CI Command Reference


1. Command Syntax and General User Interface

CI has the following command syntax:

command <iface | device > subcommand [param]
command subcommand [param]
command ? | help
command subcommand ? | help

General user interface:

1.

Shows the following commands and all major (sub)commands

2.

exit Returns to SMT

 


 

[ch-name]: enet0, mpoa00

 

Command

Description

sys

 

 

 

 

 

adjtime

 

 

retrive date and time from Internet

 

cbuf

 

 

 

 

 

display

[a|f|u]

display cbuf a: all f: free u: used

 

 

cnt

 

cbuf static

 

 

 

display

display cbuf static

 

 

 

clear

clear cbuf static

 

baud

 

<1..5>

change console speed

 

callhist

 

 

 

 

 

display

 

display call history

 

 

remove

<index>

remove entry from call history

 

clear

 

 

clear the counters in GUI status menu

 

countrycode

 

[countrycode]

set country code

 

date

 

[year month date]

set/display date

 

domainname

 

 

display domain name

 

edit

 

<filename>

edit a text file

 

enhanced

 

 

return OK if commands are supported for PWC purposes

 

errctl

 

[level]

set the error control level
0:crash no save,not in debug mode (default)
1:crash no save,in debug mode
2:crash save,not in debug mode
3:crash save,in debug mode

 

event

 

 

 

 

 

display

 

display tag flags information

 

 

trace

 

display system event information

 

 

 

display

display trace event

 

 

 

clear <num>

clear trace event

 

extraphnum

 

 

maintain extra phone numbers for outcalls

 

 

add

<set 1-3> <1st phone num> [2nd phone num]

add extra phone numbers

 

 

display

 

display extra phone numbers

 

 

node

<num>

set all extend phone number to remote node <num>

 

 

remove

<set 1-3>

remove extra phone numbers

 

 

reset

 

reset flag and mask

 

feature

 

 

display feature bit

 

fid

 

 

 

 

 

display

 

display function id list

 

firmware

 

 

display ISDN firmware type

 

hostname

 

[hostname]

display system hostname

 

iface

 

 

 

 

 

disp

[#]

display iface list

 

isr

 

[all|used|free]

display interrupt service routine

 

interrupt

 

 

display interrupt status

 

log

 

 

 

 

 

category

 

 

 

 

 

access [0:none/1:log]

record the access control logs

 

 

 

attack [0:none/1:log/2:alert/3:both]

record and alert the firewall attack logs

 

 

 

display

display the category setting

 

 

 

error [0:none/1:log/2:alert/3:both]

record and alert the system error logs

 

 

 

ipsec [0:none/1:log]

record the access control logs

 

 

 

 

 

 

 

 

mten [0:none/1:log]

record the system maintenance logs

 

 

 

upnp [0:none/1:log]

record upnp logs

 

 

 

urlblocked [0:none/1:log/2:alert/3:both]

record and alert the web blocked logs

 

 

 

urlforward [0:none/1:log]

record web forward logs

 

 

clear

 

clear log

 

 

display

 

display all logs

 

 

errlog

 

 

 

 

 

clear

display log error

 

 

 

disp

clear log error

 

 

 

online

turn on/off error log online display

 

 

load

 

load the log setting buffer

 

 

mail

 

 

 

 

 

alertAddr [mail address]

send alerts to this mail address

 

 

 

display

display mail setting

 

 

 

logAddr [mail address]

send logs to this mail address

 

 

 

schedule display

display mail schedule

 

 

 

schedule hour [0-23]

hour time to send the logs

 

 

 

schedule minute [0-59]

minute time to send the logs

 

 

 

schedule policy [0:full/1:hourly/2:daily/3:weekly/4:none]

mail schedule policy

 

 

 

schedule week [0:sun/1:mon/2:tue/3:wed/4:thu/5:fri/6:sat]

weekly time to send the logs

 

 

 

server [domainName/IP]

mail server to send the logs

 

 

 

subject [mail subject]

mail subject

 

 

save

 

save the log setting buffer

 

 

syslog

 

 

 

 

 

active [0:no/1:yes]

active to enable unix syslog

 

 

 

display

display syslog setting

 

 

 

facility [Local ID(1-7)]

log the messages to different files

 

 

 

server [domainName/IP]

syslog server to send the logs

 

mbuf

 

 

 

 

 

cnt

 

 

 

 

 

disp

display system mbuf count

 

 

 

clear

clear system mbuf count

 

 

link

link

list system mbuf link

 

 

pool

<id> [type]

list system mbuf pool

 

 

status

 

display system mbuf status

 

 

disp

<address>

display mbuf status

 

 

debug

[on|off]

 

 

memory

 

<address> <length>

display memory content

 

memwrite

 

<address> <len> [data list ...]

write some data to memory at <address>

 

memwl

 

<address>

write long word to memory at <address>

 

memrl

 

<address>

read long word at <address>

 

memutil

 

 

 

 

 

usage

 

display memory allocate and heap status

 

 

mqueue

<address> <len>

display memory queues

 

 

mcell

mid [f|u]

display memory cells by given ID

 

 

msecs

[a|f|u]

display memory sections

 

 

mtstart

<n-mcell>

start memory test

 

 

mtstop

 

stop memory test

 

 

mtalloc

<size> [n-mcell]

allocate memory for testing

 

 

mtfree

<start-idx> [end-idx]

free the test memory

 

model

 

 

display server model name

 

proc

 

 

 

 

 

display

 

display all process information

 

 

stack

[tag]

display process's stack by a give TAG

 

 

pstatus

 

display process's status by a give TAG

 

queue

 

 

 

 

 

display

[a|f|u] [start#] [end#]

display queue by given status and range numbers

 

 

ndisp

[qid]

display a queue by a given number

 

quit

 

 

quit CI command mode

 

reboot

 

[code]

reboot system 
code = 0 cold boot, 
        = 1 immediately boot
        = 2 bootModule debug mode

 

reslog

 

 

 

 

 

disp

 

display resources trace

 

