose between:
>
idpath
>
keypath
.
The default is
idpath
.
List output type.
Choose between:
>
list
>
tree
.
The default is
tree
.
Enable or disable details.
The default is
disabled
.
RELATED COMMANDS:
Display the registered objecttypes.
Display the registered enumtypes.
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
525
mbus listtypes
Display the registered objecttypes.
SYNTAX:
mbus listtypes where: path expand
[path = <quoted string>]
[expand = <{disabled | enabled}>]
Fully qualified mbus path to list.
Enable or disable details.
The default is
disabled
.
EXAMPLE:
=>mbus listtypes
- root
+ InternetGatewayDevice
* DeviceInfo
* Layer3Forwarding
* LANDevice
- WLANConfiguration
+ WEPKey
+ PreSharedKey
-
* WANDevice
- WANCommonInterfaceConfig
- WANDSLInterfaceConfig
- WANConnectionDevice
+ WANDSLLinkConfig
+ WANIPConnection
* PortMapping
+ WANPPPConnection
* PortMapping
* Services
* ManagementServer
=>
RELATED COMMANDS:
Display the object instances.
Display the registered enumtypes.
MBUS Commands
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
526
MBUS Commands
mbus listenums
Display the registered enumtypes.
SYNTAX:
mbus listenumss [dmtree = <{igd|atomic|system}>]
[name = <quoted string>]
[expand = <{disabled|enabled}>] where: dmtree name expand
Select mbusd datamodel tree.
Filter enumtypes by (part of) the name
Enable or disable details.
The default is
disabled
.
EXAMPLE:
=>mbus listtypes
- root
+ InternetGatewayDevice
* DeviceInfo
* Layer3Forwarding
* LANDevice
- WLANConfiguration
+ WEPKey
+ PreSharedKey
-
* WANDevice
- WANCommonInterfaceConfig
- WANDSLInterfaceConfig
- WANConnectionDevice
+ WANDSLLinkConfig
+ WANIPConnection
* PortMapping
+ WANPPPConnection
* PortMapping
* Services
* ManagementServer
=>
RELATED COMMANDS:
Display the object instances.
Display the registered objecttypes.
Display the context instances .
E-DOC-CTC-20061027-0003 v2.0
OPTIONAL
OPTIONAL
OPTIONAL
527
mbus listcontexts
Display the context instances .
SYNTAX:
listcontexts where: dmtree
[dmtree = <{igd|atomic|system}>]
Select mbusd datamodel tree.
RELATED COMMANDS:
Display the object instances.
Display the registered objecttypes.
Display the registered enumtypes.
Display the subscription instances .
MBUS Commands
OPTIONAL
528
E-DOC-CTC-20061027-0003 v2.0
MBUS Commands
mbus listsubscriptions
Display the subscription instances .
SYNTAX:
listsubscriptions [dmtree = <{igd|atomic|system}>] where: dmtree Select mbusd datamodel tree.
RELATED COMMANDS:
Display the object instances.
Display the registered objecttypes.
Display the registered enumtypes.
Display the context instances .
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
529
MBUS Commands
mbus debug loadobjects
Load object instances of registered objecttypes.
SYNTAX:
mbus debug loadobjects [dmtree = <{igd|atomic|system}>]
[path = <quoted string>]
[type = <{indexpath|objidpath|keystrpath}>]
[flush = <{disabled|enabled}>] where: dmtree path type flush mbus data model tree
Fully qualified mbus path.
Path type.
The default is
indexpath
.
Flush objects before load
The default is
disabled
)
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
RELATED COMMANDS:
mbus debug unloadobjects Unload object instances.
530
E-DOC-CTC-20061027-0003 v2.0
MBUS Commands
mbus debug unloadobjects
Unload object instances.
SYNTAX:
mbus unloadobjects [path = <quoted string>]
[type = <{idpath | keypath}>] where: path type
Fully qualified mbus path.
Path type.
Choose between:
>
idpath
>
keypath
.
The default is
idpath
.
RELATED COMMANDS:
mbus debug loadobjects Load object instances of registered objecttypes.
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
531
mbus pluginevent
Simulate event from plugin .
SYNTAX:
mbus pluginevent ctxid = <number{0--2}> type = <{addobj|delobj|updobj}> path = <quoted string>
[name = <quoted string>]
[value = <quoted string>]
[orivalue = <quoted string>] where: ctxid type path name value orivalue
Plugin context id
Event type
Plugin event subpath
Plugin event name
Plugin event value
Plugin event orivalue
MBUS Commands
532
E-DOC-CTC-20061027-0003 v2.0
MBUS Commands
mbus unregister
Unregister a client/plugin context .
SYNTAX:
unregister where: id id = <number> message-based client/plugin context id.
E-DOC-CTC-20061027-0003 v2.0
533
mbus client unregister
Unregister cli client from mbus .
SYNTAX:
unregister
MBUS Commands
534
E-DOC-CTC-20061027-0003 v2.0
MEMM Commands
27 MEMM Commands
Introduction
This chapter describes the commands of the memm command group.
Contents
This chapter covers the following commands:
E-DOC-CTC-20061027-0003 v2.0
535
MEMM Commands
memm debug lock traceconfig
Modify lock trace settings.
SYNTAX:
memm debug lock traceconfig where: level name
[level = <number{0-4}>]
[name = <string>]
A number between 0 and 4.
Represents the memm trace level.
Application name filter for lock traces (empty displays all lock traces).
OPTIONAL
OPTIONAL
536
E-DOC-CTC-20061027-0003 v2.0
MEMM Commands
memm debug traceconfig
Modify memm trace settings.
SYNTAX:
memm debug traceconfig [level = <number{0-4}>] where: level A number between 0 and 4.
Represents the memm trace level.
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
537
memm debug clearstats
Clear time statistics
SYNTAX:
memm debug clearstats
MEMM Commands
538
E-DOC-CTC-20061027-0003 v2.0
MEMM Commands
memm debug lock stats
Display lock statistics
SYNTAX:
memm debug lock stats
E-DOC-CTC-20061027-0003 v2.0
539
MEMM Commands
memm listobjects
Display objects.
SYNTAX:
memm listobjects where: name
[name = <quoted string>]
Select typename(s) to list (supports partial typename).
OPTIONAL
540
E-DOC-CTC-20061027-0003 v2.0
MEMM Commands
memm stats
Display memm statistics.
SYNTAX:
memm stats where: name
[name = <quoted string>]
Select typename(s) to list (supports partial typename).
OPTIONAL
EXAMPLE:
=>memm stats pool name
--------memm_pooldesc dynstr_pool mbus_llist mbus_dynstr
- strings buffer mbus_client mbus_cmddata mbus_objecttype mbus_paramtype mbus_object mbus_objectindex upnp_dynstr
-strings buffer upnp_handles upnp_devices upnp_services upnp_subscriptions upnp_firstdeviceevents mbus_cliclient cwmp_elem_pool cwmp_attr_pool cwmp_llist_pool cwmp_dynstr_pool
-strings buffer cwmp_event_pool cwmp_cmddata_pool
---------
Total usage
=> bytes cur,max,avail (max.%) count cur,max,avail ref cur,max,avail
--------------------------------------------------------------
1196, 1196, 1300
72,
2904,
2928,
28,
0,
36,
138,
332,
816,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
72,
2904,
2964,
28,
0,
60,
0,
0,
0,
24,
0,
0,
0,
120
4920
4920
3545, 3563, 8192
12,
0,
12, 120
88, 3520
744, 744, 960
5908, 5908, 7000
1960
840
600
151, 2048
332, 996
816, 8160
2560, 2560, 19200
0, 30400
0, 4000
240
560
400
480
240
0, 8192
64
1320
(92%)
(60%)
(59%)
(60%)
(43%)
(10%)
( 2%)
(77%)
(84%)
( 1%)
( 0%)
(10%)
( 7%)
(33%)
(10%)
(13%)
( 0%)
( 0%)
( 0%)
( 0%)
( 0%)
( 5%)
( 0%)
( 0%)
( 0%)
( 0%)
----------------------------
21219, 21422,110752 (19%)
23,
3,
242,
244,
1,
0,
31,
211,
1,
0,
3,
1,
3,
4,
0,
0,
0,
0,
0,
0,
0,
0,
0,
23,
3,
242,
247,
1,
2,
31,
211,
1,
0,
5,
1,
3,
4,
0,
0,
0,
0,
0,
2,
0,
0,
0,
25
5
410
410
10
80
40
250
70
70
50
3
30
30
50
50
5
20
20
40
20
4
30 obj:
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
255
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
E-DOC-CTC-20061027-0003 v2.0
541
MEMM Commands
EXAMPLE:
=>memm stats pool name cur,max,avail
------------memm_pooldesc j: 0, 255 dynstr_pool
0, 0, mbus_llist
-
0, 0, mbus_dynstr
0, 0, -
- strings buffer mbus_client
0, 0, mbus_cmddata
0, 0, mbus_objecttype
0, 0, mbus_paramtype
0, 0, mbus_object
0, 0, mbus_objectindex
0, 0, upnp_dynstr
0, 0, -
- strings buffer upnp_handles
0, 0, upnp_devices
0, 0, upnp_services
0, 0, upnp_subscriptions
0, 0, upnp_firstdeviceevents
0, 0, mbus_cliclient
0, 0, cwmp_elem_pool
0, 0, cwmp_attr_pool
0, 0, cwmp_llist_pool
0, 0, cwmp_dynstr_pool
0, 0, -
- strings buffer cwmp_event_pool
0, 0, cwmp_cmddata_pool
0, 0, -
-------------
Total usage
=> bytes cur,max,avail (max.%)
---------------------------
1196, 1196, 1300 ( 92%)
72,
2460,
2316,
2761,
12,
72,
2532,
2424,
2839,
12,
120 ( 60%)
4920 ( 51%)
4920 ( 49%)
8192 ( 34%)
120 ( 10%)
816,
2560,
1216,
0,
0,
0,
0,
0,
0,
480,
3976,
840,
168,
36,
132,
332,
88,
480,
3976,
840,
168,
72,
152,
332,
3520 (
2048 (
2%)
960 ( 50%)
7000 ( 56%)
1960 ( 42%)
840 ( 20%)
600 ( 12%)
7%)
996 ( 33%)
816, 8160 ( 10%)
2560, 19200 ( 13%)
2432, 30400 ( 8%)
320, 4000 ( 8%)
0,
0,
0,
24,
240 (
560 (
400 (
480 (
0%)
0%)
0%)
5%)
0,
0,
0,
0,
0,
0,
0,
0,
240 ( 0%)
8192 ( 0%)
64 ( 0%)
13202 ( 0%)
---------------------------
19373, 21335,110752 ( 19%) count cur,max,avail
-------------------
23, 23, 25
3, 3, 5
205, 211, 410
193, 202, 410
0,
0,
0,
0,
0,
3,
4,
2,
0,
30,
14,
3,
14,
1,
1,
0,
1,
2,
10
80
20, 20, 40
142, 142, 250
30,
14,
6,
14,
1,
70
70
50
70
3
0,
0,
0,
2,
0,
3,
4,
4,
4,
5
20
20
40
20
30
30
50
50
0,
0,
0,
0,
4
30 ref
--ob
E-DOC-CTC-20061027-0003 v2.0
542
MLP Commands
28 MLP Commands
Introduction
This chapter describes the commands of the mlp command group.
Contents
This chapter covers the following commands:
Flush all the Multi-Level access Policies (MLP) structures.
Export all the scores.
Modify the MLP trace settings.
Add a privilege.
Remove a zone from a privilege.
Add a role.
Add a privilege to a role.
Remove a privilege from a role.
E-DOC-CTC-20061027-0003 v2.0
543
mlp flush
Flush all the Multi-Level access Policies (MLP) structures.
SYNTAX:
mlp flush
MLP Commands
544
E-DOC-CTC-20061027-0003 v2.0
MLP Commands
mlp import
Import all the scores.
SYNTAX:
mlp import where: trace
[trace = <{disabled | enabled | full}>]
Select the import trace level.
Choose between:
>
disabled
>
enabled
>
full.
The default is
disabled
.
OPTIONAL
RELATED COMMANDS:
Export all the scores.
E-DOC-CTC-20061027-0003 v2.0
545
mlp debug export
Export all the scores.
SYNTAX:
mlp debug export
RELATED COMMANDS:
mlp import Import all the scores.
MLP Commands
546
E-DOC-CTC-20061027-0003 v2.0
MLP Commands
mlp debug stats
Display MLP statistics.
SYNTAX:
mlp debug stats
EXAMPLE:
=>mlp debug stats
Roles (cur/free/max) : 8/7/15
Privileges (cur/free/max) : 35/25/60
ListItems (cur/free/max) : 31/119/150
=>
E-DOC-CTC-20061027-0003 v2.0
547
MLP Commands
mlp debug traceconfig
Modify the MLP trace settings.
SYNTAX:
mlp debug traceconfig where: trace
[trace = <{disabled | enabled | full}>]
Select the trace level.
Choose between:
>
disabled
>
enabled
>
full.
The default is
disabled
.
OPTIONAL
EXAMPLE:
=>mlp debug traceconfig mlp trace: disabled
=>
548
E-DOC-CTC-20061027-0003 v2.0
MLP Commands
mlp privilege add
Add a privilege.
SYNTAX:
mlp privilege add where: name type descr name = <quoted string> type = <{access | service}>
[descr = <quoted string>]
The name of the new privilege.
Note
The maximum number of privileges is 60.
Select the privilege type.
Choose between:
>
access
: the privilege is an access privilege.
>
service
: the privilege is a service privilege.
A description of the privilege.
Note
The maximum length is 63 characters.
REQUIRED
REQUIRED
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
549
MLP Commands
EXAMPLE:
=>mlp privilege list type=access
Privilege (type) Description
---------------------------anyaccess (access) All access privileges granted
AP1 (access) LAN_Local_all
AP2 (access) LAN_Local with all secured channels
AP3 (access) LAN_Local with all channels & access to sensitive files
...
AP15 (access) WAN from all channels
AP16 (access) LAN from HTTP/HTTPs
=>mlp privilege add name=myPrivilege type=access descr="My access privilege"
=>mlp privilege list type=access
Privilege (type) Description
---------------------------anyaccess (access) All access privileges granted
AP1 (access) LAN_Local_all
AP2 (access) LAN_Local with all secured channels
AP3 (access) LAN_Local with all channels & access to sensitive files
...
AP15 (access) WAN from all channels
AP16 (access) LAN from HTTP/HTTPs myPrivilege (access) My access privilege
=>
RELATED COMMANDS:
550
E-DOC-CTC-20061027-0003 v2.0
MLP Commands
mlp privilege addzone
Add a zone to a privilege.
i
Only one zone can be added at a time to a privilege. If multiple zones need to be added, the command
:mlp privilege addzone must be executed for each zone to be added.
SYNTAX:
mlp privilege addzone where: name zone name = <string> zone = <string>
The name of the privilege in which a zone must be added.
The name of the new zone.
REQUIRED
REQUIRED
EXAMPLE:
=>mlp privilege list type=access name=myPrivilege verbose=all myPrivilege (access) My access privilege
=>mlp privilege addzone name=myPrivilege zone=channel_http
=>mlp privilege list type=access name=myPrivilege verbose=all myPrivilege (access) My access privilege channel_http
=>
RELATED COMMANDS:
Remove a zone from a privilege.
E-DOC-CTC-20061027-0003 v2.0
551
MLP Commands
mlp privilege config
Modify a privilege.
SYNTAX:
mlp privilege config name = <string>
[descr = <quoted string>]
[score = <{hex-word}[:{hex-word}] ex:
'a12:c30f'>] where: name descr score
The name of the privilege to be modified.
Set the privilege description.
Note
The maximum length is 63 characters.
Set the score of the privilege.
Note
This is a hexadecimal value, for example “a12:c30f”.
EXAMPLE:
=>mlp privilege config name=myPrivilege descr="My test privilege" score=a12:def4
=>mlp privilege list verbose=all anyaccess (access) All access privileges granted unsecure_connection, channel_ftp, channel_telnet, channel_http, channel_mdap, channel_serial, origin_lan, origin_wan, origin_local anyservice (service) All service privileges granted
...
AP15 (access) WAN from all channels unsecure_connection, channel_ftp, channel_telnet, channel_http, channel_mdap, channel_serial, origin_wan
AP16 (access) LAN from HTTP/HTTPs unsecure_connection, channel_http, origin_lan myPrivilege (service) My test privilege r_lan, r_fs_view, r_fs_retrieve, r_rtg, r_fwdg, r_frwl, r_ipsec_norm, r_ipsec_adv, r_certificates, r_local, r_qos, and_lan, and_local, cli, ftp
=>
REQUIRED
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
552
MLP Commands
mlp privilege delete
Delete a privilege.
SYNTAX:
mlp privilege delete where: name name = <string>
The name of the privilege to be deleted.
EXAMPLE:
=>mlp privilege list type=access
Privilege (type) Description
---------------------------anyaccess (access) All access privileges granted
AP1 (access) LAN _Local_all
AP2 (access) LAN_Local with all secured channels
AP3 (access) LAN_Local with all channels & access to sensitive files
AP4 (access) LAN_Local with all secured channels & access to sensitive files
AP5 (access) WAN from a secure HTTP
AP6 (access) WAN from a secure HTTP & access to sensitive files
AP7 (access) LAN from all channels except telnet
AP8 (access) LAN from all secured channels except telnet
AP9 (access) LAN from all channels except telnet & access to sensitive file
AP10 (access) LAN access to sensitive file & secured channels except telnet
AP11 (access) All origins_noHTTP
AP12 (access) All origins_from all secured channels no http
AP13 (access) All origins_noHTTP & access to sensitive files
AP14 (access) All origins_secured channels &access to sensitive files no http
AP15 (access) WAN from all channels
AP16 (access) LAN from HTTP/HTTPs myPrivilege (access) My access privilege
=>mlp privilege delete name=myPrivilege
=>mlp privilege list type=access
Privilege (type) Description
---------------------------anyaccess (access) All access privileges granted
AP1 (access) LAN _Local_all
AP2 (access) LAN_Local with all secured channels
AP3 (access) LAN_Local with all channels & access to sensitive files
...
AP13 (access) All origins_noHTTP & access to sensitive files
AP14 (access) All origins_secured channels &access to sensitive files no http
AP15 (access) WAN from all channels
AP16 (access) LAN from HTTP/HTTPs
=>
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
553
RELATED COMMANDS:
Add a privilege.
MLP Commands
554
E-DOC-CTC-20061027-0003 v2.0
MLP Commands
mlp privilege list
Display the privileges.
SYNTAX:
mlp privilege list [name = <string>]
[type = <{access | service}>]
[verbose = <{minimal | medium | all}>] where: name type verbose
The name of the privilege to be listed.
Note
If not specified, all the privileges will be shown.
Select the privilege type to be shown. Choose between:
>
access
: only the access privileges will be shown
>
service
: only the service privileges will be shown.
Note
If not specified, all the privilege types will be shown.
Limit the output list. Choose between:
>
minimal
>
medium
>
all.
The default is
minimal
.
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
555
EXAMPLE:
=>mlp privilege list type=service
Privilege (type) Description
---------------------------anyservice (service) All service privileges granted
SP1 (service) Limited_Read
SP2 (service) detailed_Read
SP3 (service) Write_to_LAN
SP4 (service) Write_FWD_RT_normal_FW_cfgs
SP5 (service) cooperative_cfgs
SP6 (service) Remote Configurations
SP7 (service) Advanced sink & source FW
SP8 (service) Write_to_U_Connection
SP9 (service) Write_to_Local
SP10 (service) Simple_network_debugging
SP11 (service) Advance_Network_debugging
SP12 (service) User_admin
SP13 (service) MLP_Admin
SP14 (service) Backup & Restore
SP15 (service) CLI mngt Interface only
SP16 (service) CGI mngt Interface only
SP17 (service) FTP mngt Interface only
=>mlp privilege list name=SP5 verbose=all
SP5 (service) cooperative_cfgs r_ipsec_norm, r_ipsec_adv, r_certificates, w_frwl_norm, w_frwl_adv,
=> w_ipsec, w_certificates
RELATED COMMANDS:
mlp privilege delete mlp privilege delete
Add a privilege.
MLP Commands
556
E-DOC-CTC-20061027-0003 v2.0
MLP Commands
mlp privilege removezone
Remove a zone from a privilege.
i
Only one zone can be removed at a time from a privilege. If multiple zones need to be removed, the command
:mlp privilege removezone must be executed for each zone to be removed.
SYNTAX:
mlp privilege removezone name = <string> zone = <string> where: name zone
The name of the privilege in which a zone must be removed.
The name of the zone to be removed.
REQUIRED
REQUIRED
EXAMPLE:
=>mlp privilege list name=myPrivilege verbose=all myPrivilege (access) My access privilege channel_http, channel_serial
=>mlp privilege removezone name=myPrivilege zone=channel_serial
=>mlp privilege list name=myPrivilege verbose=all myPrivilege (access) My access privilege channel_http
=>
RELATED COMMANDS:
mlp privilege addzone Add a zone to a privilege.
E-DOC-CTC-20061027-0003 v2.0
557
MLP Commands
mlp role add
Add a role.
SYNTAX:
mlp role add name = <quoted string> parent = <string>
[descr = <quoted string>] where: name parent descr
The name of the new role.
Note
The maximum number of roles is 15.
The name of the parent role.
The role description.
Note
The maximum length is 63 characters.
REQUIRED
REQUIRED
OPTIONAL
EXAMPLE:
=>mlp role list
Role (parent) Description
------------------------root (-) The superuser
SuperUser (root) Any service and any access from LAN/WAN/LOCAL
TechnicalSupport (SuperUser) Any service and any channels from WAN
Administrator (TechnicalSupport) Any service and any access from LAN/Local origin only
PowerUser (Administrator) GUI(Service/overview page)via http/https from LAN origin
User (PowerUser) GUI(Overview pages, remote assistance) via HTTP/HTTPS from LAN
LAN_Admin (Administrator) Only LAN related configurations from any Channel/Origin
WAN_Admin (Administrator) Only WAN related configurations from any Channels/Origin
=>mlp role create name=myRole parent=User descr="My user access"
=>mlp role list
Role (parent) Description
------------------------root (-) The superuser
SuperUser (root) Any service and any access from LAN/WAN/LOCAL
TechnicalSupport (SuperUser) Any service and any channels from WAN
Administrator (TechnicalSupport) Any service and any access from LAN/Local origin only
PowerUser (Administrator) GUI(Service/overview page)via http/https from LAN origin
User (PowerUser) GUI(Overview pages, remote assistance) via HTTP/HTTPS from LAN
LAN_Admin (Administrator) Only LAN related configurations from any Channel/Origin
WAN_Admin (Administrator) Only WAN related configurations from any Channels/Origin myRole (User) My user access
=>
RELATED COMMANDS:
mlp role delete Delete a role.
