Technical data
Table Of Contents
- Preface
- Introduction
- Chapter 1. Advanced Topics
- Chapter 2. Planning For Router Configuration
- Important Terminology
- Collect your Configuration Information
- PPP Link Protocol (over ATM or Frame Relay)
- IP Routing Network Protocol
- IPX Routing Network Protocol
- Bridging Network Protocol
- RFC 1483 / RFC 1490 Link Protocols
- IP Routing Network Protocol
- IPX Routing Network Protocol
- Bridging Network Protocol
- MAC Encapsulated Routing: RFC 1483MER / RFC 1490MER Link Protocols
- IP Routing Network Protocol
- FRF8 Link Protocol
- IP Routing Network Protocol
- Dual Ethernet Router Configuration
- General Information
- Configuring the Dual Ethernet Router as a Bridge
- Configuring the Dual Ethernet Router for IP Routing
- Chapter 3. Configuring Router Software
- Configuration Tables
- Configuring PPP with IP Routing
- Configuring PPP with IPX Routing
- Configuring PPP with Bridging
- Configuring RFC 1483 / RFC 1490 with IP Routing
- Configuring RFC 1483 / RFC 1490 with IPX Routing
- Configuring RFC 1483 / RFC 1490 with Bridging
- Configuring MAC Encapsulated Routing: RFC 1483MER / RFC 1490MER with IP Routing
- Configuring FRF8 with IP Routing
- Configuring Mixed Network Protocols
- Configuring a Dual Ethernet Router for IP Routing
- Verify the Router Configuration
- Sample Configurations
- Sample Configuration 1 — PPP with IP and IPX
- Scenario
- Sample Configuration 1 — Diagram for Target Router (SOHO)
- Sample Configuration 1 — Tables For Target Router (SOHO)
- Sample Configuration 1 - Check the Configuration with the “list” Commands
- Information About Names And Passwords
- Sample Configuration 2 — RFC 1483 with IP and Bridging
- Scenario
- Sample Configuration 2 — Diagram for Target Router SOHO
- Sample Configuration 2 — Tables For Target Router (SOHO)
- Sample Configuration 2 - Check the Configuration with the “list” Commands
- Sample Configuration 3 — Configuring a Dual Ethernet Router for IP Routing
- Scenario
- Configuration Tables
- Chapter 4. Configuring Special Features
- Bridging Filtering and IP Firewall
- IP (RIP) Protocol Controls
- DHCP (Dynamic Host Configuration Protocol)
- General Information
- Manipulating Subnetworks and Explicit Client Leases
- Enabling/disabling a subnetwork or a client lease
- Adding subnetworks and client leases
- Setting the lease time
- Manually changing client leases
- Setting Option Values
- Concepts
- Commands for global option values
- Commands for specific option values for a subnetwork
- Commands for specific option values for a client lease
- Commands for listing and checking option values
- BootP
- About BootP and DHCP
- Enable/Disable BootP
- Use BootP to specify the boot server
- Defining Option Types
- Concepts
- Commands
- Configuring BootP/DHCP Relays
- Other Information
- NAT (Network Address Translation)
- Management Security
- Software Options Keys
- Encryption
- IP Filtering
- L2TP Tunneling - Virtual Dial-Up
- Introduction
- L2TP Concepts
- LNS, L2TP Client, LAC, and Dial User
- L2TP Client Example
- LNS and L2TP Client Relationship
- Tunnels
- Sessions
- Configuration
- Preliminary Steps to Configure a Tunnel
- Verification Steps
- Configuration Commands
- PPP Session Configuration
- Sample Configurations
- Simple L2TP Client Configuration Example
- Complete LNS and L2TP Client Configuration Example
- Configuration Process
- Chapter 5. Command Line Interface Reference
- Command Line Interface Conventions
- System Level Commands
- Router Configuration Commands
- Target Router System Configuration Commands (SYSTEM)
- Target Router Ethernet LAN Bridging and Routing (ETH)
- Remote Router Access Configuration (REMOTE)
- Asymmetric Digital Subscriber Line Commands (ADSL)
- Asynchronous Transfer Mode Commands (ATM)
- Dual Ethernet Router Commands (ETH)
- General information
- High-Speed Digital Subscriber Line Commands (HDSL)
- General information about HDSL