 

clear

 

clear resources trace

 

stdio

 

[second]

change terminal timeout value

 

time

 

[hour [min [sec]]]

display/set system time

 

timer

 

 

 

 

 

disp

 

display timer cell 

 

 

trace

[on|off]

set/display timer information online

 

 

start

[tmValue]

start a timer

 

 

stop

<ID>

stop a timer

 

trcdisp

 

 

monitor packets

 

trclog

 

 

 

 

 

switch

[on|off]

set system trace log

 

 

online

[on|off]

set on/off trace log online

 

 

level

[level]

set trace level of trace log #:1-10

 

 

type

<bitmap>

set trace type of trace log

 

 

disp

 

display trace log

 

 

clear

 

clear trace

 

 

call

 

display call event

 

 

encapmask

[mask]

set/display tracelog encapsulation mask

 

trcpacket

 

 

 

 

 

create

<entry> <size>

create packet trace buffer

 

 

destroy

 

packet trace related commands

 

 

channel

<name> [none|incoming|outgoing|bothway]

<channel name>=enet0,sdsl00, fr0
set packet trace direction for a given channel

 

 

string

 

enable smt trace log

 

 

switch

[on|off]

turn on/off the packet trace

 

 

disp

 

display packet trace

 

 

udp

 

send packet trace to other system

 

 

 

switch [on|off]

set tracepacket upd switch

 

 

 

addr <addr>

send trace packet to remote udp address

 

 

 

port <port>

set tracepacket udp port

 

 

parse

[[start_idx], end_idx]

parse packet content 

 

 

brief

 

display packet content briefly

 

version

 

 

display RAS code and driver version

 

view

 

<filename>

view a text file

 

wdog

 

 

 

 

 

switch

[on|off]

set on/off wdog

 

 

cnt

[value]

display watchdog counts value: 0-34463

 

romreset

 

 

restore default romfile

 

server

 

 

 

 

 

access

<telnet|ftp|web|icmp|snmp|dns> <value>

set server access type

 

 

load

 

load server information

 

 

disp

 

display server information

 

 

port

<telnet|ftp|web|snmp> <port>

set server port

 

 

save

 

save server information

 

 

secureip

<telnet|ftp|web|icmp|snmp|dns> <ip>

set server secure ip addr

 

spt

 

 

 

 

 

dump

 

dump spt raw data

 

 

 

root

dump spt root data

 

 

 

rn

dump spt remote node data

 

 

 

user

dump spt user data

 

 

 

slot

dump spt slot data

 

 

save

 

save spt data

 

 

size

 

display spt record size

 

 

clear

 

clear spt data

 

cmgr

 

 

 

 

 

trace

 

 

 

 

 

disp <ch-name>

show the connection trace of this channel

 

 

 

clear <ch-name>

clear the connection trace of this channel

 

 

cnt

<ch-name>

show channel connection related counter

 

socket

 

 

display system socket information

 

filter

 

 

 

 

 

clear

 

clear filter statistic counter

 

 

disp

 

display filter statistic counters

 

 

sw

[on|off]

set filter status switch

 

 

set

<set>

display filter rule

 

 

 

 

 

 

 

 

 

 

 

 

netbios

 

 

 

 

 

disp

display netbios filter status

 

 

 

config <0:LAN to WAN, 1:WAN to LAN, 2:LAN to DMZ, 3:IPSec passthrough, 4:Trigger Dial> <on|off>

config netbios filter

 

ddns

 

 

 

 

 

debug

<level>

enable/disable ddns service

 

 

display

<iface name>

display ddns information

 

 

restart

<iface name>

restart ddns

 

 

logout

<iface name>

logout ddns

 

cpu

 

 

 

 

 

display

 

display CPU utilization


Command

Description

exit

 

 

 

exit smt menu


       <ch-name> : enet0, mpoa00 

Command

Description

ether

 

 

 

 

 

config

 

 

display LAN configuration information

 

driver

 

 

 

 

 

cnt

 

 

 

 

 

disp <name>

display ether driver counters

 

 

 

clear <name>

clear ether driver counters

 

 

iface

<ch_name> <num>

send driver iface

 

 

ioctl

<ch_name>

Useless in this stage.

 

 

mac

<ch_name> <mac_addr>

Set LAN Mac address

 

 

reg

<ch_name>

display LAN hardware related registers

 

 

rxmod

<ch_name> <mode>

set LAN receive mode. 

mode: 1: turn off receiving 

2: receive only packets of this interface 

3: mode 2+ broadcast 

5: mode 2 + multicast 

6: all packets

 

 

status

<ch_name>

see LAN status

 

 

init

<ch_name>

initialize LAN

 

version

 

 

see ethernet device type

 

pkttest

 

 

 

 

 

disp

 

 

 

 

 

packet <level>

set ether test packet display level

 

 

 

event <ch> [on|off]

turn on/off ether test event display

 

 

sap

[ch_name]

send sap packet

 

 

arp

<ch_name> <ip-addr>

send arp packet to ip-addr

 

 

mem

<addr> <data> [type]

write memory data in address

 

test

 

<ch_id> <test_id> [arg3] [arg4]

do LAN test

 

pncconfig

 

<ch_name>

do pnc config

 

mac

 

<src_ch> <dest_ch> <ipaddr>

fake mac address

  


<hostid> format : xxx.xxx.xxx.xxx (ip Address)
<ether addr> format : xx:xx:xx:xx:xx:xx
<iface> : enif0, wanif0
<gw> : gateway ip address  

Command

Description

ip

 

 

 

 

 

address

 

[addr]

display host ip address

 

loopbackaddr

 

<IP1> [IP2]

Set loopback address.