E-DOC-CTC-20061027-0003 v2.0
558
MLP Commands
mlp role list Display the roles.
E-DOC-CTC-20061027-0003 v2.0
559
MLP Commands
mlp role addpriv
Add a privilege to a role.
SYNTAX:
mlp role addpriv name = <string> access = <string> service = <string> where: name access service
The name of the role.
The name of the access privilege to be added.
The name of the service privilege to be added.
EXAMPLE:
=>mlp role list name=myRole verbose=all myRole (User) My user access
=>mlp role addpriv name=myRole access=myPrivilege service=SP7
=>mlp role list name=myRole verbose=all myRole (User) My user access myPrivilege & SP7
=>
RELATED COMMANDS:
mlp role removepriv Remove a privilege from a role.
REQUIRED
REQUIRED
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
560
MLP Commands
mlp role config
Modify the role.
SYNTAX:
mlp role config name = <string>
[parent = <string>]
[descr = <quoted string>] where: name parent descr
The name of the role to be configured.
The name of the parent role.
The role description.
Note
The maximum length is 63 characters.
EXAMPLE:
=>mlp role list name=myRole verbose=all myRole (User) My user access myPrivilege & SP7
=>mlp role config name=myRole parent=Guest descr="My user access"
=>mlp role list name=myRole verbose=all myRole (Guest) My user access myPrivilege & SP7
=>
REQUIRED
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
561
MLP Commands
mlp role delete
Delete a role.
SYNTAX:
mlp role delete where: name name = <string>
The name of the role to be deleted.
REQUIRED
EXAMPLE:
=>mlp role list
Role (parent) Description
------------------------root (-) The superuser
SuperUser (root) Any service and any access from LAN/WAN/LOCAL
TechnicalSupport (SuperUser) Any service and any channels from WAN
Administrator (TechnicalSupport) Any service and any access from LAN/Local origin only
PowerUser (Administrator) GUI(Service/overview page)via http/https from LAN origin
User (PowerUser) GUI(Overview pages, remote assistance) via HTTP/HTTPS from LAN
LAN_Admin (Administrator) Only LAN related configurations from any Channel/Origin
WAN_Admin (Administrator) Only WAN related configurations from any Channels/Origin myRole (Guest) My user access
=>mlp role delete name=myRole
=>mlp role list
Role (parent) Description
------------------------root (-) The superuser
SuperUser (root) Any service and any access from LAN/WAN/LOCAL
TechnicalSupport (SuperUser) Any service and any channels from WAN
Administrator (TechnicalSupport) Any service and any access from LAN/Local origin only
PowerUser (Administrator) GUI(Service/overview page)via http/https from LAN origin
User (PowerUser) GUI(Overview pages, remote assistance) via HTTP/HTTPS from LAN
LAN_Admin (Administrator) Only LAN related configurations from any Channel/Origin
WAN_Admin (Administrator) Only WAN related configurations from any Channels/Origin
=>
RELATED COMMANDS:
Add a role.
E-DOC-CTC-20061027-0003 v2.0
562
MLP Commands
mlp role list
Display the roles.
SYNTAX:
mlp role list where: name verbose
[name = <string>]
[verbose = <{minimal | medium | all}>]
The name of the role to be listed.
Note
If not specified, all the roles will be listed.
Limit the output list.
Choose between:
>
minimal
>
medium
>
all.
The default is
minimal
.
OPTIONAL
OPTIONAL
EXAMPLE:
=>mlp role list
Role (parent) Description
------------------------root (-) The superuser
SuperUser (root) Any service and any access from LAN/WAN/LOCAL
TechnicalSupport (SuperUser) Any service and any channels from WAN
Administrator (TechnicalSupport) Any service and any access from LAN/Local origin only
PowerUser (Administrator) GUI(Service/overview page)via http/https from LAN origin
User (PowerUser) GUI(Overview pages, remote assistance) via HTTP/HTTPS from LAN
LAN_Admin (Administrator) Only LAN related configurations from any Channel/Origin
WAN_Admin (Administrator) Only WAN related configurations from any Channels/Origin myRole (Guest) My user access
=>mlp role list name=PowerUser verbose=all
PowerUser (Administrator) GUI(Service/overview page)via http/https from LAN origin
AP16 & SP1
AP16 & SP2
AP16 & SP10
AP16 & SP16
=>
AP16 & SP8
RELATED COMMANDS:
mlp role delete mlp role delete
Add a role.
E-DOC-CTC-20061027-0003 v2.0
563
MLP Commands
mlp role removepriv
Remove a privilege from a role.
SYNTAX:
mlp role removepriv name = <string> access = <string>
[service = <string>] where: name access service
The name of the role.
The name of the access privilege to be deleted.
The name of the service privilege to be deleted.
EXAMPLE:
=>mlp role list name=myRole verbose=all myRole (Guest) My user access myPrivilege & SP7
=>mlp role removepriv name=myRole access=myPrivilege
=>mlp role list name=myRole verbose=all myRole (Guest) My user access
=>
RELATED COMMANDS:
Add a privilege to a role.
REQUIRED
REQUIRED
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
564
NAT Commands
29 NAT Commands
Introduction
This chapter describes the commands of the nat command group.
Contents
This chapter covers the following commands:
Display/modify global NAT configuration options.
Flush the current NAT configuration.
Modify address translation on an IP interface.
Display the address translation configuration on all the interfaces.
Add an address mapping to a Network Address Translation (NAT) enabled interface.
Delete an address mapping from a NAT enabled interface.
Display the address mapping for a NAT enabled interface.
Add an address mapping template.
Delete an address mapping template.
Display the address mapping templates.
Instantiate address mapping templates for a given dynamic address.
E-DOC-CTC-20061027-0003 v2.0
565
NAT Commands
nat config
Display/modify global NAT configuration options.
SYNTAX:
nat config where: trace
[trace = <{disabled | enabled}>]
Enable or disable traces.
The default is
disabled
.
EXAMPLE:
=>nat config
NAT traces : disabled
=>nat config trace=enabled
=>nat config
NAT traces : enabled
=>
REQUIRED
566
E-DOC-CTC-20061027-0003 v2.0
NAT Commands
nat flush
Flush the current NAT configuration.
SYNTAX:
nat flush
E-DOC-CTC-20061027-0003 v2.0
567
NAT Commands
nat ifconfig
Modify address translation on an IP interface.
SYNTAX:
nat ifconfig intf = <string> translation = <{disabled | enabled | transparent}> where: intf translation
The IP interface name.
Enable or disable address translation.
Choose between:
>
disabled
: Address translation is disabled.
>
enabled
: Address translation is enabled.
>
transparent
: An inside address is translated into the same outside IP address. In fact, no translation happens and the
IP packets passing through the Thomson ST remain untouched.
The default is
disabled
.
REQUIRED
REQUIRED
EXAMPLE:
=>nat iflist
Interface loop myPPP_ppp eth0
NAT disabled disabled transparent
=>nat ifconfig intf=myPPP_ppp translation=enabled
=>nat iflist
Interface loop myPPP_ppp eth0
=>
NAT disabled enabled transparent
RELATED COMMANDS:
nat iflist Display the address translation configuration on all the interfaces.
E-DOC-CTC-20061027-0003 v2.0
568
NAT Commands
nat iflist
Display the address translation configuration on all the interfaces.
SYNTAX:
nat iflist
EXAMPLE:
=>nat iflist
Interface loop
Internet
RtPPPoE_ppp
LocalNetwork
=>
NAT disabled enabled enabled transparent
RELATED COMMANDS:
nat ifconfig Modify address translation on an IP interface.
E-DOC-CTC-20061027-0003 v2.0
569
NAT Commands
nat mapadd
Add an address mapping to a Network Address Translation (NAT) enabled interface.
SYNTAX:
nat mapadd intf = <string>
[type = <{napt | nat}>]
[outside_addr = <ip-range>]
[inside_addr = <ip-range>]
[access_list = <ip-range>]
[foreign_addr = <ip-range>]
[protocol = <{supported IP protocol} or number>]
[outside_port = <port-range>]
[inside_port = <port-range>]
[mode = <{auto | inbound | outbound}>] where: intf type outside_addr
The IP interface name.
Note
The specified interface must be an existing NAT enabled interface.
The type of NAT map to be used.
Choose between:
>
napt
: The map is a Network Address Port Translation (NAPT) map or a port-shifting NAT map.
>
nat
: The map is a basic NAT map or a two-way NAT map.
The outside (typically public) IP address.
>
Inbound: This map will only apply if the destination IP address is part of the outside address(es).
>
Outbound: Represents the address(es) to be used as source address after translation.
Allowed values are:
>
An IP address (A.B.C.D or A.D, meaning A.0.0.D).
>
A range of IP addresses (A.B.C.[D-E]) (only for NAT).
>
An IP subnet (A.B.C.D/M) (only for NAT).
REQUIRED
OPTIONAL
REQUIRED for NAT maps and NAPT maps.
OPTIONAL for portshifting maps.
E-DOC-CTC-20061027-0003 v2.0
570
NAT Commands inside_addr access_list foreign_addr protocol
The inside (typically private) IP address.
>
Inbound: Represents the address(es) to be used as destination address after translation.
>
Outbound: This map will only apply if the source IP address is part of the inside address(es).
Allowed values are:
>
An IP address (A.B.C.D or A.D, meaning A.0.0.D).
>
A range of IP addresses (A.B.C.[D-E]) (only for NAT).
>
An IP subnet (A.B.C.D/M (only for NAT)).
The default is
““
(unmapped).
Note
If specified, the number of inside addresses must be equal to the number of outside addresses.
The range of inside addresses to which the mapping is restricted.
This parameter is used for outbound traffic only. Represents the list of inside IP addresses (LAN devices) allowed to make use of this map.
Allowed values are:
>
An IP address (A.B.C.D or A.D, meaning A.0.0.D).
>
A range of IP addresses (A.B.C.[D-E]).
>
An IP subnet (A.B.C.D/M).
>
* (all addresses).
The default is the inside_addr.
The range of destination addresses to which the mapping is restricted.
This parameter is used as filter for inbound/outbound traffic.
>
Inbound: This map only applies if the source IP address is part of the foreign address(es).
>
Outbound: This map only applies if the destination IP address is part of the foreign address(es).
Allowed values are:
>
An IP address (A.B.C.D or A.D, meaning A.0.0.D).
>
A range of IP addresses (A.B.C.[D-E]).
>
An IP subnet (A.B.C.D/M).
>
* (all addresses).
The default is
*
(meaning all addresses).
The IP protocol to be used as filter for inbound/outbound traffic. The
NAT map only applies if the protocol of the IP packet matches the map protocol.
Select an IP protocol (see
“ Supported IP Protocols” on page 746
) or, alternatively, type the protocol number.
The default is
0
(meaning any protocol).
OPTIONAL for NAT maps and NAPT maps.
REQUIRED for portshifting maps.
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
571
NAT Commands outside_port inside_port mode
The outside port number or range (only for maps of type
napt
).
>
For a NAPT map: Represents the range of TCP/UDP ports to be used as dynamic port range during the NAPT process.
>
For a port-shifting map: Represents the source port(s) to be translated (shifted) into
inside_port
.
Allowed values are:
>
TCP/UDP port range [P-Q] (with Q > P)
>
TCP/UDP port number (only for port-shifting maps).
The inside port number or range (only for maps of type
napt
).
If this parameter is specified for a map of type
napt
, then this map is a port-shifting map.
Represents the target TCP/UDP ports to which the traffic has to be shifted.
Allowed values are:
>
TCP/UDP port range [P-Q] (with Q > P)
>
TCP/UDP port number (only for port-shifting maps).
Note
The size of
inside_port
must be identical to the size of
outside_port
.
The mode to create the portmap.
Choose between:
>
auto
>
inbound
>
outbound.
The standard is
auto
.
OPTIONAL for NAPT map.
REQUIRED for portshifting map.
REQUIRED for portshifting map
OPTIONAL
572
E-DOC-CTC-20061027-0003 v2.0
NAT Commands
EXAMPLE:
=>nat maplist
Idx Type Interface
1 NAPT eth0
2 NAPT eth0
3 NAPT eth0
Outside Address any:80 any:1080 any:8080
Inside Address
127.0.0.1:8080
127.0.0.1:8080
127.0.0.1:8080
Use
0
0
0
=>nat mapadd intf=myPPP_ppp type=napt outside_addr=100.100.100.1 access_list=10.0.0.0/24
=>nat maplist
Idx Type Interface
1 NAPT myPPP_ppp
1 NAPT eth0
2 NAPT eth0
3 NAPT eth0
Outside Address
100.100.100.1
any:80 any:1080 any:8080
=>maplist intf=myPPP_ppp expand=enabled
Inside Address unmapped
127.0.0.1:8080
127.0.0.1:8080
127.0.0.1:8080
Use
0
0
0
0
Idx Type Interface
1 NAPT myPPP_ppp
Outside Address
100.100.100.1
Inside Address unmapped
Access List................... 10.0.0.0/24
Foreign Address............... any
Use
0
Protocol...................... any
Flags......................... Static
Description................... Outbound NAPT without defserver
=>
RELATED COMMANDS:
Delete an address mapping from a NAT enabled interface.
Display the address mapping for a NAT enabled interface.
E-DOC-CTC-20061027-0003 v2.0
573
NAT Commands
nat mapdelete
Delete an address mapping from a NAT enabled interface.
SYNTAX:
nat mapdelete where: intf index intf = <string> index = <number>
The IP interface name.
The map index.
Tip
Use the command
:nat maplist to obtain a list of the mapindexes.
REQUIRED
REQUIRED
EXAMPLE:
=>nat maplist
Idx Type Interface
1 NAPT myPPP_ppp
1 NAPT eth0
2 NAPT eth0
3 NAPT eth0
Outside Address
100.100.100.1
any:80 any:1080 any:8080
=>nat mapdelete intf=myPPP_ppp index=1
=>nat maplist
Idx Type Interface
1 NAPT eth0
2 NAPT eth0
Outside Address any:80 any:1080 any:8080
=>
3 NAPT eth0
RELATED COMMANDS:
Inside Address unmapped
127.0.0.1:8080
127.0.0.1:8080
127.0.0.1:8080
Inside Address
127.0.0.1:8080
127.0.0.1:8080
127.0.0.1:8080
0
0
Use
0
0
0
0
Use
0
Add an address mapping to a Network Address Translation (NAT) enabled interface.
Display the address mapping for a NAT enabled interface.
E-DOC-CTC-20061027-0003 v2.0
574
NAT Commands
nat maplist
Display the address mapping for a NAT enabled interface.
SYNTAX:
nat maplist [intf = <string>]
[expand = <{disabled | enabled}>]
[string = <string>]
[beginstring = <string>] where: intf expand string beginstring
The IP interface name.
Note
If not specified, the address mapping for all the NAT enabled interfaces will be shown.
Enable or disable expanded listing.
The default is
disabled
.
string matching condition beginstring matching condition
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
EXAMPLE:
=>nat maplist
Idx Type Interface
1 NAPT myPPP_ppp
1 NAPT eth0
2 NAPT eth0
3 NAPT eth0
Outside Address
100.100.100.1
any:80 any:1080 any:8080
=>maplist intf=myPPP_ppp expand=enabled
Idx Type Interface
1 NAPT myPPP_ppp
Outside Address
100.100.100.1
Inside Address unmapped
127.0.0.1:8080
127.0.0.1:8080
127.0.0.1:8080
Inside Address unmapped
Access List................... 10.0.0.0/24
Foreign Address............... any
Use
0
0
0
0
Use
0
Protocol...................... any
Flags......................... Static
Description................... Outbound NAPT without defserver
=>
RELATED COMMANDS:
Add an address mapping to a Network Address Translation (NAT) enabled interface.
Delete an address mapping from a NAT enabled interface.
E-DOC-CTC-20061027-0003 v2.0
575
NAT Commands
nat tmpladd
Add an address mapping template.
SYNTAX:
nat tmpladd [intf = <string>]
[group = <{wan|local|lan|tunnel|dmz|guest} or number>]
[timeout = <number{0-65535}>]
[type = <{napt | nat}>] outside_addr = <ip-range>
[inside_addr = <ip-range>]
[access_list = <ip-range>]
[foreign_addr = <ip-range>]
[protocol = <{supported IP protocol} or number>]
[outside_port = <port-range>]
[inside_port = <port-range>]
[mode = <{auto | inbound | outbound}>] where: intf group timeout type
The IP interface name.
The IP interface group scope for this template.
Choose between:
>
wan
>
local
>
lan
>
tunnel
>
dmz
>
guest.
Note
If an interface has been defined with the parameter
intf
, then the setting for this parameter is ignored.
A number between 0 and 6553 (seconds).
Represents the lifetime for this template.
The type of NAT map to be used.
Choose between:
>
napt
: The map is a NAPT map or a port-shifting NAT map.
>
nat
: The map is a basic NAT map or a two-way NAT map.
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
576
NAT Commands outside_addr inside_addr access_list foreign_addr
The outside (typically public) IP address.
>
Inbound: This map will only apply if the destination IP address is part of the outside address(es).
>
Outbound: Represents the address(es) to be used as source address after translation.
Allowed values are:
>
An IP address (A.B.C.D or A.D, meaning A.0.0.D).
>
A range of IP addresses (A.B.C.[D-E]) (only for NAT).
>
An IP subnet (A.B.C.D/M) (only for NAT).
The inside (typically private) IP address.
>
Inbound: Represents the address(es) to be used as destination address after translation.
>
Outbound: This map will only apply if the source IP address is part of the inside address(es).
Allowed values are:
>
An IP address (A.B.C.D or A.D, meaning A.0.0.D).
>
A range of IP addresses (A.B.C.[D-E]) (only for NAT).
>
An IP subnet (A.B.C.D/M (only for NAT)).
Default value is
““
(meaning unmapped).
Note
If specified, the number of inside addresses must be equal to the number of outside addresses.
The range of inside addresses to which the mapping is restricted.
This parameter is used for outbound traffic only. Represents the list of inside IP addresses (LAN devices) allowed to make use of this map.
Allowed values are:
>
An IP address (A.B.C.D or A.D, meaning A.0.0.D).
>
A range of IP addresses (A.B.C.[D-E]).
>
An IP subnet (A.B.C.D/M).
>
* (all addresses).
The default is the inside_addr.
The range of destination addresses to which the mapping is restricted.
This parameter is used as filter for inbound/outbound traffic.
>
Inbound: This map only applies if the source IP address is part of the foreign address(es).
>
Outbound: This map only applies if the destination IP address is part of the foreign address(es).
Allowed values are:
>
An IP address (A.B.C.D or A.D, meaning A.0.0.D).
>
A range of IP addresses (A.B.C.[D-E]).
>
An IP subnet (A.B.C.D/M).
>
* (all addresses).
The default is * (meaning all addresses).
REQUIRED for NAT maps and NAPT maps.
OPTIONAL for portshifting maps.
OPTIONAL for NAT maps and NAPT maps.
REQUIRED for portshifting maps.
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
577
578
NAT Commands protocol outside_port inside_port mode
The IP protocol to be used as filter for inbound/outbound traffic.
The NAT map only applies if the protocol of the IP packet matches the map protocol.
Select an IP protocol (see “ Supported IP Protocols” on page 746 )
or, alternatively, type the protocol number.
The default is
0
(meaning any protocol).
The outside port number or range (only for maps of type
napt
).
>
For a NAPT map:
Represents the range of TCP/UDP ports to be used as dynamic port range during the NAPT process.
>
For a port-shifting map:
Represents the source port(s) to be translated (shifted) into
inside_port
.
Allowed values are:
>
TCP/UDP port range [P-Q] (with Q > P)
>
TCP/UDP port number (only for port-shifting maps).
The inside port number or range (only for maps of type
napt
).
If this parameter is specified for a map of type
napt
, then this map is a port-shifting map.
Represents the target TCP/UDP ports to which the traffic has to be shifted.
Allowed values are:
>
TCP/UDP port range [P-Q] (with Q > P)
>
TCP/UDP port number (only for port-shifting maps).
Note
The size of
inside_port
must be identical to the size of
outside_port
.
The mode to create the portmap.
Choose between:
>
auto
>
inbound
>
outbound.
The standard is
auto
.
OPTIONAL
OPTIONAL for NAPT map.
REQUIRED for portshifting map.
REQUIRED for portshifting map
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
NAT Commands
EXAMPLE:
=>nat tmpladd intf=myPPP_ppp type=napt outside_addr=100.100.100.1
=>nat tmpllist
Idx Type Interface
Use
Ifgroup Outside Address Inside Address unmapped 1 NAPT myPPP_ppp
0
Idx Type Interface
Use any 100.100.100.1
=>nat tmpladd group=lan type=napt outside_addr=100.200.100.1
=>nat tmpllist
Ifgroup Outside Address Inside Address
=>
1 NAPT any
0
2 NAPT myPPP_ppp
0 lan any
100.200.100.1
100.100.100.1
unmapped unmapped
RELATED COMMANDS:
Delete an address mapping template.
Display the address mapping templates.
Instantiate address mapping templates for a given dynamic address.
E-DOC-CTC-20061027-0003 v2.0
579
NAT Commands
nat tmpldelete
Delete an address mapping template.
SYNTAX:
nat tmpldelete where: index index = <number>
The index of the address mapping template to be deleted.
Tip
Use the command
:nat tmpllist to view the address mapping templates.
REQUIRED
EXAMPLE:
=>nat tmpllist
Idx Type Interface
Use
1 NAPT any
0
2 NAPT myPPP_ppp
0
=>nat tmpldelete index=1
=>nat tmpllist
Idx Type Interface
Use
1 NAPT myPPP_ppp
=>
0
Ifgroup Outside Address lan any any
100.200.100.1
100.100.100.1
Ifgroup Outside Address
100.100.100.1
RELATED COMMANDS:
Inside Address unmapped unmapped
Inside Address unmapped
Add an address mapping template.
Display the address mapping templates.
Instantiate address mapping templates for a given dynamic address.
E-DOC-CTC-20061027-0003 v2.0
580
NAT Commands
nat tmpllist
Display the address mapping templates.
SYNTAX:
nat tmpllist where: expand
[expand = <{disabled | enabled}>]
Enable or disable expanded listing.
The default is
disabled
.
