User Guide

ManualsBrandsAlcatel-Lucent ManualsOtherSPEDDTOUCH DSL ROUTERS

131

132

133

134

135

136

137

138

139

140

Chapter 5. Command Line Interface Reference 137

ETH IP ENABLE

Enables IP routing across the Ethernet LAN. This command acts as a master switch allowing you to enable IP

routing.

ETH IP FILTER

Defines an IP filter on the Ethernet interface of the connection. The filter is used to screen IP packets, and it

operates at the interface level. Each interface is defined by three types of filters: Input, Forward, and Output

filters. For more information about IP filters and Firewall, refer to

Chapter 4. IP Filtering on page 93

eth ip enable

[

port#

]

port#

Port number of the Ethernet LAN. This number must be 0

or 1, or it may be omitted.

Example:

eth ip enable

eth ip filter

<command> <type> <action> <parameters> [<port#>]

command

append <

type

action

> <

parameters

> Append a filter to the end of this <

type

insert <

type

> <

action

> <

parameters

> Insert a filter at the front of this <

type

delete <

type

> <

action

> <

parameters

> Delete the first filter matching this filter.

flush <

type

> Delete all filters of this <

type

> from this interface.

check <

type

> <

parameters

> Check the action to take (Accept, Drop, Reject) based

on the parameters.

list <

type

> List all filters of a <

type

> on this interface.

watch on | off Print out a message to the console if a packet to or

from this remote is dropped or rejected.

type

input

output

forward

action

drop

reject

parameters

Each IP filter can have any combination of the following parameters used for matching against

the IP packet. Below are the option/value pairs currently possible:

p <

protocol

>|TCP|UDP|ICMP

where <

protocol

> is an IP protocol number or the string TCP, UDP, ICMP.

If <

protocol

> is 0 (or the -p option is not specified), this IP filter will match

any

protocol.

sa <

first source ip addr

>[:<

last source ip addr

where <

first source ip addr

> defines the first or only source IP address and <

last source ip

addr

>, if present, defines the last source IP address in a range. If not specified, <

first source ip

addr

> is assumed to be 0.0.0.0, <

last source ip addr

> is assumed to be 255.255.255.255.