 

alias

 

<iface>

alias iface

 

aliasdis

 

<0|1>

disable alias

 

arp

 

 

 

 

 

status

<iface>

display ip arp status

 

 

add

<hostid> ether <ether addr>

add arp information

 

 

resolve

<hostid>

resolve ip-addr

 

 

drop

<hostid> [hardware]

drop arp 

 

 

flush

 

flush arp table

 

 

publish

 

add proxy arp

 

dhcp

 

<iface>

 

 

 

client

 

 

 

 

 

release

release DHCP client IP

 

 

 

renew

renew DHCP client IP

 

 

mode

<server|relay|none|client>

set dhcp mode

 

 

relay

server <serverIP>

set dicp relay server ip-addr

 

 

reset

 

reset dhcp table

 

 

server

 

 

 

 

 

probecount <num>

set dhcp probe count

 

 

 

dnsserver <IP1> [IP2] [IP3]

set dns server ip-addr

 

 

 

winsserver <winsIP1> [<winsIP2>]

set wins server ip-addr

 

 

 

gateway <gatewayIP>

set gateway

 

 

 

hostname <hostname>

set hostname

 

 

 

initialize

fills in DHCP parameters and initializes (for PWC purposes)

 

 

 

leasetime <period>

set dhcp leasetime

 

 

 

netmask <netmask>

set dhcp netmask

 

 

 

pool <startIP> <numIP>

set dhcp ip pool

 

 

 

renewaltime <period>

set dhcp renew time

 

 

 

rebindtime <period>

set dhcp rebind time

 

 

 

reset

reset dhcp table

 

 

 

server <serverIP>

set dhcp server ip for relay

 

 

 

dnsorder [router|isp]

set dhcp dns order

 

 

status

[option]

show dhcp status

 

 

static

 

 

 

 

 

delete <num>|all

delete static dhcp mac table

 

 

 

display

display static dhcp mac table

 

 

 

update <num> <mac> <ip>

update static dhcp mac table

 

dns

 

 

 

 

 

query

 

 

 

 

 

address <ipaddr> [timeout]

resolve ip-addr to name

 

 

 

debug <num>

enable dns debug value

 

 

 

name <hostname> [timeout]

resolve name to ip-addr

 

 

 

status

display dns query status

 

 

 

table

display dns query table

 

 

server

<primary> [secondary] [third]

set dns server

 

 

stats

 

 

 

 

 

clear

clear dns statistics 

 

 

 

disp

display dns statistics 

 

 

table

 

display dns table

 

httpd

 

 

 

 

 

debug

[on|off]

set http debug flag

 

icmp

 

 

 

 

 

echo

[on|off]

set icmp echo response flag

 

 

data

<option>

select general data type

 

 

status

 

display icmp statistic counter

 

 

trace

[on|off]

turn on/off trace for debugging

 

 

discovery

<iface> [on|off]

set icmp router discovery flag

 

ifconfig

 

[iface] [ipaddr] [broadcast <addr> |mtu <value>|dynamic]

configure network interface

 

ifdrop

 

<iface>

chaek if iface is available.

 

ping

 

<hostid>

ping remote host

 

pong

 

<hostid> [<size> <time-interval>]

pong remote host

 

route

 

 

 

 

 

status

[if]

display routing table

 

 

add

<dest_addr|default>[/<bits>] <gateway> [<metric>]

add route

 

 

addiface

<dest_addr|default>[/<bits>] <gateway> [<metric>]

add an entry to the routing table to iface

 

 

addprivate

<dest_addr|default>[/<bits>] <gateway> [<metric>]

add private route

 

 

drop

<host addr> [/<bits>]

drop a route

 

 

flush

 

flush route table

 

 

lookup

<addr>

find a route to the destination

 

 

errcnt

 

 

 

 

 

disp

display routing statistic counters

 

 

 

clear

clear routing statistic counters

 

status

 

 

display ip statistic counters

 

adjTcp

 

<iface> [<mss>]

adjust the TCP mss of iface

 

udp

 

 

 

 

 

status

 

display udp status

 

rip

 

 

 

 

 

accept

<gateway>

drop an entry from the RIP refuse list

 

 

activate

 

enable rip

 

 

merge

[on|off]

set RIP merge flag

 

 

refuse

<gateway>

add an entry to the rip refuse list

 

 

request

<addr> [port]

send rip request to some address and port

 

 

reverse

[on|off]

RIP Poisoned Reverse

 

 

status

 

display rip statistic counters

 

 

trace

 

enable debug rip trace

 

 

mode

 

 

 

 

 

<iface> in [mode]

set rip in mode

 

 

 

<iface> out [mode]

set rip out mode

 

 

dialin_user

[show|in|out|both|none]

show dialin user rip direction

 

tcp

 

 

 

 

 

ceiling

[value]

TCP maximum round trip time

 

 

floor

[value]

TCP minimum rtt

 

 

irtt

[value]

TCP default init rtt

 

 

kick

<tcb>

kick tcb

 

 

limit

[value]

set tcp output window limit

 

 

max-incomplete

[number]

Set the maximum number of TCP incomplete connection.

 

 

mss

[value]

TCP input MSS

 

 

reset

<tcb>

reset tcb

 

 

rtt

<tcb> <value>

set round trip time for tcb

 

 

status

[tcb] [<interval>]

display TCP statistic counters

 

 

syndata

[on|off]

TCP syndata piggyback

 

 

trace

[on|off]

turn on/off trace for debugging

 

 

window

[tcb]

TCP input window size

 

samenet

 

<iface1> [<iface2>]

display the ifaces that in the same net

 

uninet

 

<iface>

set the iface to uninet

 

tftp

 

 

 

 

 

support

 

pritn if tfpt is support

 

 

stats

 

display tftp status

 

xparent

 

 

 

 

 

join

<iface1> [<iface2>]

join iface2 to iface1 group

 

 

break

<iface>

break iface to leave ipxparent group

 

antiprobe

 

<0|1> 1:yes 0:no

set ip anti-probe flag

 

igmp

 

 

 

 

 

debug

[level]

set igmp debug level

 

 

forwardall

[on|off]

turn on/off igmp forward to all interfaces flag

 

 

querier

[on|off]

turn on/off igmp stop query flag

 

 

iface

 

 

 

 

 

<iface> grouptm <timeout>

set igmp group timeout

 

 

 

<iface> interval <interval>

set igmp query interval

 