OPTIONAL
EXAMPLE:
=>nat tmpllist
Idx Type Interface
Use
1 NAPT any
=>
0
0
2 NAPT myPPP_ppp
RELATED COMMANDS:
Ifgroup Outside Address lan 100.200.100.1
any 100.100.100.1
Inside Address unmapped unmapped
Add an address mapping template.
Delete an address mapping template.
Instantiate address mapping templates for a given dynamic address.
E-DOC-CTC-20061027-0003 v2.0
581
NAT Commands
nat tmplinst
Instantiate address mapping templates for a given dynamic address.
SYNTAX:
nat tmplinst intf = <string> addr_index = <ip-address> dynamic_addr = <ip-address> where: intf addr_index dynamic_addr
The IP interface name.
The outside IP address index/key to instantiate for.
The dynamic address to substitute the index/key with.
EXAMPLE:
=>nat tmplinst intf=myPPP_ppp addr_index=100.100.100.1 dynamic_addr=200.200.200.1
=>nat tmpllist
Idx Type Interface
Use
Ifgroup Outside Address Inside Address any 100.100.100.1
unmapped
=>
1 NAPT myPPP_ppp
1
RELATED COMMANDS:
Add an address mapping template.
Delete an address mapping template.
Display the address mapping templates.
REQUIRED
REQUIRED
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
582
PPP Commands
30 PPP Commands
Introduction
This chapter describes the commands of the ppp command group.
Contents
This chapter covers the following commands:
Configure a PPP interface.
Scan a PPPoE interface for available Access Concentrator and
Add a route to the routing table when the PPP link comes up.
Delete the route for a PPP link.
Remove all Ethernet interfaces from the PPP relay agent list and terminate all sessions.
Add an Ethernet interface to the PPP relay list.
Modify an ethernet interface from the PPP relay agent list.
Delete an Ethernet interface from the PPP relay agent list.
Display all Ethernet interfaces added to the PPP relay agent list.
Add an Ethernet interface to the PPP relay list.
E-DOC-CTC-20061027-0003 v2.0
583
ppp flush
Flush all PPP interfaces.
i
The flush command does not impact previously saved configurations.
SYNTAX:
ppp flush
PPP Commands
584
E-DOC-CTC-20061027-0003 v2.0
PPP Commands
ppp ifadd
Create a new PPP interface.
SYNTAX:
ppp ifadd where: intf intf = <string>
The name for the new PPP interface.
Note
If not specified, the destination parameter must be specified.
In this case the name of the destination will double as interface name.
REQUIRED
EXAMPLE:
=>ppp iflist
Internet: dest : RELAY
Retry : 10 mode = IP routing
[00:00:00] flags = echo magic accomp restart mru addr savepwd demanddial dns metric = 0 mru = 1492 Tx inactivity = 1200s left = 0s auth = auto user = admin state = down password = oper state = down link state = not-connected
LCP : state = initial retransm = 10 term. reason =
IPCP: state = initial retransm = 0 term. reason = acname : --service : ---
=>ppp ifadd intf=Rt_PPPoA
=>ppp iflist
Internet: dest : RELAY [00:00:00]
Retry : 10 mode = IP routing flags = echo magic accomp restart mru addr savepwd demanddial dns metric = 0 mru = 1492 Tx inactivity = 1200s left = 0s auth = auto user = password = admin state = down oper state = down link state = not-connected
LCP : state = initial retransm = 10 term. reason =
IPCP: state = initial retransm = 0 term. reason = acname : --service : ---
Rt_PPPoA: dest :
Retry : 10
[00:00:00] mode = IP routing flags = echo magic accomp restart mru addr savepwd dns metric = 0 mru = 1500 auth = auto user = admin state = down password = oper state = down link state = not-connected
LCP : state = initial retransm = 10 term. reason =
IPCP: state = initial retransm = 0 term. reason =
=>
E-DOC-CTC-20061027-0003 v2.0
585
RELATED COMMANDS:
PPP Commands
586
E-DOC-CTC-20061027-0003 v2.0
PPP Commands
ppp ifattach
Attach a PPP interface.
SYNTAX:
ppp ifattach where: intf intf = <string>
The name of the PPP interface to be attached.
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
587
EXAMPLE:
=>ppp iflist
Internet: dest : RELAY
Retry : 10 mode = IP routing
[00:00:00] flags = echo magic accomp restart mru addr savepwd demanddial dns metric = 0 mru = 1492 Tx inactivity = 1200s left = 0s auth = auto user = admin state = down password = oper state = down link state = not-connected
LCP : state = initial retransm = 10 term. reason =
IPCP: state = initial retransm = 0 term. reason = acname : --service : ---
Rt_PPPoA: dest : RtPPPoA_atm
Retry : 10
[00:00:00] mode = IP routing flags = echo magic accomp restart mru addr route savepwd dns metric = 0 mru = 1500 route : dst=0.0.0.0/0 - src=10.0.0.0/1 (metric 1) auth = auto user = johndoe@ISP password = ******** admin state = down oper state = down link state = not-connected
LCP : state = initial retransm = 10 term. reason =
IPCP: state = initial retransm = 0 term. reason =
=>ppp ifattach intf=Rt_PPPoA
=>ppp iflist
Internet: dest : RELAY
Retry : 10
[00:00:00] mode = IP routing flags = echo magic accomp restart mru addr savepwd demanddial dns metric = 0 mru = 1492 Tx inactivity = 1200s left = 0s auth = auto user = password = admin state = down oper state = down link state = not-connected
LCP : state = initial retransm = 10 term. reason =
IPCP: state = initial retransm = 0 term. reason = acname : --service : ---
Rt_PPPoA: dest : RtPPPoA_atm
Retry : 10 mode = IP routing
[00:00:00] flags = echo magic accomp restart mru addr route savepwd dns metric = 0 mru = 1500 route : dst=0.0.0.0/0 - src=10.0.0.0/1 (metric 1) auth = auto user = johndoe@ISP password = ******** admin state = up oper state = down link state = connected
LCP : state = reqsent retransm = 1 term. reason =
IPCP: state = initial retransm = 0 term. reason =
=>
RELATED COMMANDS:
ppp ifdetach Detach a PPP interface.
PPP Commands
E-DOC-CTC-20061027-0003 v2.0
588
PPP Commands
ppp ifconfig
Configure a PPP interface.
i
The interface to be configured must not be connected at the time of configuration. If this should be the case, use the command :ppp ifdetach before using the command :ppp ifconfig.
SYNTAX:
ppp ifconfig intf = <string>
[dest = <string>]
[user = <string>]
[password = <password>
[acname = <quoted string>
[servicename = <quoted string>
[pcomp = <{disabled | enabled}>
[accomp = <{enabled | disabled | negotiate}>]
[trace = <{disabled | enabled}>]
[concentrator = <{disabled | enabled}>]
[auth = <{pap | chap | auto}>]
[restart = <{disabled | enabled}>]
[retryinterval = <number{0-65535}>]
[passive = <{disabled | enabled}>]
[silent = <{disabled | enabled}>]
[echo = <{disabled | enabled}>]
[mru = <number{293-8192}>]
[laddr = <ip-address>]
[raddr = <ip-address>]
[netmask = <ip-mask(dotted or cidr)>]
[format = <{cidr | dotted | none}>]
[pool = <none>]
[savepwd = <{disabled | enabled}>]
[demanddial = <{disabled | enabled}>]
[doddelay = <number{0-3600}>]
[primdns = <ip-address>]
[secdns = <ip-address>]
[dnsmetric = <number{0-100}>]
[idletime = <number{0-1000000}>]
[idletrigger = <{RxTx | Rx | Tx}>]
[unnumbered = <{disabled | enabled}>] where: intf dest user
The name of the PPP interface to be configured.
The destination for this PPP interface.
Typically, a phonebook entry.
If an Ethernet interface is given as destination, then the connection will be a PPPoE connection.
If an ATM interface is given as destination, then the connection will be a PPPoA connection.
The user name for remote PAP/CHAP authentication.
REQUIRED
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
589
590
PPP Commands password acname servicename pcomp accomp trace concentrator auth restart retryinterval passive
The password for remote PAP/CHAP authentication.
The Access Concentrator name for a PPPoE session.
Tip
Use the command
:ppp ifscan to obtain the names of available access concentrators, if any.
The Service Name for a PPPoE session.
Tip
Use the command
:ppp ifscan to obtain the available service names, if any.
Try (enabled) or do not try (disabled) to negotiate PPP protocol compression (LCP PCOMP).
The default is
disabled
.
Try (enabled), do never try (disabled) or negotiate (negotiate) to negotiate PPP address & control field compression (LCP ACCOMP).
In most cases, LCP ACCOMP should not be disabled nor negotiated, in other words, the address field FF-03 should not be sent over ATM.
The default is
enabled
.
Note
If the accomp parameter is set to “negotiate”, the local side of the PPP connection demands to do ACCOMP and adapts itself to the result of this negotiation.
Enable or disable verbose console logging.
The default is
disabled
.
The access concentrator is on this side of the PPPoE connection.
Choose between:
>
enabled
: the PPP connection is terminated on the Access
Concentrator (here the Thomson ST itself)
>
disabled
: the Thomson ST is PPP client.
The default is
disabled
.
Select the authentication protocol.
Choose between:
>
pap
: Password Authentication Protocol (PAP) authentication will be forced.
>
chap
: Challenge Handshake Authentication Protocol (CHAP) authentication will be forced.
>
auto
: CHAP authentication will be used. If CHAP authentication is not successful, PAP authentication will be used instead.
The default is
auto
.
Automatically restart the connection when Link Control
Protocol (LCP) link goes down (enabled) or not (disabled).
The default is
disabled
.
A number between 0 and 65535 (seconds).
Represents the intermediate interval between two retries to establish the connection on ATM level.
The default is
10
.
Put the link in listening state in case LCP times out (enabled) or not
(disabled).
This parameter allows to determine whether the link should be left open to wait for incoming messages from the remote side after 10 unsuccessful tries to establish the connection or not.
The default is
disabled
.
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
PPP Commands silent echo mru laddr raddr netmask format pool savepwd demanddial doddelay primdns secdns
Do not send anything at startup and just listen for incoming LCP messages (enabled) or retry up to 10 times to establish the connection (disabled).
The default is
disabled
.
Send LCP echo requests at regular intervals (enabled) or not
(disabled).
The default is
disabled
.
A number between 293 and 8192.
Represents the maximum packet size the Thomson ST should negotiate to be able to receive.
The default is
1492
.
The local IP address of the peer-to-peer connection.
Specifying a local IP address forces the remote side of the PPP link (if it allows to) to accept this IP address as the Thomson ST PPP session
IP address.
If not specified, the Thomson ST will accept any IP address.
Typically the local IP address parameter is not specified.
The remote IP address of the peer-to-peer connection.
Specifying a remote IP address forces the remote side of the PPP link
(if it allows to) to accept this IP address as its PPP session IP address.
If not specified, the Thomson ST will accept any IP address.
Typically the remote IP address parameter is not specified.
The subnetmask associated with this address.
Specifying a subnetmask forces the remote side (if it allows to) to accept this subnetmask as the PPP session subnetmask.
If not specified, the Thomson ST will accept any subnetmask.
The Thomson ST will only request/accept a subnetmask if a DHCP server pool is associated, in other words, if the [pool] parameter is specified.
The negotiated subnetmask specified in the netmask parameter is specified in the dotted format (dotted) or in Classless Inter Domain
Routing (CIDR) format (cidr).
The default is
cidr
.
The name of the free DHCP server pool to which the acquired IP subnet must be assigned.
Save password (enabled), if supplied, or do not save the password
(disabled).
The default is
disabled
.
Enable or disable the dial-on-demand feature.
The default is
disabled
.
A number between 0 and 3600 (seconds).
During this initial interval, packets do not trigger the PPP interface.
The IP address of the primary DNS server.
In case a primary DNS server is specified, the Thomson ST will negotiate this IP address with the remote side.
Note
If not specified, the Thomson ST will accept any IP address.
The IP address of the (optional) secondary DNS server.
In case a secondary DNS server is specified, the Thomson ST will negotiate this IP address with the remote side.
Note
If not specified, the Thomson ST will accept any IP address.
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
591
PPP Commands dnsmetric idletime idletrigger unnumbered
A number between 1 and 100.
Represents the DNS route metric to be used for the negotiated DNS servers.
The default is
1
.
A number between 0 and 1000000 (seconds).
Represents the maximum time the link may be idle.
The default is
0
.
Consider the link being idle if no traffic is sent and/or received during the idle time. Choose between:
>
RxTx
: The idle time period restarts when a packet is transmitted or received.
>
Rx
: The idle time period restarts when a packet is received.
Transmitted packets are ignored.
>
Tx
: The idle time period restarts when a packet is transmitted.
Received packets are ignored.
The default is
RxTx
.
Takes the local IP address from the laddr
field and remote IP address from the IP address pool assigned to the incoming PPP link.
In case the unnumbered parameter is disabled, the same IP address is used for each connection on the server side, thus reducing the number of used IP addresses.
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
592
E-DOC-CTC-20061027-0003 v2.0
PPP Commands
EXAMPLE:
=>ppp iflist
Internet: dest : RELAY
Retry : 10 mode = IP routing
[00:00:00] flags = echo magic accomp restart mru addr savepwd demanddial dns metric = 0 mru = 1492 Tx inactivity = 1200s left = 0s auth = auto user = admin state = down password = oper state = down link state = not-connected
LCP : state = initial retransm = 10 term. reason =
IPCP: state = initial retransm = 0 term. reason = acname : --service : ---
Rt_PPPoA: dest :
Retry : 10
[00:00:00] mode = IP routing flags = echo magic accomp restart mru addr savepwd dns metric = 0 mru = 1500 auth = auto user = password = admin state = down oper state = down link state = not-connected
LCP : state = initial retransm = 10 term. reason =
IPCP: state = initial retransm = 0 term. reason =
=> ppp ifconfig intf=Rt_PPPoA dest=RtPPPoA_atm user=johndoe@ISP password=johndoe
[ppp]=>iflist
Internet: dest : RELAY
Retry : 10
[00:00:00] mode = IP routing flags = echo magic accomp restart mru addr savepwd demanddial dns metric = 0 mru = 1492 Tx inactivity = 1200s left = 0s auth = auto user = password = admin state = down oper state = down link state = not-connected
LCP : state = initial retransm = 10 term. reason =
IPCP: state = initial retransm = 0 term. reason = acname : --service : ---
Rt_PPPoA: dest : RtPPPoA_atm [00:00:00]
Retry : 10 mode = IP routing flags = echo magic accomp restart mru addr savepwd dns metric = 0 mru = 1500 auth = auto user = johndoe@ISP password = ******** admin state = down oper state = down link state = not-connected
LCP : state = initial retransm = 10 term. reason =
IPCP: state = initial retransm = 0 term. reason =
=>
E-DOC-CTC-20061027-0003 v2.0
593
PPP Commands
ppp ifdelete
Delete a PPP interface.
SYNTAX:
ppp ifdelete where: intf intf = <intfname>
The name of the PPP interface to be deleted.
EXAMPLE:
=>ppp iflist
Internet: dest : RELAY
Retry : 10 mode = IP routing
[00:00:00] flags = echo magic accomp restart mru addr savepwd demanddial dns metric = 0 mru = 1492 Tx inactivity = 1200s left = 0s auth = auto user = admin state = down password = oper state = down link state = not-connected
LCP : state = initial retransm = 10 term. reason =
IPCP: state = initial retransm = 0 term. reason = acname : --service : ---
Rt_PPPoA: dest : RtPPPoA_atm [local disconnect]
Retry : 10
[00:00:00] mode = IP routing flags = echo magic accomp restart mru addr savepwd dns metric = 0 mru = 1500 auth = auto user = johndoe@ISP password = ******** admin state = down oper state = down link state = not-connected
LCP : state = initial retransm = 9 term. reason = User kill
IPCP: state = initial retransm = 0 term. reason =
=>ppp ifdelete intf=Rt_PPPoA
=>ppp iflist
Internet: dest : RELAY
Retry : 10
[00:00:00] mode = IP routing flags = echo magic accomp restart mru addr savepwd demanddial dns metric = 0 mru = 1492 Tx inactivity = 1200s left = 0s auth = auto user = password = admin state = down oper state = down link state = not-connected
LCP : state = initial retransm = 10 term. reason =
IPCP: state = initial retransm = 0 term. reason = acname : --service : ---
=>
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
594
PPP Commands
RELATED COMMANDS:
E-DOC-CTC-20061027-0003 v2.0
595
PPP Commands
ppp ifdetach
Detach a PPP interface.
SYNTAX:
ppp ifdetach where: intf intf = <intfname>
The name of the PPP interface to be detached.
REQUIRED
596
E-DOC-CTC-20061027-0003 v2.0
PPP Commands
EXAMPLE:
=>ppp iflist
Internet: dest : RELAY
Retry : 10 mode = IP routing
[00:00:00] flags = echo magic accomp restart mru addr savepwd demanddial dns metric = 0 mru = 1492 Tx inactivity = 1200s left = 0s auth = auto user = admin state = down password = oper state = down link state = not-connected
LCP : state = initial retransm = 10 term. reason =
IPCP: state = initial retransm = 0 term. reason = acname : --service : ---
Rt_PPPoA: dest : RtPPPoA_atm
Retry : 10
[00:00:00] mode = IP routing flags = echo magic accomp restart mru addr route savepwd dns metric = 0 mru = 1500 route : dst=0.0.0.0/0 - src=10.0.0.0/1 (metric 1) auth = auto user = johndoe@ISP password = ******** admin state = up oper state = down link state = connected
LCP : state = reqsent retransm = 5 term. reason =
IPCP: state = initial retransm = 0 term. reason =
=>ppp ppp ifdetach intf=Rt_PPPoA
=>ppp iflist
Internet: dest : RELAY
Retry : 10
[00:00:00] mode = IP routing flags = echo magic accomp restart mru addr savepwd demanddial dns metric = 0 mru = 1492 Tx inactivity = 1200s left = 0s auth = auto user = password = admin state = down oper state = down link state = not-connected
LCP : state = initial retransm = 10 term. reason =
IPCP: state = initial retransm = 0 term. reason = acname : --service : ---
Rt_PPPoA: dest : RtPPPoA_atm [local disconnect]
Retry : 10 mode = IP routing
[00:00:00] flags = echo magic accomp restart mru addr route savepwd dns metric = 0 mru = 1500 route : dst=0.0.0.0/0 - src=10.0.0.0/1 (metric 1) auth = auto user = johndoe@ISP password = ******** admin state = down oper state = down link state = not-connected
LCP : state = initial retransm = 9 term. reason = User kill
IPCP: state = initial retransm = 0 term. reason =
=>
RELATED COMMANDS:
ppp ifattach Attach a PPP interface.
E-DOC-CTC-20061027-0003 v2.0
597
PPP Commands
ppp iflist
Display the PPP interfaces.
SYNTAX:
ppp iflist [intf = <intfname>]
[string = <string>]
[beginstring = <string>] where: intf string beginstring
The name of the PPP interface.
Note
If not specified, all PPP interfaces are shown.
string matching condition beginstring matching condition
EXAMPLE INPUT/OUTPUT :
=>ppp iflist
Internet: dest : RELAY
Retry : 10 mode = IP routing
[00:00:00] flags = echo magic accomp restart mru addr savepwd demanddial dns metric = 0 mru = 1492 Tx inactivity = 1200s left = 0s auth = auto user = admin state = down password = oper state = down link state = not-connected
LCP : state = initial retransm = 10 term. reason =
IPCP: state = initial retransm = 0 term. reason = acname : --service : ---
Rt_PPPoA: dest : RtPPPoA_atm
Retry : 10
[00:00:00] mode = IP routing flags = echo magic accomp restart mru addr route savepwd dns metric = 0 mru = 1500 route : dst=0.0.0.0/0 - src=10.0.0.0/1 (metric 1) auth = auto user = johndoe@ISP password = ******** admin state = up oper state = down link state = connected
LCP : state = reqsent retransm = 1 term. reason =
IPCP: state = initial retransm = 0 term. reason =
=>
RELATED COMMANDS:
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
598
PPP Commands
ppp ifscan
Scan a PPPoE interface for available Access Concentrator and Service names.
i
Use the command
:ppp ifdetach for this interface before performing a scan on it.
SYNTAX:
ppp ifscan where: intf time intf = <string>
[time = <number{0-36000}>]
The name of the PPPoE interface to be scanned.
A number between 0 and 36000 (seconds).
Represents the time to scan for services.
REQUIRED
OPTIONAL
EXAMPLE:
=>ppp iflist myRtPPPoE: dest : RtPPPoE_eth
Retry : 10 mode = IP routing
[00:00:00] flags = echo magic accomp restart mru addr route savepwd dns metric = 0 mru = 1492 route : dst=0.0.0.0/0 - src=10.0.0.0/1 (metric 1) auth = auto user = johndoe@ISP password = ******** admin state = down oper state = down link state = not-connected
LCP : state = initial retransm = 9 term. reason =
IPCP: state = initial retransm = 0 term. reason = acname : --service : ---
=>ppp ifscan intf=myRtPPPoE time=45
Service Name Access Concentrator
Done !
=>
E-DOC-CTC-20061027-0003 v2.0
599
PPP Commands
ppp rtadd
Add a route to the routing table when the PPP link comes up.
This route configuration will determine which local hosts are allowed to use this link and/or which remote destinations should be or should not be reachable.
i
The interface must not be connected when a route configuration is added. If this should be the case, use the command
:ppp ifdetach for this interface prior to configuring routes.
SYNTAX:
ppp rtadd intf = <intfname> dst = <ip-address>
[dstmsk = <ip-mask(dotted or cidr)>]
[label = <string>]
[src = <ip-address>]
[srcmsk = <ip-mask(dotted or cidr)>]
[metric = <number{0-100}>] where: intf dst dstmsk label src srcmsk
The name of the PPP interface.
The IP destination address specification for the route to be added when the link comes up.
The destination IP mask.
Depending on the destination netmask:
>
Any remote destination is reachable, in other words, the PPP connection acts as default route ( dstmsk=0 )
>
Only the remote (sub)net is reachable ( dstmsk=1
)
>
The actual destination mask will be the default netmask applicable for destination IP address
>
Only the single remote host is reachable ( dstmsk=32 )
>
Any valid (contiguous) netmask in case of Variable Length
Subnet Masking (VLSM).
The name of the label.
The IP source address specification for the route (in other words, who can use this link).
The source IP mask.
