Manualshelf

Install guide

ManualsBrandsAllied Telesis ManualsSwitchAT 8648T/2SP
51525354555657585960
Software Version 2.7.6 53
Software Version 2.7.6
C613-10462-00 REV A
Command Reference Updates
This section describes any new commands and the changed portions of any
modified commands and output screens. It uses boldface to highlight new
parameters and options of existing commands, and new fields of existing
output.
add firewall monitor
Syntax ADD FIREwall MOnitor=monitor-id IP=ipadd
COPyto=ip-interface [APPlyto={PRIVate|PUBlic|BOTH}]
where:
monitor-id is an integer from 1 to 65535
ipadd is an IPv4 address in dotted decimal notation
ip-interface is a VLAN or Eth interface such as vlan2 or eth0. The interface
can be a logical interface such as vlan2-1 or eth0-1
Description This command specifies an IP address for the firewall to monitor. The firewall
makes a copy of every packet that comes from and goes to that address. It
sends the copy over the Eth interface or VLAN that you specify.
There is no limit on the number of IP addresses you can monitor, although you
should consider the speed impact of monitoring a high proportion of traffic.
Caution: If you create two or more monitors that monitor a given firewall
session on the same firewall applyto interface, the firewall only uses the
last-created monitor.
The monitor parameter specifies an identification number for the monitor.
The ip parameter specifies the IP address of the monitored device. The firewall
monitors any firewall sessions that have this IP address in any of the session
fields. These session fields display in output from the show firewall session
command, and are summarised in the following table.
IP field name in session Meaning
IP The source address of outbound packets and the
destination address of inbound packets in this session, as
seen on the private side of the firewall.
Remote IP The destination address of outbound packets and the
source address of inbound packets in this session, as seen
on the private side of the firewall.
Gbl IP The source address of outbound packets and the
destination address of inbound packets in this session, as
seen on the public side of the firewall. If NAT is not
configured, this is the same as IP.
Gbl Remote IP The destination address of outbound packets and the
source address of inbound packets in this session, as seen
on the public side of the firewall. If NAT is not configured,
this is the same as Remote IP.