 

 

<iface> join <group>

join a group on iface

 

 

 

<iface> leave <group>

leave a group on iface

 

 

 

<iface> query

send query on iface

 

 

 

<iface> rsptime [time]

set igmp response time

 

 

 

<iface> start

turn on of igmp on iface

 

 

 

<iface> stop

turn off of igmp on iface

 

 

 

<iface> ttl <threshold>

set ttl threshold

 

 

 

<iface> v1compat [on|off]

turn on/off v1compat on iface

 

 

robustness

<num>

set igmp robustness variable

 

 

status

 

dump igmp status

 

pr

 

 

 

 

 

clear

 

clear ip pr table counter information

 

 

disp

 

dump ip pr table counter information

 

 

switch

 

turn on/off ip pr table counter flag

 

nat

 

 

 

 

 

timeout

 

 

 

 

 

gre [timeout]

set nat gre timeout value

 

 

 

iamt [timeout]

set nat iamt timeout value

 

 

 

generic [timeout]

set nat generic timeout value

 

 

 

reset [timeout]

set nat reset timeout value

 

 

 

tcp [timeout]

set nat tcp timeout value

 

 

 

tcpother [timeout]

set nat tcp other timeout value

 

 

update

 

create nat system information from spSysParam

 

 

iamt

 

display nat iamt information

 

 

iface

<iface>

show nat status of an interface

 

 

lookup

<rule set>

display nat lookup rule

 

 

new-lookup

<rule set>

display new nat lookup rule

 

 

loopback

[on|off]

turn on/off nat loopback flag

 

 

reset

<iface>

reset nat table of an iface

 

 

server

 

 

 

 

 

disp

display nat server table

 

 

 

load <set id>

load nat server information from ROM

 

 

 

save

save nat server information to ROM

 

 

 

clear <set id>

clear nat server information

 

 

 

edit active <yes|no>

set nat server edit active flag

 

 

 

edit svrport <start port> [end port]

set nat server server port

 

 

 

edit intport <start port> [end port]

set nat server forward port

 

 

 

edit remotehost <start ip> [end ip]

set nat server remote host ip

 

 

 

edit leasetime [time]

set nat server lease time

 

 

 

edit rulename [name]

set nat server rule name

 

 

 

edit forwardip [ip]

set nat server server ip

 

 

 

edit protocol [protocol id]

set nat server protocol

 

 

service

 

 

 

 

 

irc [on|off]

turn on/off irc flag

 

 

resetport

 

reset all nat server table entries

 

 

incikeport

[on|off]

turn on/off increase ike port flag

 


Command

Description

wan

adsl

bert

 

ADSL ber

 

 

chandata

 

ADSL channel data, line rate

 

 

close

 

Close ADSL line

 

 

coding

 

ADSL standard current

 

 

ctrleint

 

ADSL CTRLE response command

 

 

defbitmap

 

ADSL defect bitmap status

 

 

dyinggasp

 

Send ADSL dyinggasp

 

 

fwav

 

Test the ADSL F/W available ping

 

 

fwdl

 

Download modem code, but must reset first

 

 

linedata

 

 

 

 

 

near

Show ADSL near end noise margin

 

 

 

far

Show ADSL far end noise margin

 

 

open

 

Open ADSL line

 

 

opencmd

 

Open ADSL line with specific standard

 

 

opmode

 

Show the operational mode

 

 

perfdata

 

Show performance information,CRC,FEC, error seconds..

 

 

rdata

[start] [length]

Read DSP CTRLE registers 512 bytes

 

 

reset

 

Reset ADSL modem, and must reload the modem code again

 

 

selftest

 

 

 

 

 

long

ADSL long loop test

 

 

 

short

ADSL short loop test

 

 

status

 

ADSL status (ex: up, down or wait for init)

 

 

version

 

ADSL version information

 

 

vendorid

 

ADSL vendor information

 

 

utopia

 

Show ADSL utopia information

 

 

cellcnt

 

Show ADSL cell counter

 

 

display

 

 

 

 

 

shutdown

Show the counter of rate adaptive mechanism happening

 

 

 

rateup

Show real status that rate adaptive mechanism happened

 

 

rateadap

[on|off]

Turn on/off rate adaptive mechanism

 

 

dumpcondition

[on|off]

Turn on/off online debug information of rate adaptive mechanism

 

 

sampletime

[mins]

Tune the sample time of rate adaptive mechanism

 

 

noisegt

[dB]

if noise margin is 3db greater than before, and rate is worse than before, then system will do “L1 shutdown RA3”, default is 3db

 

 

noisemargin

[dB]

if noise margin is greater than this value, and rate is worse  than before, then system will do “L1 shutdown RA3”, default is 8db

 

 

persisttime

[time]

when the adaptive condition is matched system will continue to monitor the time period “persisttime” before doing “L1 shutdown RA3”, default is 30 seconds

 

 

timeinterval

[mins]

when “L1 shutdown RA3” is done twice, and still can’t reach the max rate which system recorded, it will delay a time period that the period base time is”timeinterval” before starting again. The time-based default is 2 hrs

 

 

defectcheck

[on|off]

Turn on/off detect table checking, default is on

 

 

txgain

[value]

Set the CTRLE register (0xc3), the value is from 0xfa to 0x06

 

 

targetnoise

[value]

Set the CTRLE register (0xc4), the value is from 0xfa to 0x06

 

 

maxtonelimit

[value]

Set the CTRLE register (0xc5), the value is from 0xfa to 0x06

 

 

rxgain

[value]

Set the CTRLE register (0xc6), the value is from 0xfa to 0x06

 

 

txoutputpwr

[value]

Set the CTRLE register (0xc7), the value is from 0xfa to 0x06

 

 

rxoutputpwr

[value]

Set the CTRLE register (0xc8), the value is from 0xfa to 0x06

 

 

maxoutputpwr

[value]

Set the CTRLE register (0xc9), the value is from 0xfa to 0x06

 

 

errorsecond

 

 

 

 