Depending on the source netmask:
>
Everybody is allowed to use this PPP connection ( dstmsk=0
)
>
Only members of the same subnet as the host which opened the
PPP connection are allowed to use the PPP connection
( dstmsk=1 )
>
The actual destination mask will be the netmask applicable for the IP address of the host which opened the PPP connection
>
Only the host which opened the PPP connection is allowed to use the PPP connection ( dstmsk=32 )
>
Any valid (contiguous) netmask in case of VLSM.
REQUIRED
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
600
PPP Commands metric The route metric, in other words, the cost factor of the route.
Practically, the cost is determined by the hop count.
EXAMPLE:
=>ppp iflist
Internet: dest : RELAY
Retry : 10 mode = IP routing
[00:00:00] flags = echo magic accomp restart mru addr savepwd demanddial dns metric = 0 mru = 1492 Tx inactivity = 1200s left = 0s auth = auto user = admin state = down password = oper state = down link state = not-connected
LCP : state = initial retransm = 10 term. reason =
IPCP: state = initial retransm = 0 term. reason = acname : --service : ---
Rt_PPPoA: dest : RtPPPoA_atm
Retry : 10
[00:00:00] mode = IP routing flags = echo magic accomp restart mru addr savepwd dns metric = 0 mru = 1500 auth = auto user = johndoe@ISP password = ******** admin state = down oper state = down link state = not-connected
LCP : state = initial retransm = 10 term. reason =
IPCP: state = initial retransm = 0 term. reason =
=>ppp rtadd intf=Rt_PPPoA dst=0.0.0.0/0 src=10.0.0.0/1
=>ppp iflist
Internet: dest : RELAY
Retry : 10
[00:00:00] mode = IP routing flags = echo magic accomp restart mru addr savepwd demanddial dns metric = 0 mru = 1492 Tx inactivity = 1200s left = 0s auth = auto user = password = admin state = down oper state = down link state = not-connected
LCP : state = initial retransm = 10 term. reason =
IPCP: state = initial retransm = 0 term. reason = acname : --service : ---
Rt_PPPoA: dest : RtPPPoA_atm
Retry : 10
[00:00:00] mode = IP routing flags = echo magic accomp restart mru addr route savepwd dns metric = 0 mru = 1500 route : dst=0.0.0.0/0 - src=10.0.0.0/1 (metric 1) auth = auto user = johndoe@ISP password = ******** admin state = down oper state = down link state = not-connected
LCP : state = initial retransm = 10 term. reason =
IPCP: state = initial retransm = 0 term. reason =
=>
RELATED COMMANDS:
ppp rtdelete Delete the route for a PPP link.
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
601
PPP Commands
ppp rtdelete
Delete the route for a PPP link.
i
The interface must not be connected when a route configuration must be deleted. If the interface is connected, use the command
:ppp ifdetach for this interface.
SYNTAX:
ppp rtdelete where: intf intf = <intfname>
The PPP interface name for which to delete the route settings.
REQUIRED
602
E-DOC-CTC-20061027-0003 v2.0
PPP Commands
EXAMPLE:
=>ppp iflist
Internet: dest : RELAY
Retry : 10 mode = IP routing
[00:00:00] flags = echo magic accomp restart mru addr savepwd demanddial dns metric = 0 mru = 1492 Tx inactivity = 1200s left = 0s auth = auto user = admin state = down password = oper state = down link state = not-connected
LCP : state = initial retransm = 10 term. reason =
IPCP: state = initial retransm = 0 term. reason = acname : --service : ---
Rt_PPPoA: dest : RtPPPoA_atm [local disconnect]
Retry : 10
[00:00:00] mode = IP routing flags = echo magic accomp restart mru addr route savepwd dns metric = 0 mru = 1500 route : dst=0.0.0.0/0 - src=10.0.0.0/1 (metric 1) auth = auto user = johndoe@ISP password = ******** admin state = down oper state = down link state = not-connected
LCP : state = initial retransm = 9 term. reason = User kill
IPCP: state = initial retransm = 0 term. reason =
=>ppp ppp rtdelete intf=Rt_PPPoA
=>ppp iflist
Internet: dest : RELAY
Retry : 10
[00:00:00] mode = IP routing flags = echo magic accomp restart mru addr savepwd demanddial dns metric = 0 mru = 1492 Tx inactivity = 1200s left = 0s auth = auto user = password = admin state = down oper state = down link state = not-connected
LCP : state = initial retransm = 10 term. reason =
IPCP: state = initial retransm = 0 term. reason = acname : --service : ---
Rt_PPPoA: dest : RtPPPoA_atm [local disconnect]
Retry : 10 mode = IP routing
[00:00:00] flags = echo magic accomp restart mru addr savepwd dns metric = 0 mru = 1500 auth = auto user = johndoe@ISP password = ******** admin state = down oper state = down link state = not-connected
LCP : state = initial retransm = 9 term. reason = User kill
IPCP: state = initial retransm = 0 term. reason =
=>
RELATED COMMANDS:
ppp rtadd Add a route to the routing table when the PPP link comes up.
E-DOC-CTC-20061027-0003 v2.0
603
ppp relay flush
Remove all Ethernet interfaces from the PPP relay agent list and terminate all sessions.
i
The flush command does not impact previously saved configurations.
SYNTAX:
ppp relay flush
PPP Commands
604
E-DOC-CTC-20061027-0003 v2.0
PPP Commands
ppp relay ifadd
Add an Ethernet interface to the PPP relay list.
SYNTAX:
ppp relay ifadd where: intf intf = <string>
The Ethernet interface to be added to the PPP relay agent list.
REQUIRED
EXAMPLE:
=>ppp relay iflist
# Interface HWaddr
1 ethoa_0_35
=>ppp relay ifadd intf=ethoa_8_35
Status
00-0e-50-0f-fc-2d connected
=>ppp relay iflist
# Interface
1 ethoa_0_35
2 ethoa_8_35
HWaddr Status
00-0e-50-0f-fc-2d connected
00-0e-50-0f-fc-2d connected
=>
RELATED COMMANDS:
Delete an Ethernet interface from the PPP relay agent list.
Display all Ethernet interfaces added to the PPP relay agent list.
E-DOC-CTC-20061027-0003 v2.0
605
PPP Commands
ppp relay ifconfig
Modify an ethernet interface from the PPP relay agent list.
SYNTAX:
ppp relay ifconfig where: inft hwaddr intf = <string> hwaddr = <hardware-address>
The ethernet intf to be added to the PPP relay agent list.
The hardware address (e.g. Ethernet MAC address) of this interface.
REQUIRED
REQUIRED
606
E-DOC-CTC-20061027-0003 v2.0
PPP Commands
ppp relay ifdelete
Delete an Ethernet interface from the PPP relay agent list.
SYNTAX:
ppp relay ifdelete where: intf intf = <string>
The Ethernet interface to be deleted from the PPP relay agent list.
REQUIRED
EXAMPLE:
=>ppp relay iflist
# Interface
1 ethoa_0_35
2 ethoa_8_35
HWaddr Status
00-0e-50-0f-fc-2d connected
00-0e-50-0f-fc-2d connected
=>ppp relay ifdelete intf=ethoa_8_35
=>ppp relay iflist
# Interface
1
=> ethoa_0_35
HWaddr Status
00-0e-50-0f-fc-2d connected
RELATED COMMANDS:
Add an Ethernet interface to the PPP relay list.
Display all Ethernet interfaces added to the PPP relay agent list.
E-DOC-CTC-20061027-0003 v2.0
607
PPP Commands
ppp relay iflist
Display all Ethernet interfaces added to the PPP relay agent list.
SYNTAX:
ppp relay iflist where: intf The Ethernet interface to be added to the PPP relay agent list.
EXAMPLE:
=>ppp relay iflist
# Interface
1 ethoa_0_35
2 ethoa_8_35
=>
HWaddr Status
00-0e-50-0f-fc-2d connected
00-0e-50-0f-fc-2d connected
RELATED COMMANDS:
Add an Ethernet interface to the PPP relay list.
Delete an Ethernet interface from the PPP relay agent list.
REQUIRED
608
E-DOC-CTC-20061027-0003 v2.0
PPP Commands
ppp relay sesslist
Add an Ethernet interface to the PPP relay list.
SYNTAX:
ppp relay ifadd where: intf intf = <string>
The Ethernet interface to be added to the PPP relay agent list.
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
609
PPP Commands
610
E-DOC-CTC-20061027-0003 v2.0
PPTP Commands
31 PPTP Commands
Introduction
This chapter describes the commands of the pptp command group.
Contents
This chapter covers the following commands:
Add a Point-to-Point Tunneling Protocol (PPTP) profile.
Flush the complete PPTP configuration.
Show the current PPTP configuration.
Display all the current PPTP profiles.
E-DOC-CTC-20061027-0003 v2.0
611
PPTP Commands
pptp ifadd
Add a Point-to-Point Tunneling Protocol (PPTP) profile.
i
Backwards compatible with previous release, use profiles instead.
SYNTAX:
pptp ifadd dest = <string>
[rate = <number{10-10000}>]
[encaps = <{vcmux | nlpid}>]
[ac = <{never | always | keep}>] where: dest rate encaps ac
The WAN destination for this PPTP tunnel.
Typically a phonebook entry.
A number between 10 and 10000.
Represents the transmission speed (in bits/s) for the WAN link.
The type of WAN encapsulation to be used with this PPTP profile.
Choose between:
>
VC_MUX
>
Network Layer Protocol IDentifiers (NLPID).
The default is
vcmux
.
The High-level Data Link Control (HDLC) framing option applicable to PPTP interfaces using this PPTP profile.
Choose between:
>
always
: Before relaying the encapsulated PPP frames over the
PPPoA link, make sure that the address and control field
(0xFF03) is always in front of the frames.
>
never
: Before relaying the encapsulated PPP frames over the
PPPoA link, make sure the address and control field will never be found in front of the frames.
>
keep
: Do not change the frames arriving via the PPTP tunnel.
The default is
never
.
Note
The default setting is compliant to RFC2364, therefore it is recommended to keep this setting.
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
612
PPTP Commands
pptp flush
Flush the complete PPTP configuration.
i
The flush command does not impact previously saved configurations.
SYNTAX:
pptp flush
E-DOC-CTC-20061027-0003 v2.0
613
PPTP Commands
pptp list
Show the current PPTP configuration.
SYNTAX:
pptp list
EXAMPLE:
=>pptp list
Dialstr Destination
DIALUP_PPP3
=>
QoS default
Encaps vcmux
AC never
State
CONNECTED
User
(10.0.0.2)
614
E-DOC-CTC-20061027-0003 v2.0
PPTP Commands
pptp profadd
Define a new PPTP profile.
SYNTAX:
pptp profadd name = <string>
[qos = <string>]
[encaps = <{vcmux | nlpid}>]
[ac = <{never | always | keep}>] where: name qos encaps ac
The name of the new PPTP profile.
The name of the qosbook entry, containing the settings for this profile.
Note
This parameter never needs to be specified.
The type of WAN protocol encapsulation to be used with this PPTP profile.
Choose between:
>
VC-MUX
>
NLPID.
The default is
vcmux
.
The HDLC framing option applicable to PPTP interfaces using this
PPTP profile.
Choose between:
>
always
: Before relaying the encapsulated PPP frames over the
PPPoA link, make sure that the address and control field
(0xFF03) is always in front of the frames.
>
never
: Before relaying the encapsulated PPP frames over the
PPPoA link, make sure the address and control field will never be found in front of the frames.
>
keep
: Do not change the frames arriving via the PPTP tunnel.
The default is
never
.
Note
The default setting is compliant to RFC2364, therefore it is recommended to keep this setting.
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
EXAMPLE:
=>pptp proflist
Profile
Relay_PPP1
QoS Encaps default nlpid
AC always
=>pptp profadd name=PPTPLink encaps=vcmux ac=never
=>pptp proflist
Profile
Relay_PPP1
PPTPLink
=>
QoS Encaps default nlpid default vcmux
AC always never
E-DOC-CTC-20061027-0003 v2.0
615
RELATED COMMANDS:
Display all the current PPTP profiles.
PPTP Commands
616
E-DOC-CTC-20061027-0003 v2.0
PPTP Commands
pptp profdelete
Delete a PPTP profile.
SYNTAX:
pptp profdelete where: name name <string>
The name of the PPTP profile to be deleted.
EXAMPLE:
=>pptp proflist
Profile
Relay_PPP1
QoS Encaps default nlpid
PPTPLink default vcmux
=>pptp profdelete name=PPTPLink
=>pptp proflist
Profile
Relay_PPP1
QoS Encaps default nlpid
=>
AC always never
AC always
RELATED COMMANDS:
Display all the current PPTP profiles.
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
617
pptp proflist
Display all the current PPTP profiles.
SYNTAX:
pptp proflist
EXAMPLE:
=>pptp proflist
Profile
Relay_PPP1
QoS Encaps default nlpid
PPTPLink
=> default vcmux
AC always never
RELATED COMMANDS:
PPTP Commands
618
E-DOC-CTC-20061027-0003 v2.0
Script Commands
32 Script Commands
Introduction
This chapter describes the commands of the script command group.
Scripting is not a general purpose mechanism but is only used in the autoPVC/ILMI mechanism.
!
It is recommended not to change the default scripts.
Contents
This chapter covers the following commands:
Delete a complete script or a line from a script.
Display a script or all scripts.
E-DOC-CTC-20061027-0003 v2.0
619
Script Commands
script add
Add a line to a script.
SYNTAX:
script add name = <string>
[index = <number>] command = <quoted string> where: name index command
Name of the script in which a line must be added.
Line number
Note
Use 0 to add a line.
Command.
RELATED COMMANDS:
Delete a complete script or a line from a script.
Display a script or all scripts.
REQUIRED
OPTIONAL
REQUIRED
620
E-DOC-CTC-20061027-0003 v2.0
Script Commands
script delete
Delete a complete script or a line from a script.
SYNTAX:
script delete where: name index name = <string>
[index = <number>]
Name of the script to be deleted.
Line number to be deleted.
Tip
Use the command
:script list to view the line numbers.
Note
If not specified, the complete script will be deleted.
RELATED COMMANDS:
Display a script or all scripts.
REQUIRED
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
621
script flush
Flush all scripts.
i
The flush command does not impact previously saved configurations.
SYNTAX:
script flush
Script Commands
622
E-DOC-CTC-20061027-0003 v2.0
Script Commands
script list
Display a script or all scripts.
SYNTAX:
script list where: name
[name = <string>]
Name of the script to be listed.
Note
If not specified, all the scripts are displayed.
OPTIONAL
EXAMPLE
Some of the default scripts are shown below:
=>script list
Script: autopvc_add_qos
0: qosbook add name _auto_$1_$2 class $3 tx_peakrate $4 tx_sustrate $5 tx_maxburst $
6 rx_peakrate $4 rx_sustrate $5 rx_maxburst $6 dynamic yes
...
Script: autopvc_add_bridge
0: qosbook add name _auto_$1_$2 class $3 tx_peakrate $4 tx_sustrate $5 tx_maxburst $
6 rx_peakrate $4 rx_sustrate $5 rx_maxburst $6 dynamic yes
1: phonebook add name _auto_$1_$2 addr $1.$2 type any dynamic yes
2: bridge ifadd intf _auto_$1_$2 dest _auto_$1_$2
3: bridge ifconfig intf _auto_$1_$2 qos _auto_$1_$2
4: bridge ifattach intf _auto_$1_$2
Script: autopvc_delete_bridge
0: bridge ifdetach intf _auto_$1_$2
1: bridge ifdelete intf _auto_$1_$2
2: phonebook delete name _auto_$1_$2
3: qosbook delete name _auto_$1_$2
Script: autopvc_add_pppoerelay
0: qosbook add name _auto_$1_$2 class $3 tx_peakrate $4 tx_sustrate $5 tx_maxburst $
6 rx_peakrate $4 rx_sustrate $5 rx_maxburst $6 dynamic yes
1: phonebook add name _auto_$1_$2 addr $1.$2 type any dynamic yes
2: ethoa ifadd intf _auto_$1_$2 dest _auto_$1_$2
3: ethoa ifconfig intf _auto_$1_$2 qos _auto_$1_$2
4: ethoa ifattach intf _auto_$1_$2
5: ip ifwait intf _auto_$1_$2 timeout 15 adminstatus up
6: pppoe relay add port _auto_$1_$2
E-DOC-CTC-20061027-0003 v2.0
623
RELATED COMMANDS:
Delete a complete script or a line from a script.
Script Commands
624
E-DOC-CTC-20061027-0003 v2.0
Script Commands
script run
Run a script.
SYNTAX:
script run where: name pars name = <string> pars = <string>
Name of the script to be run.
Tip
Use the command
:script list to obtain the names of the different scripts.
Parameters separated with comma.
For example a,b,c.
REQUIRED
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
625
Script Commands
626
E-DOC-CTC-20061027-0003 v2.0
Service Commands
33 Service Commands
Introduction
This chapter describes the commands of the service command group.
Contents
This chapter covers the following commands:
Assign a service to a host device.
Modify and/or display global service configuration options.
Add a host service.
Display a list of host services.
Show the host service statistics.
Create/define a host service portmap.
Delete a host service portmap.
Add an interface group to the access list.
Delete an interface group from the access list.
Add an IP address (range) to the access list.
Delete an IP address (range) from the access list.
Add a port map for a system service.
Delete a port map for a system service.
E-DOC-CTC-20061027-0003 v2.0
627
Service Commands
service host assign
Assign a service to a host device.
SYNTAX:
service host assign name = <quoted string>
[host = <ip-address>]
[log = <{disabled|enabled}>] where: name host log
The name of an existing host service.
The IP address of the host.
Enable or disable logging.
EXAMPLE:
=>service host assign name="MSN Messenger" host=192.168.1.64
=>service host list
Service Name Host User-Defined Mode
---------------------------------------------------------------------------
Age of Empires
AIM Talk
Aliens vs. Predator
..
unassigned unassigned unassigned server client server
MSN Messenger
...
=>
192.168.1.64
server
RELATED COMMANDS:
service host disable Disable a host service.
REQUIRED
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
628
Service Commands
service host config
Modify and/or display global service configuration options.
SYNTAX:
service host config where: trace
[trace = <{disabled | enabled}>]
Enable or disable traces.
The default is
disabled
.
EXAMPLE:
=>service host config
Service traces : disabled l=>
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
629
Service Commands
service host add
Add a host service.
SYNTAX:
service host add where: name mode name = <quoted string>
[mode = <{server | client | custom}>]
The name of the new host service.
The service mode.
Choose between:
>
server
: The service is defined for server purposes.
>
client
: The service is defined for client purposes.
>
custom
: The service is a user created service (in other words, a customized service).
The default is
custom
.
REQUIRED
OPTIONAL
EXAMPLE:
=>service host list
Service Name Host User-Defined Mode
---------------------------------------------------------------------------
Age of Empires
AIM Talk unassigned unassigned server client
...
MSN Messenger
=>service host add name=myService
=>service host list unassigned server
Service Name Host User-Defined Mode
---------------------------------------------------------------------------
Age of Empires
AIM Talk unassigned unassigned server client
...
MSN Messenger myService
=> unassigned unassigned yes server
RELATED COMMANDS:
Display a list of host services.
E-DOC-CTC-20061027-0003 v2.0
630
Service Commands
service host delete
Delete a host service.
SYNTAX:
service host delete where: name name = <quoted string>
The name of the host service to be deleted.
EXAMPLE:
=>service host list
Service Name Host User-Defined Mode
---------------------------------------------------------------------------
Age of Empires
AIM Talk unassigned unassigned server client
...
MSN Messenger myService
=>service host delete name=myService unassigned unassigned yes server
=>service host list
Service Name Host User-Defined Mode
---------------------------------------------------------------------------
Age of Empires
AIM Talk unassigned unassigned server client
...
MSN Messenger
=> unassigned server
RELATED COMMANDS:
Add a host service.
Display a list of host services.
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
631
Service Commands
service host disable
Disable a host service.
SYNTAX:
service host disable where: name
[name = <quoted string>]
The name of the host service to be disabled.
Note
If not specified, all the host services will be disabled.
OPTIONAL
EXAMPLE:
=>service host list
Service Name Host User-Defined Mode
---------------------------------------------------------------------------
Age of Empires
AIM Talk unassigned unassigned server client unassigned server Aliens vs. Predator
..
MSN Messenger
...
192.168.1.64
server
=>service host disable name="MSN Messenger"
=>service host list
Service Name Host User-Defined Mode
---------------------------------------------------------------------------
Age of Empires
AIM Talk
Aliens vs. Predator
..
MSN Messenger
...
=> unassigned unassigned unassigned unassigned server client server server
RELATED COMMANDS:
service host assign Assign a service to a host device.
E-DOC-CTC-20061027-0003 v2.0
632
Service Commands
service host flush
Flush all host services.
SYNTAX:
service host flush
E-DOC-CTC-20061027-0003 v2.0
633
Service Commands
service host list
Display a list of host services.
SYNTAX:
service host list [name = <quoted string>]
[string = <string>]
[beginstring = <string>] where: name string beginstring
The name of the host service to be listed.
Note
If not specified, all the host services will be listed.
String matching condition
Beginstring matching condition
REQUIRED
OPTIONAL
OPTIONAL
EXAMPLE:
=>service host list
Service Name Host User-Defined Mode
---------------------------------------------------------------------------
Aliens vs. Predator
Asheron's Call unassigned unassigned server client
Battlecom
Black and White
Buddy Phone
Bungie.net
Citrix Metaframe
CU-SeeMe unassigned unassigned unassigned unassigned unassigned unassigned server server client server client client unassigned server Dark Reign 2
...
Westwood Online
Yahoo Messenger Chat
=>
=>service host list name="MSN Messenger" unassigned unassigned client server
Service Name:"MSN Messenger" Host:unassigned User-Defined:no Mode:server
-------------------------------------------------------------------
Port 1863 for protocol tcp will be forwarded to host port 1863
Portrange 6891 - 6900 for protocol tcp will be forwarded to host portrange 6891 - 6900
Port 6901 for protocol tcp or udp will be forwarded to host port 6901
=>
RELATED COMMANDS:
Add a host service.
E-DOC-CTC-20061027-0003 v2.0
634
Service Commands
service host stats
Show the host service statistics.
SYNTAX:
service host stats
EXAMPLE:
=>service host stats
Services : 113 of 150 in use.
Service maps : 225 of 300 in use.
Trigger ports: 0 of 25 in use.
=>
E-DOC-CTC-20061027-0003 v2.0
635
Service Commands
service host triggerlist
List all triggers.
SYNTAX:
service host triggerlist
EXAMPLE:
=>service triggerlist
Ip Triggerport
--
=>
-----------
Portrange
---------
Timeout
-------
636
E-DOC-CTC-20061027-0003 v2.0
Service Commands
service host rule add
Create/define a host service portmap.