- ISDN Digital Subscriber Line (IDSL)
- General information about IDSL
- Symmetric Digital Subscriber Line Commands (SDSL)
- General information about SDSL
- Dynamic Host Configuration Protocol Commands (DHCP)
- L2TP — Virtual Dial-Up Configuration (L2TP)
- Bridging Filtering Commands (FILTER BR)
- Save Configuration Commands (SAVE)
- Erase Configuration Commands (ERASE)
- File System Commands
- Chapter 6. Managing the Router
- Simple Network Management Protocol (SNMP)
- TELNET Remote Access
- Client TFTP Facility
- TFTP Server
- BootP Server
- Boot Code
- Manual Boot Menu
- Access Manual Boot Mode
- Option 1: Retry Start-up
- Option 2: Boot from FLASH Memory
- Option 3: Boot from Network
- Option 4: Boot from Specific File
- Option 5: Configure Boot System
- Option 6: Set Time and Date
- Option 7: Set Console Baud Rate
- Option 8: Start Extended Diagnostics
- Identifying Fatal Boot Failures
- Software Kernel Upgrades
- Backup and Restore Configuration Files
- FLASH Memory Recovery Procedures
- Recovering Passwords and IP Addresses
- Batch File Command Execution
- Chapter 7. Troubleshooting
- Appendix A. Network Information Worksheets
- Configuring PPP with IP Routing
- Configuring PPP with IPX Routing
- Configuring PPP with Bridging
- Configuring RFC 1483 / RFC 1490 with IP Routing
- Configuring RFC 1483 / RFC 1490 with IPX Routing
- Configuring RFC 1483 / RFC 1490 with Bridging
- Configuring RFC 1483MER / RFC 1490MER with IP Routing
- Configuring FRF8 with IP Routing
- Configuring a Dual Ethernet Router for IP Routing
- Appendix B. Configuring IPX Routing
- Index
139
ETH IP FILTER
This command is used to define an IP filter on the Ethernet interface of the connection. The filter is used to screen
IP packets and operates at the interface level. Each interface is defined by 3 types of filters: Input, Forward, and
Output filters. For more information on IP filters and Firewall, please refer
Configuring Special Features, IP
Filtering - Chapter 4.
command
append <type> <action> <parameters> Append a filter to the end of this <type>
insert <type> <action> <parameters> Insert a filter at the front of this <type>
delete <type> <action> <parameters> Delete the first filter matching this filter
flush <type> Delete all filters of this <type> from this interface
check <type> <parameters> Check the action to take (Accept, Drop, Reject) based
on the parameters
list <type> List all filters of a <type> on this interface
watch on | off Print out a message to the console if a packet to or
from this remote is dropped or rejected
type
input
output
forward
action
accept
drop
reject
parameters
Each IP filter can have any combination of the following parameters used for matching against
the IP packet. Below are the option/value pairs currently possible:
-p <protocol>|TCP|UDP|ICMP
where <protocol> is an IP protocol number or the string "TCP", "UDP", "ICMP".
If <protocol> is 0 (or the -p option is not specified), this IP filter will match ANY protocol.
-sa <first source ip addr>[:<last source ip addr>]
where <first source ip addr> defines the first or only source IP address and <last source ip
addr>, if present, defines the last source IP address in a range. If not specified, <first source ip
addr> is assumed to be 0.0.0.0, <last source ip addr> is assumed to be 255.255.255.255.
-sm <source ip mask>
where <source ip mask>, when present, defines a mask to use when comparing the <first source
ip addr>...<last source ip addr> with the source IP address in the IP packet. If not specified, the
source IP mask is set to 255.255.255.255.
-sp <first source port>[:<last source port>]
where <first source port> defines the first or only source port and <last source port>, if present,
defines the last source port in a range. If not specified, the <first source port> is assumed to be
0, the <last source port> is assumed to be 0xffff.
eth ip filter
<command> <type> <action> <parameters> [<port#>]