 

sendes

Send current error second information immediately

 

 

dygasprecover

 

 

 

 

dygasprecover

level [value]

By default is 100, after receiving 100 dying gasp system will reboot

 

 

dygasprecover

active [on|off|

Turn on/off this mechanism

 

 

rsploss

[1|0]

Turn on means to response signal loss of CTRLE immediately, default is off

 

atm

test

[fix|rand|period|oam|loopback]

Generate ATM traffic

 

hwsar

disp

 

Display hwsar packets incoming/outgoing information

 

 

clear

 

Clear hwsar packets information

 

 


Command

Description

ppp

 

 

 

 

 

autotrigger

 

 

 

 

 

on

<remoteNodeIndex>

turn on packet trigger, default is enable  

 

 

off

<remoteNodeIndex>

turn off packet trigger

 

 

status

 

show autotrigger status

 

retry

 

<interval>

adjust PPP retrial interval

 


Command

Description

bridge

 

 

 

 

 

mode

 

<1/0> (enable/disable)

turn on/off (1/0) LAN promiscious mode

 

blt

 

 

related to bridge local table

 

 

disp

<channel>

display blt data

 

 

reset

<channel>

reset blt data

 

 

traffic

 

display local LAN traffic table

 

 

monitor

[on|off]

turn on/off traffice monotor. Default is off.

 

 

time

<sec>

set blt re-init interval

 

brt

 

 

related to bridge route table

 

 

disp

[id]

display brt data

 

 

reset

[id]

reset brt data

 

cnt

 

 

related to bridge routing statistic table

 

 

disp

 

display bridge route counter

 

 

clear

 

clear bridge route counter

 

stat

 

 

related to bridge packet statistic table

 

 

disp

 

display bridge route packet counter

 

 

clear

 

clear bridge route packet counter

 

disp

 

 

display bridge source table

 


Command

Description

Wlan

 

 

 

 

 

active

[on|off]

[0|1]

Turn on/off wireless lan

 

association

 

 

Show association list

 

load

 

 

Load WLAN configuration into buffer.

 

Display

 

 

Display WLAN configuration data.

 

chid

 

 

Configure channel ID 

 

essid

 

 

Configure ESSID

 

hiddenssid

 

[on/off]

Enable/Disable hidden SSID

 

threshold

 

 

 

 

 

rts

<RTS threshold value>

Set threshold rts value

 

 

Fragment

<Fragment threshold value>

Set threshold fragmentation value

 

wep

 

 

 

 

 

type

<none|64|128|256>

Set WEP key to 64, 128 or 256 bits.

 

 

Key

Set <set> <value>

Set WEP key value per set

 

 

Key

Default <set>

Set WEP default key set

 

macfilter

 

 

 

 

 

Enable

 

Enable macfilter

 

 

Disable

 

Disable macfilter

 

 

Action

<allow|deny>

When action match, allow or deny this mac

 

 

Set

<Set#> <MAC Address>

Set mac address by set

 

Clear

 

 

Clear all WLAN configuration data.

 

Save

 

 

Save WLAN configuration working buffer to Rom file.

 

filter

 

 

 

 

 

[incoming |

outgoing]

<generic>[set#1][set#2][set#3][set#4]

To set generic filter for wireless channel

   


Command

Description

radius

 

 

 

 

 

auth

 

 

show current radius authentication server configuration

 

acco

 

 

show current radius accounting server configuration

 


Command

Description

8021x

 

 

 

 

 

debug

level

[debug level]

set ieee802.1x debug message level

 

 

trace

 

show all supplications in the supplication table

 

 

user

[username]

show the specified user status in the supplicant table

 


 

Command

Description

config

The parameters of config are listed below.

edit

firewall

active <yes|no>

 

 

Activate or deactivate the saved firewall settings

retrieve

firewall

 

 

 

Retrieve current saved firewall settings

save

firewall

 

 

 

Save the current firewall settings

display

firewall

 

 

 

Displays all the firewall settings

 

 

set <set#>

 

 

Display current entries of a set configuration; including timeout values, name, default-permit, and number of rules in the set.

 

 

set <set#>

rule <rule#>

 

Display current entries of a rule in a set.

 

 

attack

 

 

Display all the attack alert settings in PNC

 

 

e-mail

 

 

Display all the e-mail settings in PNC

 

 

?

 

 

Display all the available sub commands

 

 

e-mail

mail-server <mail server IP>

 

Edit the mail server IP to send the alert

 

 

 

return-addr <e-mail address>

 

Edit the mail address for returning an email alert

 

 

 

e-mail-to <e-mail address>

 

Edit the mail address to send the alert

 

 

 

policy <full | hourly |daily | weekly>

 

Edit email schedule when log is full or per hour, day, week.

 

 

 

day <sunday | monday | tuesday | wednesday | thursday | friday | saturday>

 

Edit the day to send the log when the email policy is set to Weekly

 

 

 

hour <0~23>

 

Edit the hour to send the log when the email policy is set to daily or weekly

 

 

 

minute <0~59>

 

Edit the minute to send to log when the email policy is set to daily or weekly

 

 

 

Subject <mail subject>

 

Edit the email subject

 

 

attack

send-alert <yes|no>

 

Activate or deactivate the firewall DoS attacks notification emails

 

 

 

block <yes|no>

 

Yes: Block the traffic when exceeds the tcp-max-incomplete threshold

 

 

 

 

 

No: Delete the oldest half-open session when exceeds the tcp-max-incomplete threshold

 

 

 

block-minute <0~255>

 

Only valid when sets 'Block' to yes. The unit is minute

 

 

 

minute-high <0~255>

 

The threshold to start to delete the old half-opened sessions to minute-low

 

 

 

minute-low <0~255>

 

The threshold to stop deleting the old half-opened session

 

 

 

max-incomplete-high <0~255>

 

The threshold to start to delete the old half-opened sessions to max-incomplete-low

 

 

 

max-incomplete-low <0~255>

 

The threshold to stop deleting the half-opened session

 

 

 

tcp-max-incomplete <0~255>

 