SYNTAX:
service host rule add name = <quoted string>
[protocol = <{any|tcp|udp} or number>]
[baseport = <supported UDP port | number>] portrange = <port-range>
[triggerport = <supported UDP port | number>]
[triggerprotocol = <{any|tcp|udp} or number>] where: name protocol
REQUIRED
OPTIONAL baseport portrange triggerport triggerprotocol
The name of the host service.
The IP protocol type.
Choose between:
>
any
>
tcp
>
udp
>
a number.
The inbound base port.
Select one of the supported TCP/UDP port names (see
“ Supported TCP/UDP Port Names” on page 747
) or, alternatively, specify the port number.
Note
If not specified,
baseport
is equal to the first port of
portrange
.
The outbound port range.
The outbound trigger port.
Select one of the supported TCP/UDP port names (see
“ Supported TCP/UDP Port Names” on page 747
) or, alternatively, specify the port number.
Protocol of the trigger port.
Choose between:
>
any
>
tcp
>
udp
>
a number.
Note
If not specified,
triggerprotocol
is equal to
protocol
.
OPTIONAL
REQUIRED
OPTIONAL
OPTIONAL
RELATED COMMANDS:
service host rule delete Delete a host service portmap.
E-DOC-CTC-20061027-0003 v2.0
637
Service Commands
service host rule delete
Delete a host service portmap.
SYNTAX:
service host rule delete name = <quoted string>
[protocol = <{any|tcp|udp} or number>]
[baseport = <supported UDP port | number>] portrange = <port-range>
[triggerport = <supported UDP port | number>]
[triggerprotocol = <{any|tcp|udp} or number>] where: name protocol
REQUIRED
OPTIONAL baseport portrange triggerport triggerprotocol
The name of the host service.
The IP protocol type.
Choose between:
>
any
>
tcp
>
udp
>
a number.
The inbound base port.
Select one of the supported TCP/UDP port names (see
“ Supported TCP/UDP Port Names” on page 747
) or, alternatively, specify the port number.
Note
If not specified,
baseport
is equal to the first port of
portrange
.
The outbound port range.
The outbound trigger port.
Select one of the supported TCP/UDP port names (see
“ Supported TCP/UDP Port Names” on page 747
) or, alternatively, specify the port number.
Protocol of the trigger port.
Choose between:
>
any
>
tcp
>
udp
>
a number.
Note
If not specified,
triggerprotocol
is equal to
protocol
.
OPTIONAL
REQUIRED
OPTIONAL
OPTIONAL
RELATED COMMANDS:
service host rule add Create/define a host service portmap.
E-DOC-CTC-20061027-0003 v2.0
638
Service Commands
service system ifadd
Add an interface group to the access list.
SYNTAX:
service system ifadd name = <string> group = <{wan|local|lan|tunnel|dmz|guest} or number> where: name group
The name of the system service for this access list.
The interface group for this access list.
REQUIRED
REQUIRED
EXAMPLE:
=>service system list name=SIPPBX expand=enabled
Idx Name Protocol SrcPort DstPort Group State
---------------------------------------------------------------------------------
1 SIPPBX udp 5060
Description................ SIP PBX, registrar and proxy disabled
Properties................. server
Managed parameters......... state port acl map log
Source Ip Selection........ auto
Interface Access List...... any
Ip Access List............. any
NAT Port List.............. 5060
=>service system ifadd name=SIPPBX group=lan
=>service system list name=SIPPBX expand=enabled
Idx Name Protocol SrcPort DstPort Group State
---------------------------------------------------------------------------------
1 SIPPBX udp 5060
Description................ SIP PBX, registrar and proxy disabled
Properties................. server
Managed parameters......... state port acl map log
Source Ip Selection........ auto
Interface Access List...... lan
Ip Access List............. any
NAT Port List.............. 5060
=>
RELATED COMMANDS:
service system ifdelete Delete an interface group from the access list.
E-DOC-CTC-20061027-0003 v2.0
639
Service Commands
service system ifdelete
Delete an interface group from the access list.
SYNTAX:
service system ifdelete name = <string> group = <{wan|local|lan|tunnel|dmz|guest} or number> where: name group
The name of the system service for this access list.
The interface group for this access list.
REQUIRED
REQUIRED
EXAMPLE:
=>service system list name=SIPPBX expand=enabled
Idx Name Protocol SrcPort DstPort Group State
---------------------------------------------------------------------------------
1 SIPPBX udp 5060
Description................ SIP PBX, registrar and proxy disabled
Properties................. server
Managed parameters......... state port acl map log
Source Ip Selection........ auto
Interface Access List...... lan
Ip Access List............. any
NAT Port List.............. 5060
=>service system ifdelete name=SIPPBX group=lan
=>service system list name=SIPPBX expand=enabled
Idx Name Protocol SrcPort DstPort Group State
---------------------------------------------------------------------------------
1 SIPPBX udp 5060
Description................ SIP PBX, registrar and proxy disabled
Properties................. server
Managed parameters......... state port acl map log
Source Ip Selection........ auto
Interface Access List...... any
Ip Access List............. any
NAT Port List.............. 5060
=>
RELATED COMMANDS:
service system ifadd Add an interface group to the access list.
E-DOC-CTC-20061027-0003 v2.0
640
Service Commands
service system ipadd
Add an IP address (range) to the access list.
SYNTAX:
service system ipadd where: name ip name = <string> ip = <ip-range>
The name of the system service for this access list.
The IP address (range) for this access list.
EXAMPLE:
=>service system list name=SIPPBX expand=enabled
Idx Name Protocol SrcPort DstPort Group State
---------------------------------------------------------------------------------
1 SIPPBX udp 5060
Description................ SIP PBX, registrar and proxy disabled
Properties................. server
Managed parameters......... state port acl map log
Source Ip Selection........ auto
Interface Access List...... any
Ip Access List............. any
NAT Port List.............. 5060
=>service system ipadd name=SIPPBX ip=192.168.1.64
=>service system list name=SIPPBX expand=enabled
Idx Name Protocol SrcPort DstPort Group State
---------------------------------------------------------------------------------
1 SIPPBX udp 5060
Description................ SIP PBX, registrar and proxy disabled
Properties................. server
Managed parameters......... state port acl map log
Source Ip Selection........ auto
Interface Access List...... any
Ip Access List............. 192.168.1.64
NAT Port List.............. 5060
=>
RELATED COMMANDS:
service system ipdelete Delete an IP address (range) from the access list.
REQUIRED
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
641
Service Commands
service system ipdelete
Delete an IP address (range) from the access list.
SYNTAX:
service system ipdelete name = <string> ip = <ip-range> where: name ip
The name of the system service for this access list.
The IP address (range) for this access list.
EXAMPLE:
=>service system list name=SIPPBX expand=enabled
Idx Name Protocol SrcPort DstPort Group State
---------------------------------------------------------------------------------
1 SIPPBX udp 5060
Description................ SIP PBX, registrar and proxy disabled
Properties................. server
Managed parameters......... state port acl map log
Source Ip Selection........ auto
Interface Access List...... any
Ip Access List............. 192.168.1.64
NAT Port List.............. 5060
=>service system ipdelete name=SIPPBX ip=192.168.1.64
=>service system list name=SIPPBX expand=enabled
Idx Name Protocol SrcPort DstPort Group State
---------------------------------------------------------------------------------
1 SIPPBX udp 5060
Description................ SIP PBX, registrar and proxy disabled
Properties................. server
Managed parameters......... state port acl map log
Source Ip Selection........ auto
Interface Access List...... any
Ip Access List............. any
NAT Port List.............. 5060
=>
RELATED COMMANDS:
service system ipadd Add an IP address (range) to the access list.
REQUIRED
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
642
Service Commands
service system list
Display the system services.
SYNTAX:
service system list where: name expand dynamics members string beginstring
[name = <string>]
[expand = <{disabled | enabled}>]
[dynamics = <{disabled | enabled}>]
[members = <{disabled | enabled}>]
[string = <string>]
[beginstring = <string>]
The name of the system service to be displayed.
Note
If not specified, all the system services will be displayed.
Enable or disable expanded listing.
The default is
disabled
.
Display dynamic sevices.
The default is
disabled
.
Display service group members.
The default is
disabled
.
String matching condition
Beginstring matching condition
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
643
Service Commands
EXAMPLE:
=>service system list
Idx Name Protocol SrcPort DstPort Group State
---------------------------------------------------------------------------------
1 DNS-C
2 SNTP udp udp 123
53
123 enabled enabled
3 SLA_ICMP_PING
4 SLA_UDP_PING
5 SLA_ICMP_TRRT
6 SLA_UDP_TRRT icmp udp icmp udp
8
7
8
33434 enabled enabled enabled enabled
7 SYSLOG
8 HTTP
9 HTTPs
10 HTTPI
11 FTP
12 TELNET
13 RIP
14 RIP-Query udp tcp tcp tcp tcp tcp udp udp udp
520
514
80
443
8080
21
23
520
520
53 enabled enabled enabled enabled enabled enabled enabled enabled
15 DNS-S
16 Dynamic DNS
17 DHCP-S
18 SNMP_AGENT
19 SNMP_TRAPS
20 MDAP
21 SIPPBX
22 IKE
23 IP_COMMANDS
24 PING_RESPONDER udp udp udp udp udp udp icmp
49152
161
3235
5060
500
8 enabled enabled disabled enabled enabled enabled disabled enabled enabled enabled
=>
=>service system list name=SIPPBX expand=enabled
Idx Name Protocol SrcPort DstPort Group State
---------------------------------------------------------------------------------
1 SIPPBX udp 5060
Description................ SIP PBX, registrar and proxy disabled
Properties................. server
Managed parameters......... state port acl map log
Source Ip Selection........ auto
Interface Access List...... any
Ip Access List............. any
NAT Port List.............. 5060
=>
RELATED COMMANDS:
service system modify Modify a system service.
E-DOC-CTC-20061027-0003 v2.0
644
Service Commands
service system mapadd
Add a port map for a system service.
SYNTAX:
service system mapadd name = <{string}> intf = <{auto|loop|Internet|LocalNetwork}> port = <supported port or number> where: name intf port
The name of the system service for this map.
The interface for this map.
The port for this map.
Select one of the supported TCP/UDP port names (see
“ Supported TCP/UDP Port Names” on page 747
) or, alternatively, specify the port number.
REQUIRED
REQUIRED
REQUIRED
RELATED COMMANDS:
Delete a port map for a system service.
E-DOC-CTC-20061027-0003 v2.0
645
Service Commands
service system mapdelete
Delete a port map for a system service.
SYNTAX:
service system mapdelete name = <string> intf = <{auto|loop|Internet|LocalNetwork}> port = <supported port or number> where: name intf port
The name of the system service for this map.
The interface for this map.
The port for this map.
Select one of the supported TCP/UDP port names (see
“ Supported TCP/UDP Port Names” on page 747
) or, alternatively, specify the port number.
REQUIRED
REQUIRED
REQUIRED
RELATED COMMANDS:
service system mapadd Add a port map for a system service.
646
E-DOC-CTC-20061027-0003 v2.0
Service Commands
service system modify
Modify a system service.
SYNTAX:
service system modify name = <string>
[state = <{disabled | enabled}>]
[port = <supported port or number>]
[srcintf = <string>]
[log = <{disabled|enabled}>]
[qoslabel = <{None|DSCP|Interactive|
Management|Video|VoIP|default}>]
[routelabel = <{None|DSCP|Interactive|
Management|Video|VoIP|default}>]
[natpmweight = <number{0-255}>]
[forward = <{disabled|enabled}>] where: name state port srcintf log qoslabel routelabel natpmweight forward
The name of the system service for this map.
Disable or enable this system service.
The port for this map.
Select one of the supported TCP/UDP port names (see
“ Supported TCP/UDP Port Names” on page 747
) or, alternatively, specify the port number.
The primary IP interface for this system service.
Disable or enable service logging
QoS label for service data
Route label for service data
NAT portmap weight for this service
Disable or enable service forwarding
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
RELATED COMMANDS:
service system list Display the system services.
E-DOC-CTC-20061027-0003 v2.0
647
Service Commands
648
E-DOC-CTC-20061027-0003 v2.0
SNMP Commands
34 SNMP Commands
Introduction
This chapter describes the commands of the snmp command group.
Contents
This chapter covers the following commands:
Show/set global Simple Network Management
Protocol (SNMP) parameters.
Get from the supplied SNMP Object IDentifier (OID).
GetNext from the supplied SNMP OID.
Walk from the supplied SNMP OID.
Configure an SNMP community string to allow SNMP access over IP.
Delete an SNMP community string to prevent SNMP access over IP.
List all SNMP community strings in use for SNMP access over
Modify an SNMP community string to allow SNMP access over
E-DOC-CTC-20061027-0003 v2.0
649
snmp config
Show/set global Simple Network Management Protocol (SNMP) parameters.
SYNTAX:
snmp config [sysContact = <quoted string>]
[sysName = <quoted string>]
[sysLocation = <quoted string>] where: sysContact sysName sysLocation
The SNMP system contact.
The default is
Service Provider
.
The SNMP system name.
The SNMP system location.
The default is
Customer Premises
.
EXAMPLE:
=>snmp config
SNMP System Contact
SNMP System Name
SNMP System Location
: Service Provider
: SpeedTouch 620
: Customer Premises
All SNMP traps : ENABLED
Delay, in secs before first trap is sent
=>
: 90
SNMP Commands
OPTIONAL
OPTIONAL
OPTIONAL
650
E-DOC-CTC-20061027-0003 v2.0
SNMP Commands
snmp get
Get from the supplied SNMP Object IDentifier (OID).
For example: get ObjectId=.1.3.6.1.2.1.1.1.0.
SYNTAX:
snmp get where:
ObjectID
[ObjectId = <string>]
The Object Identifier. Object ID to get from ... must include the instance which is 0 for scalar objects, for example
.1.3.6.1.2.1.1.1.0 sysDescription.
Note
If not specified, the sysDescription OID .1.3.6.1.2.1.1.1.0 is assumed. Its value is Thomson ST.
OPTIONAL
EXAMPLE:
=>snmp get
VB_octetStr
=>
.1.3.6.1.2.1.1.1.0
RELATED COMMANDS:
Thomson ST 620
GetNext from the supplied SNMP OID.
Walk from the supplied SNMP OID.
E-DOC-CTC-20061027-0003 v2.0
651
SNMP Commands
snmp getnext
GetNext from the supplied SNMP OID.
SYNTAX:
snmp getnext where:
ObjectID
[ObjectId = <string>]
The Object Identifier.
Object ID to getnext from for example .1.3.6.1.2.1.1 system returns sysDescription.
EXAMPLE:
=>snmp getnext ObjectId=.1.3.6.1.2.1.1.4.0
VB_octetStr .1.3.6.1.2.1.1.5.0
=>
RELATED COMMANDS:
Sascha
Get from the supplied SNMP Object IDentifier (OID).
Walk from the supplied SNMP OID.
OPTIONAL
652
E-DOC-CTC-20061027-0003 v2.0
SNMP Commands
snmp walk
Walk from the supplied SNMP OID.
SYNTAX:
snmp walk where:
ObjectID
[ObjectId = <string>]
The Object Identifier.
Object ID to walk from for example .1.3.6.1.2.1.1 system walks the system group.
OPTIONAL
EXAMPLE:
=>snmp walk ObjectId=.1.3.6.1.2.1.1
VB_octetStr .1.3.6.1.2.1.1.1.0
VB_objId .1.3.6.1.2.1.1.2.0
VB_timeTicks .1.3.6.1.2.1.1.3.0
VB_octetStr
VB_octetStr
VB_octetStr
VB_integer
=>
.1.3.6.1.2.1.1.4.0
.1.3.6.1.2.1.1.5.0
.1.3.6.1.2.1.1.6.0
.1.3.6.1.2.1.1.7.0
RELATED COMMANDS:
Thomson ST 620
.1.3.6.1.4.1.637.61.2
2927636
Service Provider
Sascha
Customer Premises
72
Get from the supplied SNMP Object IDentifier (OID).
GetNext from the supplied SNMP OID.
E-DOC-CTC-20061027-0003 v2.0
653
SNMP Commands
snmp community add
Configure an SNMP community string to allow SNMP access over IP.
SYNTAX:
snmp community add securityname = <{RWCommunity | ROCommunity}> communityname = <password> where: securityname communityname
Configure access rights/restrictions control for the community name.
Choose between:
>
RWCommunity
: read/write access rights
>
ROCommunity
: read only access rights.
Configure the SNMP community name.
REQUIRED
REQUIRED
EXAMPLE:
=>snmp community add securityname = RWCommunity communityname = *******
Please retype communityname for verification.
communityname = *******
:snmp community add securityname=RWCommunity communityname=_DEV_2C6A78E1C41E7B01
=>snmp community add securityname = ROCommunity communityname = ******
Please retype communityname for verification.
communityname = ******
:snmp community add securityname=ROCommunity communityname=_DEV_184B05F89719A74E
=>
RELATED COMMANDS:
Delete an SNMP community string to prevent SNMP access over IP.
List all SNMP community strings in use for SNMP access over IP.
E-DOC-CTC-20061027-0003 v2.0
654
SNMP Commands
snmp community delete
Delete an SNMP community string to prevent SNMP access over IP.
SYNTAX:
snmp community delete where: securityname securityname = <{RWCommunity | ROCommunity}>
Select the access rights/restrictions control for the community name to be deleted.
Choose between:
>
RWCommunity
: read/write access rights
>
ROCommunity
: read only access rights.
REQUIRED
EXAMPLE:
=>snmp community list
Read-write SNMP community name : *****
Read-only SNMP community name : *****
=>snmp community delete securityname=ROCommunity
=>snmp community list
Read-write SNMP community name : *****
Read-only SNMP community name : not specified
=>
RELATED COMMANDS:
Configure an SNMP community string to allow SNMP access over IP.
List all SNMP community strings in use for SNMP access over IP.
E-DOC-CTC-20061027-0003 v2.0
655
SNMP Commands
snmp community list
List all SNMP community strings in use for SNMP access over IP.
SYNTAX:
snmp community list
EXAMPLE:
=>snmp community list
Read-write SNMP community name : *****
Read-only SNMP community name : *****
=>
RELATED COMMANDS:
Configure an SNMP community string to allow SNMP access over IP.
Delete an SNMP community string to prevent SNMP access over IP.
656
E-DOC-CTC-20061027-0003 v2.0
SNMP Commands
snmp community modify
Modify an SNMP community string to allow SNMP access over IP.
SYNTAX:
snmp community modify securityname = <{RWCommunity | ROCommunity}> communityname = <password> where: securityname REQUIRED communityname
Configure access rights/restrictions control for the community name.
Choose between:
>
RWCommunity
: read/write access rights
>
ROCommunity
: read only access rights.
Configure the SNMP community name.
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
657
snmp ifadd
Create a new SNMP interface.
SYNTAX:
snmp ifadd where: intf dest intf = <string> dest = <string>
The name for the new SNMP interface.
The destination interface for this SNMP interface.
EXAMPLE:
=>snmp ifadd intf = new dest = Internet
:snmp ifadd intf=new dest=Internet
=>
RELATED COMMANDS:
SNMP Commands
REQUIRED
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
658
SNMP Commands
snmp ifdelete
Delete an SNMP interface.
SYNTAX:
snmp ifdelete where: intf intf = <string>
The name of the SNMP interface.
EXAMPLE:
=>snmp ifdelete intf = new
:snmp ifdelete intf=new
=>
RELATED COMMANDS:
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
659
snmp ifattach
Attach an SNMP interface.
SYNTAX:
snmp ifattach where: intf intf = <string>
The name of the SNMP interface.
EXAMPLE:
=>snmp ifattach intf = Internet
:snmp ifattach intf=Internet
=>
RELATED COMMANDS:
SNMP Commands
REQUIRED
660
E-DOC-CTC-20061027-0003 v2.0
SNMP Commands
snmp ifdetach
Detach an SNMP interface.
SYNTAX:
snmp ifdetach where: intf intf = <string>
The name of the SNMP interface.
EXAMPLE:
=>snmp ifdetach intf = Internet
:snmp ifdetach intf=Internet
=>
RELATED COMMANDS:
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
661
SNMP Commands
snmp ifconfig
Modify an SNMP interface.
SYNTAX:
snmp ifconfig intf = <string>
[securityname = <{RWCommunity | ROCommunity}>]
[communityname = <password>] where: intf securityname communityname
The name of the SNMP interface to configure.
Configure access rights/restrictions control for the community name.
Choose between:
>
RWCommunity
>
ROCommunity.
The default is
RWCommunity
.
Configure SNMP community name.
REQUIRED
OPTIONAL
OPTIONAL
EXAMPLE:
=>snmp ifconfig intf = Internet
[securityname] =
[communityname] =
:snmp ifconfig intf=Internet
=>
RELATED COMMANDS:
E-DOC-CTC-20061027-0003 v2.0
662
SNMP Commands
snmp iflist
Display the SNMP interfaces.
SYNTAX:
snmp iflist where: intf
[intf = <string>]
The name of an SNMP interface to configure.
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
663
SNMP Commands
664
E-DOC-CTC-20061027-0003 v2.0
SNTP Commands
35 SNTP Commands
Introduction
This chapter describes the commands of the Simple Network Time Protocol (SNTP) command group.
Contents
This chapter covers the following commands:
Add a Network Time Protocol (NTP) server to the NTP server list.
Modify/display the SNTP client configuration.
Delete an NTP server from the NTP server list.
Flush the NTP server list and the SNTP client configuration.
E-DOC-CTC-20061027-0003 v2.0
665
SNTP Commands
sntp add
Add a Network Time Protocol (NTP) server to the NTP server list.
The internal Thomson ST real time clock (SNTP client) will be synchronized with the NTP server.
SYNTAX:
sntp add [addr = <ip-address>]
[name = <string>]
[version = <number{1-4}>] where: addr name version
The IP address of the NTP server to add to the list.
Note
This parameter is optional in this respect that either an IP address or the name of an NTP server must be specified.
The DNS name of NTP server to be added to list. If both the IP address and the DNS name are provided, the IP address is ignored.
Note
This parameter is optional in this respect that either an IP address or the name of an NTP server must be specified
The SNTP version of the NTP server.
Select either 1, 2, 3, or 4 following NTP server supported versions.
The default is
4
.
OPTIONAL
OPTIONAL
OPTIONAL
EXAMPLE:
=>sntp list
IP Address
100.101.110.113
Version
4
Status
Synchronized
=>sntp add addr=100.101.110.111
=>sntp list
IP Address
100.101.110.111
100.101.110.113
Version
4
4
Status contacting ...
