Page 356 / 998 Scroll up to view Page 351 - 355
IP
TCP/IP command reference
iMG/RG Software Reference Manual (IPNetwork Functions)
4-54
Example
--> ip set ttl 60
See also
ip show
4.1.8.2.63 IP SHOW
Syntax
ip show
Description
Shows current RIP configuration and any other information global to the router.
Example
--> ip show
Global IP configuration:
Host routes: false
Poison reverse: false
Authentication: false
Auth password:
Advertise default: false
Default Route Cost: 1
Default TTL: 128
See also
IP SET RIP HOSTROUTES
IP SET RIP POISON
4.1.8.2.64 IP SHOW APPSERVICE
Syntax
IP SHOW APPSERVICE {<name>|<number>}
Description
This A number of ISOS processes use the IP stack to provide services, such as SNMP
agent and TFTP server. These services are called AppServices.
This command shows system related information about the specified AppService. The command is typically
used for debugging purposes than for normal system configuration.
Options
The following table gives the range of values for each option that can be specified with
this command and a Default Value (if applicable).
Option
Description
Default Value
name
A name that identifies an existing AppService. To display
AppService names, use the ip list appservices command.
N/A
number
A number that identifies an existing AppService. To dis-
play AppService numbers, use the ip list appservices
command. The number appears in the first column
under the heading ID.
N/A
Page 357 / 998
TCP/IP command reference
IP
4-55
iMG/RG Software Reference Manual (IPNetwork Functions)
4.1.8.2.65 IP SHOW INTERFACE
Syntax
IP SHOW INTERFACE {<name>|<number>}
Description
This command displays the following information about a named interface:
IP address and netmask address (if set). For virtual interfaces, the name of the real
interface that the virtual interface is attached to is also displayed.
MTU (Maximum Transmission Unit)
Status of DHCP
Status of TCP MSS Clamp
Status of RIP send and RIP accept
Status of RIP multicast
Options
The following table gives the range of values for each option that can be specified with
this command and a Default Value (if applicable).
Example
Real IP interface
--> ip show interface ip0
IP Interface: ip0
IPaddr : 10.17.90.153
Mask : 255.255.255.0
Rx Packet Count : 210
Tx Packet Count : 5
MTU : 1500
Dhcp : true
TCP MSS Clamp : false
Source Addr Validation : false
Icmp Router Advertise : false
Accept V1 : false
Option
Description
Default Value
name
An existing IP interface. To display interface names, use
the IP LIST INTERFACES command.
N/A
number
An existing IP interface. To display interface numbers,
use the IP LIST INTERFACES command. The number
appears in the first column under the heading ID.
N/A
Page 358 / 998
IP
TCP/IP command reference
iMG/RG Software Reference Manual (IPNetwork Functions)
4-56
Send V1 : false
Accept V2 : false
Send V2 : false
Send Multicast : false
Example
Virtual IP interface
-> ip show interface ip1
IP Interface: ip1 - virtual [ip0]
IPaddr : 192.168.10.1
Mask : 255.255.255.0
Rx Packet Count : 0
Tx Packet Count : 0
MTU : 1500
Dhcp : false
TCP MSS Clamp : false
Source Addr Validation : false
Icmp Router Advertise : false
Accept V1 : false
Send V1 : false
Accept V2 : false
Send V2 : false
Send Multicast : false
See also
IP SHOW
IP SHOW ROUTE
IP LIST INTERFACES
4.1.8.2.66 IP SHOW ROUTE
Syntax
IP SHOW ROUTE {<name>|<number>}
Description
This command displays the following information about a named route:
Destination IP address
Netmask address
Gateway IP address
Cost: the number of hops counted as the cost of the route
Interface name
Page 359 / 998
Overview
Security
4-57
iMG/RG Software Reference Manual (IPNetwork Functions)
Options
The following table gives the range of values for each option that can be specified with
this command and a Default Value (if applicable).
Example
--> ip show route route3
IP route: DHCP-DefRt1
Destination: 0.0.0.0
Netmask: 0.0.0.0
Gateway: 10.17.90.1
Cost: 1
Interface: ip0
Advertise: false
Route enabled: true
Route valid: true
See also
IP SHOW
IP LIST ROUTES
4.2
Security
This section describes the AT-iMG models built-in security facilities, and how to configure and monitor them.
4.2.1
Overview
The aim of this chapter is to teach you how to configure security services to manage and restrict the traffic that
passes between the Internet and your network, and protect your network infrastructure from attacks. The
components of the package are:
Network Address Translation (NAT)
component; maps multiple addresses on a private network to an exter-
nally-visible address (or range of addresses) on the outside network
Firewall
component; blocks certain traffic between interfaces based on stateful packet information (SPI)
Option
Description
Default Value
name
An existing route. To display route names, use the IP
LIST ROUTES command.
N/A
number
An existing route. To display route numbers, use the
IP LIST ROUTES command. The number appears in
the first column under the heading ID.
N/A
Page 360 / 998
Security
Security support on AT-iMG Models
iMG/RG Software Reference Manual (IPNetwork Functions)
4-58
Intrusion Detection Settings (IDS)
component; implements security measures to protect your network from
suspicious hosts
Security
component; manages the Security package, and enables security features such as management sta-
tions, triggers, security applications, session tracking and application services
4.2.2
Security support on AT-iMG Models
The
Security
module
is the main module in the AT-iMG Models that acts as a server to the other two
security
modules;
Firewall
and
NAT
, forming the Security System (see Figure 7).
This component allows you to:
enable/disable
all modules in the Security package (including the child modules; NAT and Firewal, that
cannot otherwise be configured)
add IP interfaces to the Security package to create
security interfaces
that are used to configure the NAT
and Firewall child modules
configure
triggers
to allow applications to open secondary port sessions
configure
IDSs
(Intrusion Detection Settings)
configure
management stations
to allow a specific host (or range of hosts) remote access to the device
without having to go through NAT and/or Firewall
configure
application services
; to restrict access to a specific application service on a specific IP interface
once the interfaces have been defined as security interface
configure
logging
: (On FIber D,E Modular and ADSL A,B,C models only) to track intrusion events, block-
ing-events and session-events.
FIGURE 4-1
Security modules on AT-iMG Models
4.2.3
Security interfaces
A security interface is an existing IP interface that has been defined as either as
Internal
,
External
and
DMZ
(see Figure To Be Supplied)
Firewall module
NAT module
Security module

Rate

4 / 5 based on 3 votes.

Popular Allied-Telesis Models

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top