The threshold to start executing the block field

 

 

set <set#>

name <desired name>

 

Edit the name for a set

 

 

 

default-permit <forward|block>

 

Edit whether a packet is dropped or allowed when it does not match the default set

 

 

 

icmp-timeout <seconds>

 

Edit the timeout for an idle ICMP session before it is terminated

 

 

 

udp-idle-timeout <seconds>

 

Edit the timeout for an idle UDP session before it is terminated

 

 

 

connection-timeout <seconds>

 

Edit the wait time for the SYN TCP sessions before it is terminated

 

 

 

fin-wait-timeout <seconds>

 

Edit the wait time for FIN in concluding a TCP session before it is terminated

 

 

 

tcp-idle-timeout <seconds>

 

Edit the timeout for an idle TCP session before it is terminated

 

 

 

pnc <yes|no>

 

PNC is allowed when 'yes' is set even there is a rule to block PNC

 

 

 

log <yes|no>

 

Switch on/off sending the log for matching the default permit

 

 

 

rule <rule#>

permit <forward|block>

Edit whether a packet is dropped or allowed when it matches this rule

 

 

 

 

active <yes|no>

Edit whether a rule is enabled or not

 

 

 

 

protocol <0~255>

Edit the protocol number for a rule. 1=ICMP, 6=TCP, 17=UDP...

 

 

 

 

log <none|match|not-match|both>

Sending a log for a rule when the packet none|matches|not match|both the rule

 

 

 

 

alert <yes|no>

Activate or deactivate the notification when a DoS attack occurs or there is a violation of any alert settings. In case of such instances, the function will send an email to the SMTP destination address and log an alert.

 

 

 

 

srcaddr-single <ip address>

Select and edit a source address of a packet which complies to this rule

 

 

 

 

srcaddr-subnet <ip address> <subnet mask>

Select and edit a source address and subnet mask if a packet which complies to this rule.

 

 

 

 

srcaddr-range <start ip address> <end ip address>

Select and edit a source address range of a packet which complies to this rule.

 

 

 

 

destaddr-single <ip address>

Select and edit a destination address of a packet which complies to this rule

 

 

 

 

destaddr-subnet <ip address> <subnet mask>

Select and edit a destination address and subnet mask if a packet which complies to this rule.

 

 

 

 

destaddr-range <start ip address> <end ip address>

Select and edit a destination address range of a packet which complies to this rule.

 

 

 

 

tcp destport-single <port#>

Select and edit the destination port of a packet which comply to this rule. For non-consecutive port numbers, the user may repeat this command line to enter the multiple port numbers.

 

 

 

 

tcp destport-range <start port#> <end port#>

Select and edit a destination port range of a packet which comply to this rule.

 

 

 

 

udp destport-single <port#>

Select and edit the destination port of a packet which comply to this rule. For non-consecutive port numbers, users may repeat this command line to enter the multiple port numbers.

 

 

 

 

udp destport-range <start port#> <end port#>

Select and edit a destination port range of a packet which comply to this rule.

 

 

 

 

desport-custom <desired custom port name>

Type in the desired custom port name

delete

firewall

e-mail

 

 

Remove all email alert settings

 

 

attack

 

 

Reset all alert settings to defaults

 

 

set <set#>

 

 

Remove a specified set from the firewall configuration

 

 

set <set#>

rule <rule#>

 

Remove a specified rule in a set from the firewall configuration

insert

firewall

e-mail

 

 

Insert email alert settings

 

 

attack

 

 

Insert attack alert settings

 

 

set <set#>

 

 

Insert a specified rule set to the firewall configuration

 

 

set <set#>

rule <rule#>

 

Insert a specified rule in a set to the firewall configuration

cli

 

 

 

 

Display the choices of command list.

 


Command

Description

sys

 

 

 

 

 

firewall

 

 

 

 

 

acl

 

 

 

 

 

disp

Display specific ACL set # rule #, or all ACLs.

 

 

active

<yes|no>

Active firewall or deactivate firewall

 

 

cnt

 

 

 

 

 

disp

Display firewall log type and count.

 

 

 

clear

Clear firewall log count.

 

 

pktdump

 

Dump the 64 bytes of dropped packet by firewall

 

 

update

 

Update firewall

 

 

dynamicrule

 

 

 

 

tcprst

 

 

 

 

 

rst

Set TCP reset sending on/off.

 

 

 

rst113

Set TCP reset sending for port 113 on/off.

 

 

 

display

Display TCP reset sending setting.

 

 

icmp

 

 

 

 

dos

 

 

 

 

 

smtp

Set SMTP DoS defender on/off

 

 

 

display

Display SMTP DoS defender setting.

 

 

 

ignore

Set if firewall ignore DoS in lan/wan/dmz/wlan

 

 

ignore

 

 

 

 

 

triangle

Set if firewall ignore triangle route in lan/wan/dmz/wlan

 

 

 

 

 

 


No

Command

Description

Comment

 

sys bridge [on|off]

Set system bridge on/off

Menu 1

 

sys routeip [on|off]

Set system IP routing on/off

Menu 1

 

sys hostname [hostname]

Set system name

Menu 1

 

sys display

Display hostname, routing/bridge mode information in menu 1

Display Menu 1

 

sys default

Load All Default Settings Except LAN and DHCP.