Synchronized
=>
RELATED COMMANDS:
Delete an NTP server from the NTP server list.
E-DOC-CTC-20061027-0003 v2.0
666
SNTP Commands
sntp config
Modify/display the SNTP client configuration.
SYNTAX:
sntp config [state = <{enabled | disabled}>]
[poll = <number{1-60}>]
[pollpresync = <number{1-60}>] where: state poll pollpresync
Enable or disable the Thomson ST SNTP client.
The default is
enabled
.
A number between 1 and 60 (minutes).
Represents the time interval for the SNTP client to poll the configured
NTP server and, if needed, (re-)synchronize its internal clock.
The default is
60
.
polling interval before first sync (1 min, ... ,60min)
OPTIONAL
OPTIONAL
OPTIONAL
EXAMPLE:
=>sntp config
SNTP configuration: state = enabled poll interval = 60 minute(s) poll interval (before first sync) = 60 minute(s)
=>
E-DOC-CTC-20061027-0003 v2.0
667
SNTP Commands
sntp delete
Delete an NTP server from the NTP server list.
SYNTAX:
sntp delete where: addr name
[addr = <ip-address>]
[name = <string>]
The IP address of the NTP server to be removed from the list.
Note
This parameter is optional in this respect that either an IP address or the name of an NTP server must be specified.
The DNS name of the NTP server to be removed to the list.
Note
This parameter is optional in this respect that either an IP address or the name of an NTP server must be specified.
OPTIONAL
OPTIONAL
EXAMPLE:
=>sntp list
IP Address
100.101.110.111
100.101.110.113
Version
4
4
Status contacting ...
Synchronized
=>sntp del addr=100.101.110.111
=>sntp list
IP Address
100.101.110.113
=>
Version
4
Status
Synchronized
RELATED COMMANDS:
Add a Network Time Protocol (NTP) server to the NTP server list.
E-DOC-CTC-20061027-0003 v2.0
668
SNTP Commands
sntp flush
Flush the NTP server list and the SNTP client configuration.
SYNTAX:
sntp flush
E-DOC-CTC-20061027-0003 v2.0
669
SNTP Commands
sntp list
List the NTP servers.
SYNTAX:
sntp list
EXAMPLE:
=>sntp list
IP Address
100.101.110.111
100.101.110.112
100.101.110.113
=>
Version
4
4
4
Status contacting ...
Name
Unable to contact
Synchronized
DESCRIPTION:
The status of an NTP server can be:
>
Not used
: The Thomson ST SNTP client is disabled. As a consequence, none of the NTP servers are used.
>
Contacting...
: The Thomson ST SNTP client is trying to contact this NTP server.
>
Unable to contact
: The Thomson ST SNTP client is unable to contact this NTP server. It may be down, or no end-to-end connectivity exists (no connection, no DSL,...).
>
Synchronized
: The Thomson ST SNTP client was able to contact this NTP server. If required the internal clock has been synchronized with this NTP server.
RELATED COMMANDS:
Add a Network Time Protocol (NTP) server to the NTP server list.
Delete an NTP server from the NTP server list.
E-DOC-CTC-20061027-0003 v2.0
670
Software Commands
36 Software Commands
Introduction
This chapter describes the commands of the software command group.
Contents
This chapter covers the following commands:
Reboot the modem to initiate the SW upgrade.
Display the software version.
E-DOC-CTC-20061027-0003 v2.0
671
Software Commands
software upgrade
Reboot the modem to initiate the SW upgrade.
New software available on a remote LAN host will be uploaded to the modem.
SYNTAX:
software upgrade
672
E-DOC-CTC-20061027-0003 v2.0
Software Commands
software version
Display the software version.
SYNTAX:
software version
E-DOC-CTC-20061027-0003 v2.0
673
Software Commands
674
E-DOC-CTC-20061027-0003 v2.0
System Commands
37 System Commands
Introduction
This chapter describes the commands of the system command group.
Contents
This chapter covers the following commands:
Set/change the system configuration parameters.
Flush the current system configuration.
Set/get the regional settings.
Reset the Thomson ST to its factory or ISP defaults and reboot the device.
Set or change a timed reboot for the Thomson ST.
Show the Thomson ST CPU and memory statistics.
Configure Remote management access parameters.
Do a SNTP update and synchronize the realtime clock.
Set/get date, time, timezone, daylight savings time, uptime.
E-DOC-CTC-20061027-0003 v2.0
675
System Commands
system config
Set/change the system configuration parameters.
!
For a good operation of UPnP and the discovery mechanism, it is highly recommended not to change the system configuration settings.
SYNTAX:
system config [upnp = <{disabled | enabled}>]
[tr64 = <{disabled | enabled}>]
[mdap = <{disabled | enabled}>]
[drst = <{disabled | enabled}>]
[led = <{green | red | orange | flash | off}>]
[resetbutton = <{disabled | enabled}>]
[digestauth = <{disabled | enabled}>]
[defaultconnection = <string>]
[rtc = <{disabled|enabled}>]
[autosave = <{disabled | enabled}>]
[autosavedelay = <number{0-600}>] where: upnp tr64 mdap drst led resetbutton digestauth defaultconnection rtc autosave
Enable or disable UPnP discovery.
The default is
enabled
.
Enable or disable TR-64 discovery.
The default is
disabled
.
Enable or disable proprietary discovery protocol.
The default is
enabled
.
Enable or disable DrSpeedTouch access.
The default is
disabled
.
Set the system LED colour.
Choose between:
>
green
: solid green
>
red
: solid red
>
orange
: solid orange
>
flash
: toggle between green and orange
>
off
: LED is off.
The default is
green
.
Enable or disable reset-to-factory-defaults pushbutton.
The default is
enabled
.
Enable or disable HTTP digest authentication.
The default is
enabled
.
The name of the default internet connection.
Enable or disable RTC.
The default is
disabled
Enable or disable autosaves.
The default is
enabled
.
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
676
System Commands autosavedelay A number between 0 and 600.
Represents the autosave delay in seconds (0 for immediate save).
OPTIONAL
EXAMPLE:
=>system config upnp discovery
TR-64 discovery mdap discovery drst support reset button
: enabled
: disabled
: enabled
: disabled
: enabled digest authentication : enabled rtc defaultconnection
: enabled
: Internet autosave autosave delay
=>
: enabled
: 10s
E-DOC-CTC-20061027-0003 v2.0
677
System Commands
system flush
Flush the current system configuration.
The system password and the system config settings (dcache excluded) are flushed.
i
The flush command does not impact previously saved configurations.
SYNTAX:
system flush
EXAMPLE:
=>system flush
Security notification: Password changed, use 'saveall' to make it permanent.
=>
678
E-DOC-CTC-20061027-0003 v2.0
System Commands
system locale
Set/get the regional settings.
SYNTAX:
system locale [dec_symbol = <{, | .}>]
[group_symbol = <{. | ,}>]
[date_separator = <{/ | - | .}>]
[date_format = <{iso | ddmmyyyy | ddmmyy | mmddyyyy | mmddyy}>]
[time_format = <{iso | hmmss}>]
[datetime_format = <{iso | date+time | time+date}>]
[duration_format = <{dhmmss | hmmss}>] where: dec_symbol group_symbol date_separator date_format
Set the decimal symbol.
Choose between:
>
.
>
,
The default is “
,
”.
Set the group symbol.
Choose between:
>
.
>
,
The default is “
.
”.
Set the date separator.
Choose between:
>
/
>
-
>
.
The default is “
-
”.
Set the date format.
Choose between:
>
iso
>
ddmmyyyy
>
ddmmyy
>
mmddyyyy
>
mmddyy
The default is
ddmmyyyy
.
Note
dd = day; mm = month; yyyy or yy = year.
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
679
time_format datetime_format duration_format
Set the time format.
Choose between:
>
iso
>
hmmss.
The default is
iso
.
Note
h = hours; mm = minutes; ss = seconds.
Set the date-time format.
Choose between:
>
iso
>
date+time
>
time+date.
The default is
date+time
.
Set the duration format.
Choose between:
>
dhmmss
>
hmmss.
The default is
dhmmss
.
Note
d = days; h = hours; mm = minutes; ss = seconds.
EXAMPLE:
=>system locale
Decimal symbol = ,
Digit grouping symbol = .
Date separator
Date format
= -
= ddmmyyyy
Time format
Date-time format
Duration format
=>
= iso
= date+time
= dhmmss
System Commands
OPTIONAL
OPTIONAL
OPTIONAL
680
E-DOC-CTC-20061027-0003 v2.0
System Commands
system reboot
Reboot the Thomson ST.
!
Non-saved configuration settings will be lost after reboot.
SYNTAX:
system reboot
EXAMPLE:
=>system reboot
.....
(lost session connectivity due to reboot)
.....
RELATED COMMANDS:
system timedreboot Set or change a timed reboot for the Thomson ST..
E-DOC-CTC-20061027-0003 v2.0
681
System Commands
system reset
Reset the Thomson ST to its factory or ISP defaults and reboot the device.
!
All user specific settings and all saved configuration changes are lost after reboot.
SYNTAX:
system reset factory yes/no = <{yes | no}> proceed no/yes = <{no | yes}> where: factory yes/no proceed no/yes
Choose between:
>
yes: delete user and ISP specific settings.
>
no: delete user specific settins only.
Confirmation for resetting the modem.
If no confirmation is given, the Thomson ST will not be reset.
REQUIRED
REQUIRED
EXAMPLE:
=>system reset
---------------
!! WARNING !!
---------------
The modem will be reset to (factory) defaults clearing all user (and ISP) settings.
Specifying <factory=yes> deletes user and ISP specific settings.
Connectivity with the ISP network might be lost.
<factory=no> deletes user specific settings only.
factory yes/no = no proceed no/yes = no
:system reset factory yes/no=no proceed no/yes=no
=>
=>system reset
---------------
!! WARNING !!
---------------
The modem will be reset to (factory) defaults clearing all user (and ISP) settings.
Specifying <factory=yes> deletes user and ISP specific settings.
Connectivity with the ISP network might be lost.
<factory=no> deletes user specific settings only.
factory yes/no = yes proceed no/yes = yes
:system reset factory yes/no=yes proceed no/yes=yes
.....
(lost session connectivity due to reboot)
.....
E-DOC-CTC-20061027-0003 v2.0
682
System Commands
RELATED COMMANDS:
sntp config Modify/display the SNTP client configuration.
E-DOC-CTC-20061027-0003 v2.0
683
system timedreboot
Set or change a timed reboot for the Thomson ST.
SYNTAX
timedreboot [state = <{disabled|enabled}>]
[time = <number{0-16384}>]
[date = <string>] where: state time date
Enable/Disable timed reboot.
The default is
disabled
.
Change default countdown time (Min).
A number between 0 and 16384.
The default is
60
.
Set date/time to reboot (DD/MM/YYYY/HH:MM).
The default is the current day and time
EXAMPLE:
=>:system timedreboot state=enabled time=60 input timeout (min): 60
=>
RELATED COMMANDS:
system reboot Reboot the Thomson ST.
System Commands
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
684
System Commands
system debug autosave
Autosave debugging commands
SYNTAX:
system debug autosave where: trace
[trace = <{disabled|enabled}>]
Enable or disable autosave traces OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
685
System Commands
system debug stats
Show the Thomson ST CPU and memory statistics.
SYNTAX:
system debug stats where: reset
[reset = <{disabled | enabled}>]
Reset the CPU statistics.
The default is
disabled
.
OPTIONAL
DESCRIPTION:
>
CHIP memory
: Memory used by the CPU (first MB from the RAM) – not cached since it has to be realtime.
>
Application memory
: Memory used by the applications.
>
min
: The least amount of free memory detected during the uptime of the Thomson ST.
686
E-DOC-CTC-20061027-0003 v2.0
System Commands
system ra config
Configure Remote management access parameters.
SYNTAX:
system ra config [secure = <{disabled | enabled}>]
[port = <number>]
[timeout = <number>] where: secure port timeout
Enable or disable https.
The default is
enabled
.
Set the destination port for remote access.
The default is
51003
.
Set the connection timeout in minutes.
EXAMPLE:
=>system ra config
Remote management access configuration
Remote access port : 51003
Secure remote access : enabled
=>
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
687
system rtc synchronize
Do a SNTP update and synchronize the realtime clock.
SYNTAX:
system rtc synchronize
System Commands
688
E-DOC-CTC-20061027-0003 v2.0
System Commands
system rtc settime
Set/get date, time, timezone, daylight savings time, uptime.
When synchronization with an external NTP server via the Thomson ST SNTP client fails, this command allows to manually configure its internal clock.
i
In cases without regular synchronization, accurate realtime clock settings can not be guaranteed.
SYNTAX:
system rtc settime [date = <dd/mm/yyyy>]
[time = <hh:mm:ss>]
[timezone = <(+ or -)hh:mm>]
[daylightsaving = <{disabled | enabled}>] where: date time timezone daylightsaving
The system date formatted as dd/mm/yyyy.
Note
If not specified, the current date is preserved.
The system time formatted as hh:mm:ss.
Note
If not specified, the current time is preserved.
The system timezone formatted as (+ or -)hh:mm.
Valid timezones are possible from -12:00 to +14:00 with a resolution of 15 minutes.
Note
If not specified, the current timezone is preserved.
Enable or disable daylight saving.
The default is
disabled
.
Note
If not specified, the current daylight saving setting is preserved.
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
EXAMPLE:
=>system settime date = 31/01/2005 time = 18:05:16 timezone = +00:00 daylightsaving = off
=>
E-DOC-CTC-20061027-0003 v2.0
689
System Commands
690
E-DOC-CTC-20061027-0003 v2.0
Systemlog Commands
38 Systemlog Commands
Introduction
This chapter describes the commands of the systemlog command group.
Contents
This chapter covers the following commands:
Flush all messages in the internal Syslog message buffer.
Show messages in the internal Syslog message buffer.
E-DOC-CTC-20061027-0003 v2.0
691
systemlog flush
Flush all messages in the internal Syslog message buffer.
SYNTAX:
systemlog flush
Systemlog Commands
692
E-DOC-CTC-20061027-0003 v2.0
Systemlog Commands
systemlog show
Show messages in the internal Syslog message buffer.
SYNTAX:
systemlog show [fac = <supported facility name>]
[sev = <supported severity name>]
[hist = <{disabled | enabled}>] where: fac sev hist
Specify the facility name of the syslog messages to be shown.
Use one of the supported facility names (see “ Supported Facilities” on page 751 ).
Note
If not specified, the messages of all the facilities will be shown.
Specify the lowest priority severity of the syslog messages to be shown.
All the syslog messages with severity as specified or higher will be shown.
Use one of the supported severity names (see
Note
If not specified, the messages of all the severities will be shown.
Show messages over several Thomson ST reboots (enabled) or show only messages since latest startup (disabled).
Note
If not specified, only the recent messages will be shown.
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
693
Systemlog Commands
EXAMPLE:
=>syslog msgbuf show fac=kern sev=emerg hist=enabled
<0> SysUpTime: 14:45:43 KERNEL Controlled restart (after internal error or explicit system re boot)
<0> SysUpTime: 02:58:18 KERNEL Controlled restart (after internal error or explicit system re boot)
<0> SysUpTime: 04 days 04:52:37 KERNEL Controlled restart (after internal error or explicit s ystem reboot)
<0> SysUpTime: 00:00:41 KERNEL Controlled restart (after internal error or explicit system re boot)
=>syslog msgbuf show fac=kern sev=warning hist=enabled
<4> SysUpTime: 00:00:00 KERNEL Cold restart
<0> SysUpTime: 14:45:43 KERNEL Controlled restart (after internal error or explicit system re boot)
<4> SysUpTime: 00:00:00 KERNEL Warm restart
<0> SysUpTime: 02:58:18 KERNEL Controlled restart (after internal error or explicit system re boot)
<4> SysUpTime: 00:00:00 KERNEL Warm restart
<0> SysUpTime: 04 days 04:52:37 KERNEL Controlled restart (after internal error or explicit s ystem reboot)
<4> SysUpTime: 00:00:00 KERNEL Warm restart
<0> SysUpTime: 00:00:41 KERNEL Controlled restart (after internal error or explicit system re boot)
=>
694
E-DOC-CTC-20061027-0003 v2.0
Systemlog Commands
systemlog send
Send messages from the internal Syslog message buffer to a specified local or remote syslog server host.
i
There will be no notification on whether the host has received the messages or not.
SYNTAX:
systemlog send [fac = <supported facility name>]
[sev = <supported severity name>]
[hist = <{disabled | enabled}>] dest = <ip-address> where: fac sev hist dest
Specify the facility name of the syslog messages to show.
Use one of the supported facility names (see “ Supported Facilities” on page 751 ).
Note
If not specified, the messages of all the facilities will be shown.
Specify the lowest priority severity of the syslog messages to be shown.
All the syslog messages with severity as specified or higher will be shown.
Use one of the supported severity names (see
Note
If not specified, the messages of all the severities will be shown.
Show messages over several Thomson ST reboots (disabled) or show only messages since latest startup (enabled).
Note
If not specified, only the recent messages will be shown.
The IP address of the remote host on the local or remote network, in other words, the collector's IP address, to send the syslog messages to.
OPTIONAL
OPTIONAL
OPTIONAL
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
695
Systemlog Commands
systemlog DBG dbg_syslog
Perform a syslog call.
SYNTAX:
systemlog DBG dbg_syslog priority = <number{0-191}> msgstring = <string> where: priority msgstring priority number message content
696
E-DOC-CTC-20061027-0003 v2.0
Systemlog Commands
systemlog DBG dbg_long_mess
Generate a long syslog message call.
SYNTAX:
systemlog DBG dbg_long_mess
E-DOC-CTC-20061027-0003 v2.0
697
systemlog DBG dbg_burst
Perform a syslog message burst.
SYNTAX:
systemlog DBG dbg_burst
Systemlog Commands
698
E-DOC-CTC-20061027-0003 v2.0
Systemlog Commands
systemlog DBG dbg_contents
Show the contents of the message buffer.
SYNTAX:
systemlog DBG dbg_contents
E-DOC-CTC-20061027-0003 v2.0
699
Systemlog Commands
700
E-DOC-CTC-20061027-0003 v2.0
Upgrade Commands
39 Upgrade Commands
Introduction
This chapter describes the commands of the upgrade command group.
Contents
This chapter covers the following commands:
Change the upgrade daemon configuration.
Enable/disable upgrade daemon tracing.
Add a new file profile description.
Modify a file profile description.
Delete a file profile description.
Display a list of the file profile descriptions.
E-DOC-CTC-20061027-0003 v2.0
701
upgrade config
Change the upgrade daemon configuration.
SYNTAX:
upgrade config [state = <{disabled|enabled}>]
[protocol = <{tftp|ftp|http|https}>] where: state protocol
Set the upgrade daemon state to enabled or disabled.
The default is
disabled
.
The transfer protocol to be used for file download.
Choose between:
>
tftp
>
ftp
>
http
>
https
The default is
tftp
.
EXAMPLE:
=>:upgrade config
Upgrade daemon state: disabled
Upgrade daemon transfer protocol: tftp
Upgrade daemon option 66:
Upgrade daemon option 67:
=>
Upgrade Commands
OPTIONAL
OPTIONAL
702
E-DOC-CTC-20061027-0003 v2.0
Upgrade Commands
upgrade start
Start a new upgrade.
SYNTAX:
upgrade start where: protocol server filename protocol = <{tftp|ftp|http|https}>
[server = <string>]
[filename = <string>]
The protocol to be used for the download.
Choose between:
>
tftp
>
ftp
>
http
>
https
The default is
disabled
.
The server name or IP address
The file to be downloaded
REQUIRED
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
703
Upgrade Commands
upgrade debug traceconfig
Enable/disable upgrade daemon tracing.
SYNTAX:
upgrade debug traceconfig state = <{disabled|enabled}> where: state Set the upgared daemon state to enabled or disabled.
REQUIRED
704
E-DOC-CTC-20061027-0003 v2.0
Upgrade Commands
upgrade debug sesslist
Display the list of sessions.
SYNTAX:
upgrade debug sesslist
EXAMPLE:
=>:upgrade debug sesslist
Session 0:
---------------------------------------------------------------
SessionId : 0x80c25850
State : IDLE
Protocol : TFTP
ServerName:
FileName :
DestFile :
ServerIP : 0.0.0.0
Error :
Session 1:
---------------------------------------------------------------
SessionId : 0x80c25c20
State : IDLE
Protocol : TFTP
ServerName:
FileName :
DestFile :
ServerIP : 0.0.0.0
Error :
=>
E-DOC-CTC-20061027-0003 v2.0
705
Upgrade Commands
upgrade profile add
Add a new file profile description.
SYNTAX:
upgrade profile add extension = <{sts|ini}>
[maxsize(KBytes) = <number>] action = <{none|config_load|script_load|reboot}> where: extension REQUIRED maxsize action
The extension of the new file profile.
Choose between:
>
sts
>
ini
The maximum filesize (in KBytes) allowed for files with the extension of this profile.
The default is
100
.
The action to be done when the file with the extension of this profile is downloaded.
Choose between:
>
none
>
config_load
>
script_load
>
reboot
OPTIONAL
REQUIRED
RELATED COMMANDS:
Delete a file profile description.
Display a list of the file profile descriptions.
E-DOC-CTC-20061027-0003 v2.0
706
Upgrade Commands
upgrade profile modify
Modify a file profile description.
SYNTAX:
upgrade profile modify extension = <{sts|ini}>
[maxsize(KBytes) = <number>] action = <{none|config_load|script_load|reboot}> where: extension REQUIRED maxsize action
The extension of the new file profile.
Choose between:
>
sts
>
ini
The maximum filesize (in KBytes) allowed for files with the extension of this profile.
The default is
100
.
The action to be done when the file with the extension of this profile is downloaded.
Choose between:
>
none
>
config_load
>
script_load
>
reboot
OPTIONAL
REQUIRED
RELATED COMMANDS:
Delete a file profile description.
Display a list of the file profile descriptions.
E-DOC-CTC-20061027-0003 v2.0
707
upgrade profile delete
Delete a file profile description.
SYNTAX:
upgrade profile delete extension = <{sts|ini}> where: extension The extension of the profile to be deleted.
Choose between:
>
sts
>
ini
RELATED COMMANDS:
Add a new file profile description.
Display a list of the file profile descriptions.
Upgrade Commands
REQUIRED
708
E-DOC-CTC-20061027-0003 v2.0
Upgrade Commands
upgrade profile list
Display a list of the file profile descriptions.
SYNTAX:
upgrade profile list
RELATED COMMANDS:
Delete a file profile description.
Modify a file profile description.
E-DOC-CTC-20061027-0003 v2.0
709
upgrade ifadd
Add a download interface.
SYNTAX:
upgrade ifadd where: intf intf = <string>
A download interface
RELATED COMMANDS:
Upgrade Commands
REQUIRED
710
E-DOC-CTC-20061027-0003 v2.0
Upgrade Commands
upgrade ifattach
Attach a download interface.
SYNTAX:
upgrade ifattach where: intf intf = <string>
A download interface
RELATED COMMANDS:
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
711
Upgrade Commands
upgrade ifconfig
Configure a download interface.
SYNTAX:
upgrade ifconfig intf = <string>
[protocol = <{tftp|ftp|http|https}>]
[dest = <{loop|Internet|ISDN_backup| ISDN_backup_trigger| lan1|wan1|dmz1|guest1}>]
[server = <string>]
[file = <string>]
[time = <number>] where:
Intf protocol dest server file time
A download interface
The transfer protocol
The destination network interface name
The server name
The file name download cycle time in s
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
RELATED COMMANDS:
712
E-DOC-CTC-20061027-0003 v2.0
Upgrade Commands
upgrade ifdelete
Delete a download interface.
SYNTAX:
upgrade ifdelete where: intf intf = <string>
A download interface
RELATED COMMANDS:
REQUIRED
E-DOC-CTC-20061027-0003 v2.0
713
upgrade ifdetach
Detach a download interface.
SYNTAX:
upgrade ifdetach where: intf intf = <string>
A download interface
RELATED COMMANDS:
Upgrade Commands
REQUIRED
714
E-DOC-CTC-20061027-0003 v2.0
Upgrade Commands
upgrade iflist
List all download interfaces.
SYNTAX:
upgrade iflist
RELATED COMMANDS:
E-DOC-CTC-20061027-0003 v2.0
715
Upgrade Commands
716
E-DOC-CTC-20061027-0003 v2.0
UPnP Commands
40 UPnP Commands
Introduction
This chapter describes the commands of the upnp command group.
Contents
This chapter covers the following commands:
Configure the UPnP™ parameter(s).
Flush the UPnP™ configuration. The UPnP configuration will be reset to the default configuration.
List all registered devices.
E-DOC-CTC-20061027-0003 v2.0
717
UPnP Commands
upnp config
Configure the UPnP™ parameter(s).
SYNTAX:
upnp config [maxage = <number{60-999999}>]
[writemode = <{full | natonly | readonly}>]
[safenat = <{disabled | enabled}>]
[preferredaddress = <ip-address>]
[httpport = <number{1-65535}>] where: maxage writemode safenat preferreda ddress httpport
A number between 60 and 999999.
This parameter allows to configure how often the Thomson ST sends a notification message to advertise its presence as an Internet Gateway
Device (IGD) on the network.
The default is
1800
.
Note
Setting this parameter to a low value will increase the number of packets sent over time on the network, but will make the state of the device more up to date.
Choose the set of rules to limit remote access from UPnP.
Choose between:
>
full
: the host will accept all the UPnP SET and GET actions.
>
natonly
: GET and NAT related SET actions will be accepted, all other actions will be ignored.
>
readonly
: the UPnP control point will only be able to retrieve information, all the SET actions are ignored.
The default is
natonly
.
Enable or disable check on safe NAT entries.
If this check is enabled, all NAT create/delete requests for a LAN side IP address different from the source IP address of the UPnP message will be discarded.
The default is
enabled
.
CSV list of preferred IP address for UPnP advertisements (1 per LAN IP interface).
Note
Enter “0.0.0.0” for none.
A number between 1 and 65535.
Represents the web server port.
The default is
80
.
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
718
UPnP Commands
upnp flush
Flush the UPnP™ configuration. The UPnP configuration will be reset to the default configuration.
SYNTAX:
upnp flush
E-DOC-CTC-20061027-0003 v2.0
719
UPnP Commands
upnp list
List all registered devices. i
Use this command to check whether a PPP connection is properly configured and thus advertised as a PPP service.
SYNTAX:
upnp list where: verbose
[verbose = <number{0-2}>]
Verbose level.
The default is
1
.
OPTIONAL
EXAMPLE:
=>upnp list
---------------- device: IGD.xml ------------
Advertised on: LocalNetwork (10.0.0.138)
-------------- devices/services ------------
++ Root Device: urn:schemas-upnp-org:device:InternetGatewayDevice:1
-- Service 1: urn:upnp-org:serviceId:layer3f
-- Service 2: urn:upnp-org:serviceId:lanhcm
-- Service 3: urn:upnp-org:serviceId:wancic
-- Service 4: urn:upnp-org:serviceId:wandsllc:RELAY
-- Service 5: urn:upnp-org:serviceId:wanpppc:Internet
---------------------- end -----------------
=>
720
E-DOC-CTC-20061027-0003 v2.0
User Commands
41 User Commands
Introduction
This chapter describes the commands of the user command group.
Contents
This chapter covers the following commands:
Add a user.
Modify a user.
Delete a user.
Flush the users.
Display the users.
Display the session rights.
E-DOC-CTC-20061027-0003 v2.0
721
User Commands
user add
Add a user.
i
You can only add a user whose privileges are the same or lower than your own privileges.
SYNTAX:
user add name = <quoted string> password = <password> role = <string>
[hash2 = <string>]
[descr = <quoted string>]
[defuser = <{disabled | enabled}>]
[defremadmin = <{disabled | enabled}>]
[deflocadmin = <{disabled | enabled}>] where: name password role hash2 descr defuser defremadmin deflocadmin
The new user name.
Note
1. The maximum number of users is 10.
2. The maximum length is 32 characters.
The password.
Note
The maximum length is 32 characters.
The role name.
Tip
Use the command
:mlp role list to obtain the role name (see
for more information).
The MD5 hash.
Note
The maximum length is 32 characters.
A user description.
Note
The maximum length is 63 characters.
Set this user as the default user (enabled) or not (disabled).
Note
When the Web interface is accessed, the account of this user will be used by default. The user will not need to authenticate himself with user name or password.
The default is
disabled
.
Set this user as the default remote administrator (enabled) or not
(disabled).
The default is
disabled
.
Set this user as the default local administrator (enabled) or not
(disabled).
The default is
disabled
.
REQUIRED
REQUIRED
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
722
User Commands
EXAMPLE:
In the example below, the user Administrator creates a new user JohnDoe. This user has lower access rights than the user “Poweruser”.
{Administrator}=>user list
User
----
Administrator tech
{Administrator}[user]=>add name = JohnDoe password = ****
Flags Role
----- ----
U
R
Administrator
TechnicalSupport
Please retype password for verification.
password = **** role = Administrator
[hash2] =
[descr] =
[defuser] =
[defremadmin] =
:user add name=JohnDoe password=_CYP_x9O/lhxuRyMME role=Administrator
{Administrator}=>user list
User
----
Administrator tech
JohnDoe
{Administrator}=>
Flags Role
----- ----
U
R
Administrator
TechnicalSupport
Administrator
DESCRIPTION:
>
U
: indicates the default user.
>
R
: indicates the default remote administrator.
RELATED COMMANDS:
Delete a user.
Display the users.
E-DOC-CTC-20061027-0003 v2.0
723
User Commands
user config
Modify a user.
i
You can only modify a user whose privileges are the same or lower than your own privileges.
SYNTAX:
user config name = <string>
[password = <password>]
[role = <string>]
[descr = <quoted string>]
[defuser = <{disabled | enabled}>]
[defremadmin = <{disabled | enabled}>]
[deflocadmin = <{disabled | enabled}>] where: name password role descr defuser defremadmin deflocadmin
The user name.
The password.
Note
The maximum length is 32 characters.
The role name.
Tip
Use the command
:mlp role list to obtain the role names (see
“ mlp role list” on page 563 for more informa-
tion).
A user description.
Note
The maximum length is 63 characters.
Set this user as the default user (enabled) or not (disabled).
Note
When the Web interface is accessed, the account of this user will be used by default. The user will not need to authenticate himself with user name or password.
The default is
disabled
.
Set this user as the default remote administrator (enabled) or not
(disabled).
The default is
disabled
.
Set this user as the default local administrator (enabled) or not
(disabled).
The default is
disabled
.
REQUIRED
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
724
User Commands
EXAMPLE:
{Superuser}=>user list
User
====
Superuser aPoweruser
{Superuser}=>user config name=aPoweruser role=LAN_admin
{Superuser}=>user list
User
====
Role
====
Superuser aPoweruser root
LAN_admin
{Superuser}=>
Role
==== root
Poweruser
E-DOC-CTC-20061027-0003 v2.0
725
User Commands
user delete
Delete a user.
i
You can only delete a user whose privileges are the same or lower than your own privileges.
SYNTAX:
user delete where: name name = <string>
The name of the user to be deleted.
REQUIRED
EXAMPLE:
{Administrator}=>user list
User
----
Administrator tech
JohnDoe
{Administrator}=>user delete name = JohnDoe
{Administrator}=>user list
User
----
Flags Role
----- ----
Administrator tech
U
R
Administrator
TechnicalSupport
{Administrator}=>
U
R
Flags Role
----- ----
Administrator
TechnicalSupport
Administrator
RELATED COMMANDS:
Add a user.
Display the users.
E-DOC-CTC-20061027-0003 v2.0
726
User Commands
user flush
Flush the users.
!
After execution of this command, the access to the Thomson ST will no longer be protected by a password. The first user that logs on, after initiating a new Telnet session, will have the same administrative rights as a user with the role
root
.
SYNTAX:
user flush
EXAMPLE:
{Administrator}=>user list
User
----
Administrator tech
JohnDoe
{Administrator}=>user flush
{Administrator}=>user list
{Administrator}=>
U
R
Flags Role
----- ----
Administrator
TechnicalSupport
Administrator
When this Telnet session is terminated and a new Telnet session is initiated, the following welcome screen will appear:
Username :
------------------------------------------------------------------------
*
*
*
*
*
*
*
*
_/
//
/
_____/__
/
/\_____/___ \
\
*
* __/
* / /
/
_______//_______/
/ \ \
/
/ \ \
\_______\/
/
\
/
______ SpeedTouch 620
___/_____/\
/
/ /
/ /
/\\
\\
/\ \
Version 5.3.0.10
Copyright (c) 1999-2004,
/ _\/______
/ / /\
/ _\__
/ / /\
THOMSON
* /_/______/___________________/ /________/ /___/ \
* \ \ \ ___________ \ \ \ \ \ /
* \_\
* \
\
\/
/
/
/\
\
\ \
\ \
\ \___\/
\ /
*
*
*
*
*
*
*
*
\_____/
/__________/
\
\____\/
/
\ /___\/
\
\
\ \________\/
\
\ /
_____ \
/\ \
/____/ \ \ /
/___\/
\
/_____\/
/
------------------------------------------------------------------------
=>
The user will not have to authenticate himself to gain access to the Thomson ST.
E-DOC-CTC-20061027-0003 v2.0
727
User Commands
user list
Display the users.
SYNTAX:
user list [name = <string>]
[channel = <{ftp | telnet | http | mdap | serial}>]
[origin = <{lan | wan | local}>]
[secure = <{disabled | enabled}>] where: name channel origin secure
The user name.
Note
If not specified, all the users will be listed.
The selected channel.
Choose between:
>
ftp
>
telnet
>
http
>
mdap
>
serial.
Note
If not specified, all the channels will be listed.
The selected origin.
Choose between:
>
lan
>
wan
>
local.
Note
If not specified, all the origins will be listed.
The selected security level.
Choose between:
>
disabled
>
enabled.
Note
If not specified, all the security levels will be listed.
OPTIONAL
OPTIONAL
OPTIONAL
OPTIONAL
E-DOC-CTC-20061027-0003 v2.0
728
User Commands
EXAMPLE:
{Administrator}=>user list
User
----
Administrator tech
{Administrator}=>user list name=tech channel=http origin=wan service(s): r_lan, r_wan, r_fs_view, r_fs_retrieve, r_rtg, r_fwdg, r_nat, r_frwl, r_ipsec_norm, r_ipsec_adv, r_certificates, r_remote_mgnt, r_local, r_qos, w_lan, w_wan, w_fs_passive, w_rtg, w_fwdg, w_nat, w_frwl_norm, w_frwl_adv, w_frwe_mgnt, w_ipsec, w_certificates, w_remote_mgnt, w_local, w_qos, snd_lan, snd_wan, snd_local, and_lan, and_wan, and_frwl, and_local, user_admin, mlp_admin, secure_ipsec_term, secure_br, cli, cgi, ftp, mdap, zone_45, zone_46, zone_47, zone_48, zone_49, zone_50, zone_51, zone_52, zone_53, zone_54, zone_55, zone_56, zone_57, zone_58, zone_59, zone_60, zone_61, zone_62, swk_activation, sensitve_file, zone_71, zone_72, zone_73, zone_74, zone_75, zone_76, zone_77, zone_78, zone_79, zone_83, zone_84, zone_85, zone_86, zone_87, zone_88, zone_89, zone_90, zone_91, zone_92, traces
{Administrator}=>
U
R
Flags Role
----- ----
Administrator
TechnicalSupport
RELATED COMMANDS:
Add a user.
Delete a user.
E-DOC-CTC-20061027-0003 v2.0
729
User Commands
user rights
Display the session rights.
i
The user rights of the currently logged-in user are shown.
SYNTAX:
user rights
EXAMPLE:
{Administrator}=>user rights
Current session info: user: access: name='Administrator', role='Administrator' lan (origin_lan), telnet (channel_telnet), unsecure (unsecure_connection) service(s): r_lan, r_wan, r_fs_view, r_fs_retrieve, r_rtg, r_fwdg, r_nat, r_frwl, r_ipsec_norm, r_ipsec_adv, r_certificates, r_remote_mgnt, r_local, r_qos, w_lan, w_wan, w_fs_passive, w_rtg, w_fwdg, w_nat, w_frwl_norm, w_frwl_adv, w_frwe_mgnt, w_ipsec, w_certificates, w_remote_mgnt, w_local, w_qos, snd_lan, snd_wan, snd_local, and_lan, and_wan, and_frwl, and_local, user_admin, mlp_admin, secure_ipsec_term, secure_br, cli, cgi, ftp, mdap, zone_45, zone_46, zone_47, zone_48, zone_49, zone_50, zone_51, zone_52, zone_53, zone_54, zone_55, zone_56, zone_57, zone_58, zone_59, zone_60, zone_61, zone_62, swk_activation, sensitve_file, zone_71, zone_72, zone_73, zone_74, zone_75, zone_76, zone_77, zone_78, zone_79, zone_83, zone_84, zone_85, zone_86, zone_87, zone_88, zone_89, zone_90, zone_91, zone_92, traces
{Administrator}=>
730
E-DOC-CTC-20061027-0003 v2.0
Abbreviations
42 Abbreviations
The table below lists all the abbreviations used in the CLI Reference Guide.
Abbreviation
DNS
DPD
DSCP
DSD
DSL
ECN
EF
FCS
CLP
CO
CPE
CRL
CTD
CWMP
DHCP
DN
FTP
GRE
GRP
HDLC
BSSID
CA
CAPI
CC
CEP
CHAP
CIDR
CLI
AAL5
ACL
ADSL
AES
AF
AP
ARP
ATM
Description
ATM Adaption Layer 5
Access Control List
Asymmetric Digital Subscriber Line
Advanced Encryption System
Assured Forwarding
Access Point
Address Resolution Protocol
Asynchronous Transfer Mode
Base Service Set IDentifier
Certificate Authority
Common ISDN Application Interface
Continuity Check
Certificate Enrollment Protocol
Challenge Handshake Authentication Protocol
Classless Inter Domain Routing
Command Line Interface
Cell Loss Priority
Central Office
Customer Premises Equipment
Certificate Revocation List
Conformance Traffic Descriptor
CPE WAN Management Protocol
Dynamic Host Configuration Protocol
Distinguished Name
Domain Name System
Dead Peer Detection
Differentiated Services Code Point
Differentiated Service Delivery
Digital Subscriber Line
Explicit Congestion Notification
Expedited Forwarding
Frame Check Sequence
File Transfer Protocol
General Routing Encapsulation
Gateway Routing Protocol
High-level Data Link Control
E-DOC-CTC-20061027-0003 v2.0
731
Abbreviations
732
Abbreviation
MTU
NAPT
NAT
NLPID
NTP
OAM
OBC
OID
LDAP
LLC
MAC
MC
MD5
MGCP
MLP
MPLS
PAP
PBX
PFS
PKCS
PKI
POTS
PPP
IPCP
IPSec
ISDN
ISI
KB
Kbps
LAN
LCP
HTTP
ICMP
IDS
IGD
IGMP
IKE
IP
IP oA
Description
HyperText Transfer Protocol
Internet Control Message Protocol
Intrusion Detection System
Internet Gateway Device
Internet Group Management Protocol
Internet Key Exchange
Internet Protocol
IP over ATM
Internet Protocol Control Protocol
IP Security
Integrated Services Digital Network
Independent Set ID
Kilobytes
Kilobits per second
Local Area Network
Link Control Protocol
Light-weight Directory Access Protocol
Logical Link Control
Medium Access Control
MultiCast
Message Digest 5
Media Gateway Control Protocol
Multi-Level access Policy
Multiprotocol Label Switching
Maximum Transmission Unit
Network Address and Port Translation
Network Address Translation
Network Layer Protocol IDentifiers
Network Time Protocol
Operation and Maintenance
On Board Controller
Object IDentifier
Password Authentication Protocol
Private Branch Exchange
Perfect Forward Secrecy
Public Key Cryptography Standard
Public Key Infrastructure
Plain Old Telephone Service
Point-to-Point Protocol
E-DOC-CTC-20061027-0003 v2.0
Abbreviations
Abbreviation
TKIP
ToS
TTL
UA
UDP
ULP
UPnP
URI
SNAP
SNMP
SNR
SNTP
SSH
SSID
TCP
TFTP
RTC
RTT
SAs
SFTP
SHDSL
SIP
SLA
SMTP
PPPoA
PPPoE
PPTP
PSD
PSK
PVC
QoS
RIP
URL
USB
VC
VCI
VCMUX
VDSL
VLAN
Description
PPP over ATM
PPP over Ethernet
Point-to-Point Tunneling Protocol
Power Spectral Density
Pre-Shared Key
Permanent Virtual Channel
Quality of Service
Routing Information Protocol
Real Time Clock
Round Trip Time
Security Associations
Secure File Transfer Protocol
Single Pair High-speed Digital Subscriber Line
Session Initiation Protocol
Service Level Agreement
Simple Mail Transfer Protocol
Sub Network Access Protocol
Simple Network Management Protocol
Signal-to-Noise Ratio
Simple Network Time Protocol
Secure SHell
Service Set IDentifier
Transmission Control Protocol
Trivial File Transfer Protocol
Temporal Key Integrity Protocol
Type of Service
Time To Live
User Agent
User Datagram Protocol
Upper Layer Protocol
Universal Plug and Play
Uniform Resource Identifier
Uniform Resource Locator
Universal Serial Bus
Virtual Channel
Virtual Channel Identifier
Virtual Channel MUltipleXing
Very high speed Digital Subscriber Line
Virtual Local Area Network
E-DOC-CTC-20061027-0003 v2.0
733
Abbreviation
VLSM
VP
VPI
VPN
WAN
WDS
WEP
WFQ
WINS
WLAN
WPA
WRR
Description
Variable Length Subnet Masking
Virtual Path
Virtual Path Identifier
Virtual Private Networking
Wide Area Network
Wireless Distribution System
Wired Equivalent Privacy
Weighted Fair Queueing
Windows Internet Naming Service
Wireless LAN
Wi-Fi Protected Access
Weighted Round Robin
Abbreviations
734
E-DOC-CTC-20061027-0003 v2.0
System Logging Messages
43 System Logging Messages
Introduction
This chapter lists the different System Logging messages.