 

 

sys save

Save all the parameters which will include menu1, menu 3.2 LAN, menu 4 or menu 11 WAN, menu 12 static route, menu 15 NAT server set, menu 21 filter sets, menu 22 SNMP, menu 24.11 remote management and 3.5 Wireless LAN

 

 

 

 

 

 

wan backup mechanism [dsl | icmp]

Set wan backup mechanism to DSL link or ICMP

Menu 2

 

wan backup addr [index] [IP addr]

Set wan ip address <index>

Menu 2

 

wan backup tolerance [number]

Set keepalive fail tolerance

Menu 2

 

wan backup recovery [interval(sec)]

Set recovery interval

Menu 2

 

wan backup timeout [number]

Set ICMP timeout

Menu 2

 

wan backup save

Save wan backup related parameters

Menu 2

 

wan backup display

Display wan backup configurations

Menu 2

 

wan tredir active [on|off]

Set traffic redirect on/off

Menu 2.1

 

wan tredir ip [IP addr]

Set traffic redirect gateway IP address

Menu 2.1

 

wan tredir metric [number]

Set traffic redirect metric

Menu 2.1

 

wan tredir save

Save traffic redirect related parameters

** Have to apply “wan backup save” command thereafter

Menu 2.1

 

wan tredir display

Display traffic redirect configurations

Menu 2.1

 

 

 

 

 

lan index [1|2|3]

1: Select main LAN Interface

2: Select IP Alias 1

3: Select IP Alias 2

Select a LAN interface to edit

Menu 3.2

 

lan active [on|off]

Turn on or off on IP Alias Interface

Menu 3.2.1

 

lan ipaddr [address] [subnet mask]

Set LAN IP address and subnet mask

Example:

> lan ipaddr 192.168.1.1 255.255.255.0

Menu 3.2

 

lan rip [none|in|out|both] [rip1|rip2b|rip2m]

Set LAN IP RIP mode and RIP version, if you choose none in the first parameter, the second parameter is also necessary

Menu 3.2

 

lan multicast [none|igmpv1|igmpv2]

Set LAN IP multicast mode

Menu 3.2

 

lan filter [incoming|outgoing] [tcpip|generic] [set#1] [set#2] [set#3] [set#4]

Set LAN filter to be incoming/outgoing or protocol /device and the filter set could be 1-12, 0 means empty

Example:

Lan filter incoming tcpip 1 0 0 0

Menu 3.1

 

lan dhcp mode [server|relay|none]

Set DHCP mode to be”server”, “relay”, “none”

Menu 3.2

 

lan dhcp server dnsserver [pri dns] [sec dns]

Set primary and secondary LAN DNS server

Menu 3.2

 

lan dhcp server pool [start-address] [num]

Set DHCP start address and pool size

Menu 3.2

 

lan dhcp server gateway [IP address]

Set DHCP gateway

Menu 3.2

 

lan dhcp server netmask [subnet mask]

Set DHCP subnet mask

Menu 3.2

 

lan dhcp server leasetime [second]

Set DHCP lease time

Menu 3.2

 

lan dhcp server renewaltime [second]

Set DHCP renew time

Menu 3.2

 

lan dhcp server rebindtime [second]

Set DHCP rebind time

Menu 3.2

 

lan dhcp relay server [IP address]

Set IP address of DHCP relay server

Menu 3.2

 

lan display

Display LAN or IP alias parameters

Display Menu 3

 

lan clear

Clear the Working Buffer

 

 

lan save

Save LAN related parameters

 

 

 

 

 

 

wan node index [1-8]

Set the node pointer to specific wan profile. If you want to set WAN profile, please use this command first, system will use the index number for pointing to specific PVC (remote node), and for consequent commands reference, if index = 1 means it’s ISP node

Menu 11.1

 

wan node clear

Clear the parameters of the temporary WAN profile

Menu 11.1

 

wan node ispname [ISP name]

Enable the name of wan node

Menu 11.1

 

wan node enable

Enable the wan profile

Menu 11.1

 

wan node disable

Disable the wan profile

Menu 11.1

 

wan node encap [1483|pppoa|pppoe|enet]

Set the wan protocol

Menu 11.1

 

wan node mux [vc|llc]

Set the wan multiplex

Menu 11.1

 

wan node ppp authen [chap|pap|both]

Set PPP authentication type

Menu 11.1

 

wan node ppp username [name]

Set PPP username

Menu 11.1

 

wan node ppp password [password]

Set PPP password

Menu 11.1

 

wan node service [name]

Set PPPoE service name

Menu 11.1

 

wan node bridge [on|off]

Set the wan bridge mode

 

Menu 11.1

 

wan node routeip [on|off]

Set the wan IP routing mode

 

Menu 11.1

 

wan node callsch [set1#][set2#][set3#][set4#]

Set call schedule set, set number 0 means empty

Menu 11.1

 

wan node nailedup [on|off]

Set nailed up connection on/off

Menu 11.1

 

wan node vpi [num]

Set the wan vpi. Range : 0~255

Menu 11.6

 

wan node vci [num]

Set the wan vci. Range : 32~65535

Menu 11.6

 

wan node qos[ubr|cbr]

Set the wan QOS type to be UBR or CBR

Menu 11.6

 

wan node pcr [num]

Set the wan PCR value

Menu 11.6

 

wan node scr [num]

Set the wan SCR value

Menu 11.6

 

wan node mbs [num]

Set the wan MBS value

Menu 11.6

 

wan node wanip [static|dynamic] [address]

Set the wan IP address

Menu 11.3

 

wan node remoteip [address] [subnet mask]

Set the remote gateway IP address and subnet mask

Menu 11.3

 

wan node nat [off | sua | full] [address mapping #]

Set type wan NAT mode to be off or SUA or Full feature

Menu 11.3

 

wan node rip [none|in|out|both] [rip1|rip2b|rip2m]

Set the wan RIP mode and RIP version

Menu 11.3

 

wan node multicast [none|igmpv1|igmpv2]

Set the wan IP multicast mode

Menu 11.3

 

wan node filter [incoming|outgoing] [tcpip|generic]

 [set #1] [set #2] [set #3] [set #4]

Set WAN filter, incoming or outgoing can be specified, and filter set can be 1-12, value 0 means empty

Menu 11.5

 

wan node save

Save the related parameters of WAN node

 

 

wan node display

Display WAN profile configuration in buffer

Display Menu 11

 

 

 

 

 

ip route addrom index [Rule #]

Select a Static Route index 1-16 to edit

Menu 12.1

 

ip route addrom name [Name]

Set Rule Name

Menu 12.1

 

ip route addrom active [on|off]

Set Active or Inactive Flag

Menu 12.1

 

ip route addrom set [dest address/ mask bits] [gateway] [metric]