Contents
This chapter lists the different System Logging messages of the following modules:
E-DOC-CTC-20061027-0003 v2.0
735
System Logging Messages
Auto-PVC Module
Facility
LOCAL5
LOCAL5
LOCAL5
LOCAL5
LOCAL5
LOCAL5
Severity
WARNING
WARNING
WARNING
WARNING
WARNING
WARNING
Contents
AUTOPVC script <script_name> failed
AUTOPVC script <script_name> failed
AUTOPVC script <script_name> (name1, qosb_name) failed
AUTOPVC script <script_name> (name1, qosb_name, name2) failed
AUTOPVC script 'autopvc_change_qos (itable[i].intf, name1, qosb_name) failed
AUTOPVC script <script_name> (name1, name2) failed
Configuration Module
Facility
USER
USER
USER
USER
KERN
Severity
INFO
INFO
INFO
INFO
INFO
DHCP Client Module
Contents
CONFIGURATION saved after running Embedded Setup Wizard
CONFIGURATION saved by user <user_id>
CONFIGURATION backup by user to file <filename>
CONFIGURATION <conf_version> upgraded to version <version>)
SYSTEM reset by user <user_id> to factory defaults: user settings deleted
Facility
LOCAL2
LOCAL2
LOCAL2
LOCAL2
LOCAL2
LOCAL2
LOCAL2
LOCAL2
LOCAL2
LOCAL2
Severity
WARNING
WARNING
WARNING
WARNING
WARNING
WARNING
WARNING
WARNING
WARNING
WARNING
Contents
DHCC lease ip-address <ip-address> bound to intf <intf_id>
DHCC intf <intf_id> renews lease ip-address <ip-address>
DHCC intf <intf_id> rebinds lease ip-address <ip-address> from server<$paratext><Default ¶ Font>(<ip-address>)
DHCC offer received from <ip-address> (can be relay agent) for intf <intf_id>
DHCC server (<ip-address>) offers <ip-address> to intf <intf_id>
DHCC unable to configure ip address: <ip-address> (bootp-reply)
DHCC bootp lease ip-address <ip-address> bound to intf <intf_id> from server (<ip-address>)
DHCC <ip-address> already configured on intf <intf_id>: failure
DHCC <ip-address> (<ip-address>) set on intf <intf_id>: {faillure||ok}
DHCC <ip-address> deleted: {faillure||ok}
E-DOC-CTC-20061027-0003 v2.0
736
System Logging Messages
DHCP Relay Module
Facility
LOCAL2
LOCAL2
LOCAL2
LOCAL2
LOCAL2
LOCAL2
LOCAL2
LOCAL2
LOCAL2
LOCAL2
LOCAL2
Severity
WARNING
WARNING
WARNING
WARNING
WARNING
WARNING
WARNING
WARNING
WARNING
WARNING
WARNING
Contents
DHCR relay: Dropping boot rqs on interface <intf_id> due to invalid giaddr for server (<ip-address>)
DHCR relay: Dropping boot reply with invalid relay agent option from
<intf_id>
DHCR relay: Dropping boot request containing the relay agent option from
<intf_id>
DHCR relay: Dropping boot reply to unknown interface from <intf_id>
DHCR relay: Dropping boot reply to inactive interface <intf_id>
DHCR relay: Dropping boot reply to inactive interface <intf_id>
DHCR relay: Dropping boot request packet with spoofed giaddr field from
<intf_id>
DHCR relay: Dropping boot request received on unknown interface from
<intf_id>
DHCR relay: Dropping boot request on inactive interface <intf_id>
DHCR relay: Dropping boot request with invalid hops field on interface
<intf_id>
DHCR relay: Dropping boot request with invalid giaddr on interface <intf_id>
DHCP Server Module
Facility
LOCAL2
LOCAL2
LOCAL2
LOCAL2
LOCAL2
Severity
WARNING
WARNING
WARNING
WARNING
WARNING
Contents
DHCS server: <DHCP Offer | DHCP ACK> cannot be send due to invalid server identifier
DHCS server: DHCPACK cannot be send due to invalid server identifier
DHCS server: DHCPNAK cannot be send due to invalid server identifier
DHCS server up
DHCS server went down
E-DOC-CTC-20061027-0003 v2.0
737
System Logging Messages
Dyndns Module
Facility
DYNDNS
Severity
WARNING
DYNDNS WARNING
DYNDNS WARNING
DYNDNS WARNING
DYNDNS
DYNDNS
NOTICE
WARNING
DYNDNS WARNING
DYNDNS
DYNDNS
WARNING
NOTICE
DYNDNS WARNING
Contents
<DYNDNS_ STR_ID> Connection failed to <dyndns_service> for client
<dyndns_client>
<DYNDNS_ STR_ID> Failed to resolve host name <dyndns_service> for client <dyndns_client>
<DYNDNS_ STR_ID> Server Timeout(<dyndns_service>) for client
<dyndns_client>
<DYNDNS_ STR_ID> Update failed to server <dyndns_service> for client
<dyndns_client>
<DYNDNS_ STR_ID> client <dyndns_client> <"started"||"stopped">
<DYNDNS_ STR_ID> Update failed for client <dyndns_client>, incomplete configuration
<DYNDNS_ STR_ID> Update failed for client <dyndns_client> (<message>), host <hostname> has not been updated
<DYNDNS_ STR_ID> Update failed for client <dyndns_client>
<DYNDNS_ STR_ID> Host <hostname> has been updated successfully by
<dyndns_service>
<DYNDNS_ STR_ID> Authentication failed to server <dyndns_service>
Firewall Module
Facility
AUTH
AUTH
Severity
WARNING
WARNING
Contents
FIREWALL Hook: <hookname> Rule ID:<rule_id> Protocol: ICMP
Src_ip: <ip_address> Dst_ip: <ip_address>
ICMP message type: <message_type_name || message_type_id > Action:
<action>
FIREWALL Hook: <hookname> Rule ID:<rule_id> Protocol: <protocol_name>
Src_ip_port: <ip-address:ip_port> Dst_ip_port: <ip-address:ip_port>
Action: <action>
E-DOC-CTC-20061027-0003 v2.0
738
System Logging Messages
LOGIN Module
Facility
AUTH
AUTH
AUTH
AUTH
AUTH
AUTH
AUTH
AUTH
Severity
NOTICE
NOTICE
NOTICE
NOTICE
NOTICE
NOTICE
NOTICE
NOTICE
Kernel Module
Contents
LOGOUT User <user_id> logged out on <connection_type> (<ip-address>)
LOGOUT User <user_id> logged out on <connection_type>
LOGOUT <session_name> session of user <user_id> killed (<ip-address>)
LOGOUT <session_name> session of user <user_id> killed
LOGIN User <user_id> tried to login on <connection_type> (from <ipaddress>)
LOGIN User <user_id> logged in on <connection_type> (from <ip-address>)
LOGIN User logged in on <connection_type> (<ip-address>)
LOGIN User <user_id> tried to log in on <connection_type>
Facility
KERN
KERN
KERN
Severity
WARNING
WARNING
EMERG
Contents
KERNEL cold reset
KERNEL warm reset
KERNEL Controlled restart (after internal error or explicit system reboot)
Linestate Module
Facility
LOCAL5
LOCAL5
Severity
NOTICE
NOTICE
Contents
xDSL linestate up (downstream: <bitrate_in> kbit/s, upstream: <bitrate_out> kbit/s) xDSL linestate up
(downstream: <bitrate_in> kbit/s, upstream: <bitrate_out> kbit/s;
output Power Down: <outputPowerDn> dBm, Up: <outputPowerUp> dBm;
line Attenuation Down: <lineAttenuationDn> dB, Up: <lineAttenuationUp> dB; snr Margin Down: <snrMarginDn> dB, Up: <snrMarginUp> dB)"
NAPT Module
Facility
LOCAL4
Severity
INFO
Contents
NAPT Protocol: <TCP | UDP | ICMP> Open port: <port> Helper: <app_name>
=> <"failed" | "ok">
E-DOC-CTC-20061027-0003 v2.0
739
System Logging Messages
PPP Module
Facility
LOCAL0
LOCAL0
AUTH
AUTH
AUTH
AUTH
AUTH
AUTH
AUTH
LOCAL0
LOCAL0
AUTH
AUTH
AUTH
AUTH
AUTH
AUTH
AUTH
AUTH
Severity
WARNING
WARNING
ERROR
INFO
INFO
DEBUG
INFO
DEBUG
DEBUG
ERROR
ERROR
ERROR
INFO
NOTICE
ERROR
INFO
INFO
INFO
ERROR
Contents
PPP Link up (<intf name>)
PPP Link down (<intf name>)
PPP PAP authentication failed (<intf name>) [protocol reject]
PPP PAP on intf <intf_id> no response to authenticate-request
PPP PAP remote user <remote_user_name> successful authenticated
PPP PAP authentication for remote user <remote_user> failed
PPP PAP Authenticate Ack received
PPP PAP Authenticate Nack received
PPP PAP Authenticate Request sent
PPP PAP authentication failed (<intf name>)
PPP CHAP authentication failed (<intf name>)
PPP CHAP authentication failed [protocol reject(server)]
PPP CHAP authentication failed [protocol reject(client)]
PPP CHAP Receive challenge (rhost = <hostname>)
PPP CHAP Chap receive success : authentication ok
PPP CHAP Challenge Send (Id = <challenge_id>)
PPP CHAP Send status response: {ack || nack}
PPP IPCP cannot determine remote IP address (<intf name>)
PPP IPCP cannot determine locale IP address (<intf name>)
PPTP Module
Facility
LOCAL0
LOCAL0
Severity
WARNING
WARNING
Contents
PPTP tunnel (<Pbname>) up:(<ip addr>)
PPTP tunnel (<Pbname>) down:(<ip addr>)
E-DOC-CTC-20061027-0003 v2.0
740
System Logging Messages
RIP Module
LOCAL1 INFO
LOCAL1 INFO
LOCAL1 INFO
LOCAL1 INFO
LOCAL1 INFO
LOCAL1 INFO
LOCAL1 INFO
LOCAL1 INFO
LOCAL1 INFO
LOCAL1 INFO
LOCAL1 INFO
LOCAL1 INFO
LOCAL1 INFO
LOCAL1 INFO
LOCAL1 INFO
LOCAL1 INFO
LOCAL1 INFO
Facility Severity Contents
LOCAL1 INFO
LOCAL1 INFO
RIP Packet received from unknown interface
RIP Packet size is smaller than minimum size
LOCAL1 INFO
LOCAL1 INFO
LOCAL1 INFO
LOCAL1 INFO
LOCAL1 INFO
LOCAL1 INFO
LOCAL1 INFO
LOCAL1 INFO
LOCAL1 INFO
RIP Packet size is greater than maximum size
RIP Wrong RIP packet alignment
RIP RIP version 0 with command <command-name> received
RIP Reserved field not zero in RIP header
RIP RIP is not enabled for network address <ip-address>
RIP Packet's v<version_nr> does not match to RIP v<version_nr>
RIP Packet's v<version_nr> does not match to RIP v<version_nr> on interface
<intf-name>
RIP Packet v<version_nr> is dropped because authentication is disabled on interface <intf-name>
RIP Simple password authentication failed on interface<intf-name>
RIP No authentication in RIP packet
RIP Obsolete command <command-name> received
RIP Unknown RIP command received
RIP Response does not come from default RIP port
RIP Datagram doesn't come from a valid neighbor: <ip-address>
RIP Unsupported family from <ip-address>
RIP Network is net 127, class D or class E network
RIP Address <ip-address> is my own address, net 0 or not unicast
RIP RIPv1 packet with incorrect must be zero fields
RIP Route metric is not in the 1-16 range
RIP Nexthop address is not directly reachable <ip-address>
RIP RIPv2 address <ip-address> is not correct mask /<mask> applied
RIP Not configured for sending RIPv1 packet on interface <intf-name>
RIP RIP routing table is full
RIP Neighbor <ip-address> is not connected to direct network
RIP Interface <intf-name> has not any valid local IP address for sending RIPv2 packets
RIP Interface <intf-name> has not any valid %s address for sending
RIPv<version_nr> packets
E-DOC-CTC-20061027-0003 v2.0
741
System Logging Messages
Facility Severity Contents
LOCAL1 INFO RIP IP Address <ip-address> not found in RIP table
Routing Module
Facility
LOCAL1
Severity
INFO
LOCAL1 INFO
SECURITY INFO
SECURITY INFO
Contents
GRP Default destination is routed via gateway <ip_address>
GRP Default destination is not routed anymore via gateway <ip_address>
LABEL Rule Id:<rule_id> Protocol: ICMP Src_ip: <ip_address> Dst_ip:
<ip_address> ICMP message type: <message_type_name || message_type_id >
Label: <label_name>
LABEL Rule Id:<rule_id> Protocol: <protocol_name> Src_ip: <ip_address>
Dst_ip: <ip_address> Label: <label_name>
Session Module
Facility
AUTH
Severity
NOTICE
SNTP Module
Contents
SESSION TIMEOUT Timeout! (after <seconds> sec)
Facility
NTP
NTP
NTP
NTP
NTP
NTP
NTP
NTP
Severity
WARNING
WARNING
WARNING
INFO
INFO
WARNING
ERROR
ERROR
Contents
SNTP Unable to contact server: <SNTP server ip>
SNTP Server not synchronized: <SNTP server ip>
SNTP Invalid response from server: <SNTP server ip>
SNTP Synchronized to server: <SNTP server ip>
SNTP Synchronized again to server: <SNTP server ip>
SNTP Roundtrip exceeds limits
SNTP No server(s) configured, check configuration
SNTP Systemtime update: time setting <systemtime> > new time setting:
<new time>
E-DOC-CTC-20061027-0003 v2.0
742
System Logging Messages
Software Module
Facility
KERN
KERN
Severity
INFO
INFO
Contents
SOFTWARE File <Filename> <receive || transmit> initiated
SOFTWARE File <Filename> <receive || transmit><““ || not> successful terminated"
UPnP Module
Facility Severity
WARNING SECURITY
NOTICE
NOTICE
SECURITY
SECURITY
Contents
UPnP<ActionName> refused for ip=<ip_address>
UPnP <ActionName> (<Error_string>) for ip=<ip_address>
UPnP action <ActionName> from ip=<ip_address> (<Error_string>)
E-DOC-CTC-20061027-0003 v2.0
743
System Logging Messages
744
E-DOC-CTC-20061027-0003 v2.0
Supported Key Names
44 Supported Key Names
Contents
This chapter lists all the key names supported by the Thomson ST, that can be used for completing CLI command parameters:
Differentiated Services Code Point (DSCP)
E-DOC-CTC-20061027-0003 v2.0
745
Supported Key Names
Supported IP Protocols
For more information on the listed IP protocols, see RFC1340 or www.iana.org.
rdp rsvp tcp udp vines xns-idp
6to4 egp esp ggp gre hmp icmp igmp pup
Protocol name Number Description
ah 51 Authentication Header (AH)
27
46
6
17
83
22
20
1
2
12
8
50
3
47
Exterior Gateway Protocol (EGP)
Encapsulating Security Payload (ESP)
Gateway Gateway Protocol (GGP)
General Routing Encapsulation (GRE)
Host Monitoring Protocol (HMP)
Internet Control Message Protocol (ICMP)
Internet Group Management Protocol (IGMP)
PUP Protocol
Reliable Data Protocol (RDP)
Resource Reservation Protocol (RSVP)
Transmission Control Protocol (TCP)
User Datagram Protocol (UDP)
Vines
Xerox NS IDP
746
E-DOC-CTC-20061027-0003 v2.0
Supported Key Names
Supported TCP/UDP Port Names
For more information on the listed TCP/UDP port assignments, see RFC1340 or www.iana.org.
Port name
echo tftp gopher finger www-http kerberos rtelnet pop2 pop3 sunrpc auth sqlserver nntp ntp smtp time nicname dns domain sql*net bootps bootpc discard systat daytime qotd chargen ftp-data ftp telnet
Number TCP UDP Description
7 Y Y Echo
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
88
107
109
110
69
70
79
80
111
113
118
119
123
53
66
67
68
25
37
43
53
19
20
21
23
9
11
13
17
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Discard
Active Users
Daytime
Quote of the Day
Character Generator
File Transfer (Default data)
File Transfer (Control)
Telnet
Simple Mail Transfer Protocol (SMTP)
Time
Who Is
Domain Name System (DNS)
Domain Name System (DNS)
Oracle SQL*NET
Bootstrap Protocol Server
Bootstrap Protocol Client
Trivial File Transfer Protocol (TFTP)
Gopher
Finger
World Wide Web (WWW) HTTP
Kerberos
Remote Telnet Service
Post Office Protocol (POP) - Version 2
Post Office Protocol (POP) - Version 3
SUN Remote Procedure Call
Authentication Service
SQL Services
Network News Transfer Protocol (NNTP)
Network Time Protocol (NTP)
E-DOC-CTC-20061027-0003 v2.0
747
Supported Key Names
748
Port name
sntp snmptrap bgp irc-o at-rtmp at-nbp at-echo at-zis ipx ingres-net netbios-ns netbios-dgm netbios-ssn imap2 sql-net pcmail-srv snmp imap3 clearcase ulistserv ldap netware-ip snpp ike biff exec login who syslog printer talk
Number TCP UDP Description
123 Y Y Simple Network Time Protocol (SNTP)
512
513
513
514
515
517
-
Y
Y
Y
-
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
-
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
-
-
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
202
204
206
213
162
179
194
201
143
150
158
161
134
137
138
139
396
444
500
512
220
371
372
389
INGRES-NET Service
NETBIOS Naming System
NETBIOS Datagram Service
NETBIOS Session Service
Internet Message Access Protocol (IMAP) v2
SQL-NET
PCMail Server
Simple Network Management Protocol (SNMP)
SNMP Trap
Border Gateway Protocol (BGP)
Internet Relay Chat (IRC) - o
AppleTalk RouTing Maintenance Protocol (RTMP)
AppleTalk Name Binding Protocol (NBP)
AppleTalk Echo
AppleTalk Zone Information System (ZIS)
Novell
Internet Message Access Protocol (IMAP) v3
ClearCase
UNIX Listserv
Lightweight Directory Access Protocol (LDAP)
Novell Netware over IP
Simple Network Paging Protocol (SNPP)
ISAKMP
Used by mail system to notify users of new mail received
Remote process execution
Remote login a la telnet
Maintains data bases showing who's logged in to machines on a local net and the load average of the machine
Syslog
Spooler
Like Tenex link, but across machine
E-DOC-CTC-20061027-0003 v2.0
Supported Key Names
Port name
ntalk utime rip timed netwall new-rwho uucp uucp-rlogin rtsp whoami ipcserver doom ils h323 nfsd sip xwindows irc-u realaudio httpproxy
600
666
1002
1720
2049
5060
6000
6667
7070
8080
525
533
540
540
540
554
565
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Number TCP UDP Description
518 Y Y NTalk
519
520 -
Y Y
Y
UNIX Time
Local routing process (on site); uses variant of Xerox
NS Routing Information Protocol (RIP)
Timeserver
For emergency broadcasts uucpd remote who is uucpd uucpd remote login
Real Time Streaming Protocol (RTSP) whoami
SUN IPC Server
Doom ID Software
Internet Locator Service (ILS)
H323 Host Call Secure
NFS deamon
Session Initiation Protocol (SIP)
X windows
Internet Relay Chat (IRC) Protocol realaudio
HTTP Proxy
E-DOC-CTC-20061027-0003 v2.0
749
Supported Key Names
Supported ICMP Type Names
For more information on the listed ICMP type names, see RFC1340 or www.iana.org.
ICMP Type name
echo-reply
Number Description
0 Echo Reply destination-unreachable 3 source-quench 4 redirect echo-request
5
8 router-advertisement router-solicitation time-exceeded parameter-problems
9
10
11
12 timestamp-request timestamp-reply information-request information-reply address-mask-request address-mask-reply
13
14
15
16
17
18
Destination Unreachable
Source Quench
Redirect
Echo
Router Advertisement
Router Solicitation
Time Exceeded
Parameter problems
Timestamp
Timestamp Reply
Information Request
Information Reply
Address Mask Request
Address Mask Reply
750
E-DOC-CTC-20061027-0003 v2.0
Supported Key Names
Supported Facilities
news uucp cron security ftp ntp audit logalert clock local0 local1 local2 local3 local4 local5 local6 local7 all kern user mail daemon auth syslog lpr
For more information on the listed facilities, see RFC3164.
Facilty Name Hierarchy
Code
0
104
112
-
120
128
136
144
152
160
168
176
184
72
80
88
96
40
48
56
64
8
16
24
32
Syslog facility
(listed according descending importance)
Kernel messages
User-level messages
Mail system
System daemons
Authorization messages
Syslog daemon messages
Line printer subsystem
Network news subsystem
UUCP subsystem
Clock daemon
Security messages
FTP daemon
NTP subsystem
Log audit
Log alert
Clock daemon
Local use messages
All facilities (Thomson ST specific facility parameter value.
E-DOC-CTC-20061027-0003 v2.0
751
Supported Key Names
Supported Severities
For more information on the listed severities, see RFC3164.
Severity Name
emerg alert crit err warning notice info debug
IP Precedence
5
6
7
3
4
1
2
Hierarchy
Code
0
Syslog severity
(listed according descending importance)
Emergency conditions, system unusable
Alert conditions, immediate action is required
Critical conditions
Error conditions
Warning conditions
Normal but significant conditions
Informational messages
Debug-level messages
Precedence
Routine
Priority
Immediate
Flash
Flash-Override
CRITIC-ECP
Internetwork-Control
Network-Control
5
6
7
3
4
1
2
Numbe r
0
E-DOC-CTC-20061027-0003 v2.0
752
Supported Key Names
Differentiated Services Code Point (DSCP)
For more information on DSCP, see RFC3260.
PHB
ef cs7 cs6 cs5 cs4 af23 af11 af12 af13 cs3 cs2 cs1 cs0 af32 af33 af21 af22 af41 af42 af43 af31
PHB Name
Expedited Forwarding
Assured Forwarding 41
Assured Forwarding 42
Assured Forwarding 43
Assured Forwarding 31
Assured Forwarding 32
Assured Forwarding 33
Assured Forwarding 21
Assured Forwarding 22
Assured Forwarding 23
Assured Forwarding 11
Assured Forwarding 12
Assured Forwarding 13
Class Selector 7
Class Selector 6
Class Selector 5
Class Selector 4
Class Selector 3
Class Selector 2
Class Selector 1
Class Selector 0
Binary value
101110
010010
001110
001100
001010
111000
110000
101000
100000
100110
100100
100010
011110
011100
011010
010110
010110
011000
010000
001000
000000
E-DOC-CTC-20061027-0003 v2.0
753
Supported Key Names
754
E-DOC-CTC-20061027-0003 v2.0
Index
A
aal5stats
actlist
eth bridge dynvlan actlist 265
add
addpriv
addzone adsl
appconfig
E-DOC-CTC-20061027-0003 v2.0
appinfo
applist
arpadd
arpdelete
arplist
assign
atm bundle
cac
debug
oam cc
vclb
phonebook
755
qosbook
attach
autolist
autopvc
autosave
B
bind
bindlist
C
capture
clean
clear
dns server debug spoof clear 194
eth bridge igmpsnooping clear 284
756
Index
config
eth bridge igmpsnooping config 280
E-DOC-CTC-20061027-0003 v2.0
Index
upgrade
connection
ctdadd
ctddelete
ctdlist
cwmp
server
D
debug
del
delete
E-DOC-CTC-20061027-0003 v2.0
dhcp client rqoptions delete 123
dhcp client txoptions delete 127
describe
detach
dhcp client debug
rqoptions
757
txoptions
relay
debug
rule
debug
server
debug
lease
option
pool
758
Index disable
dns client
server
debug
spoof
host
route
dnsadd
dnsdelete
dnslist
dsd
debug connection
intercept
syslog
urlfilter
rule
E-DOC-CTC-20061027-0003 v2.0
Index
dump
dyndns
host
service
E
egress
env
eth bridge
dynvlan
E-DOC-CTC-20061027-0003 v2.0
igmpsnooping
rule
vlan
device
switch group
mirror
qos
shaper
share
storm
759
exec
vlan
export
expr
F
firewall chain
debug
level
rule
debug
760
Index flush
E-DOC-CTC-20061027-0003 v2.0
Index
G
get
getaddress
dns server debug spoof getaddress 195
getflags
dns server debug spoof getflags 196
grouplist
grp
rip
gstats
H
hostmgr
httpprobe
I
ids
parser
pattern
E-DOC-CTC-20061027-0003 v2.0
signature
threshold
ifadd
ifattach
ifconfig
eth bridge igmpsnooping ifconfig 282
eth switch shaper ifconfig 319
ifdelete
761
ifdetach
ifflush iflist
eth bridge igmpsnooping iflist 283
ifrenew
ifscan
ifwait
igmp host
debug
762
Index
proxy
debug
import
info
ingress
instadd
dhcp server option instadd 161
instdelete
dhcp server option instdelete 163
instlist
dhcp server option instlist 164
interface
ip
auto
debug
E-DOC-CTC-20061027-0003 v2.0
Index
mcast
ipadd
ipconfig
ipdelete iplist
ipqos
ef
queue
K
Key names