Set IP static route

Example:

> ip ro addrom set 192.168.1.33/24 192.168.1.1 2

Menu 12.1

 

ip route addrom private [yes|no]

Set Private Flag

Menu 12.1

 

ip route addrom disp

Display both working buffer and Editing Entry

Menu 12.1

 

ip route addrom freememory

Discard all changes

Menu 12.1

 

ip route addrom save

Save edited settings

Menu 12.1

 

ip route addrom clear [Index #]

Clear Static Route Index

Menu 12.1

 

 

 

 

 

ip nat addrmap map [map#] [set name]

Select NAT address mapping set and set mapping set name, but set name is optional

Example:

> ip nat addrmap map 1 myset

Menu 15.1

 

ip nat addrmap rule [rule#] [insert | edit] [type] [local start IP] [local end IP] [global start IP] [global end IP] [server set #]

Set NAT address mapping rule. If the “type” is not “inside-server” then the “type” field will still need a dummy value like “0”.

Type is 0 - 4 = one-to-one, many-to-one, many-to-many-overload, many-to-many-non overload, inside-server

Example:

> ip nat addrmap rule 1 edit 3 192.168.1.10 192.168.1.20 192.168.10.56 192.168.1.56 0

Menu 15.1

 

ip nat addrmap clear [map#] [rule#]

Clear the selected rule of the set

Menu 15.1

 

ip nat addrmap freememory

Discard Changes

Menu 15.1

 

ip nat addrmap disp

Display nat set information

Menu 15.1

 

ip nat addrmap save

Save settings

Menu 15.1

 

ip nat server load [set#]

Load the server sets of NAT into buffer

Menu 15.2

 

ip nat server disp [1]

“disp 1” means to display the NAT server set in buffer, if parameter “1” is omitted, then it will display all the server sets

Menu 15.2

 

ip nat server save

Save the NAT server set buffer into flash

Menu 15.2

 

ip nat server clear [set#]

Clear the server set [set#], must use “save” command to let it save into flash

Menu 15.2

 

ip nat server edit [rule#] active

Activate the rule [rule#], rule number is 1 to 24, the number 25-36 is for UPNP application

Menu 15.2

 

ip nat server edit [rule#] svrport <start port> <end port>

Configure the port range from <start port > to <end port>

Menu 15.2

 

ip nat server edit [rule#] remotehost <start IP> <end IP>

Configure the IP address range of remote host (Leave it to be default value if you don’t need this command)

Menu 15.2

 

ip nat server edit [rule#] leasetime <seconds>

Configure the lease time (Leave it to be default value if you don’t want this command)

Menu 15.2

 

ip nat server edit [rule#] rulename <string>

Configure the name of the rule (Leave it to be default value if you don’t want this command)

Menu 15.2

 

ip nat server edit [rule#] forwardip <IP address>

Configure the LAN IP address to be forwarded

Menu 15.2

 

ip nat server edit [rule#] protocol <TCP|UDP|ALL>

Configure the protocol to be used TCP , UDP or ALL (it must be capital)

Menu 15.2

 

sys filter set index [set#] [rule#]

Set the index of filter set rule, you may apply this command first before you begin to configure the filter rules

Menu 21 filter sets

 

sys filter set name [set name]

Set the name of filter set

Menu 21 filter sets

 

sys filter set type [tcpip | generic]

Set the type of filter rule

Menu 21 filter sets

 

sys filter set enable

Enable the rule

Menu 21 filter sets

 

sys filter set disable

Disable the rule

Menu 21 filter sets

 

sys filter set protocol [protocol #]

Set the protocol ID of the rule

Menu 21 filter sets

 

sys filter set sourceroute [yes|no]

Set the sourceroute yes/no

Menu 21 filter sets

 

sys filter set destip [address] [subnet mask]

Set the destination IP address and subnet mask of the rule

Menu 21 filter sets

 

sys filter set destport [port#] [compare type = none|equal|notequal|less|greater]

Set the destination port and compare type (compare type could be 0(none)|1(equal)|2(not equal)|3(less)|4(greater) )

Menu 21 filter sets

 

sys filter set srcip [address] [subnet mask]

Set the source IP address and subnet mask

Menu 21 filter sets

 

sys filter set srcport [port#] [compare type = none|equal|not equal|less|greater]

Set the source port and compare type (compare type could be 0(none)|1(equal)|2(not equal)|3(less)|4(greater) )

Menu 21 filter sets

 

sys filter set tcpEstab [yes|no]

Set TCP establish option

 

 

sys filter set more [yes|no]

Set the more option to yes/no

Menu 21 filter sets

 

sys filter set log [type 0-3= none | match| notmatch | both ]

Set the log type (it could be 0-3 =none, match, not match, both)

Menu 21 filter sets

 

sys filter set actmatch[type 0-2 = checknext | forward | drop]

Set the action for match

Menu 21 filter sets

 

sys filter set actnomatch [type 0-2 = checknext | forward | drop]

Set the action for not match

Menu 21 filter sets

 

sys filter set offset [#]

Set offset for the generic rule

Menu 21, it’s for generic filter

 

sys filter set length [#]

Set the length for generic rule

Menu 21, it’s for generic filter

 

sys filter set mask [#]

Set the mask for generic rule

Menu 21, it’s for generic filter

 

sys filter set value [(depend on length in hex)]

Set the value for generic rule

Menu 21, it’s for generic filter

 

sys filter set clear

Clear the current filter set

Menu 21

 

sys filter set save

Save the filter set parameters

 

 

sys filter set display [set#][rule#]

Display Filter set information. W/o parameter, it will display buffer information.

 

 

sys filter set freememory

Discard Changes

 

 

 

 

 

 

sys snmp disp

Display SNMP parameters

Menu 22

 

sys snmp get [community]

Set the community string of get

Menu 22 SNMP

 

sys snmp set [community]

Set the community string of set

Menu 22 SNMP

 

sys snmp trusthost [IP address]

Set the IP address of trusted host

Menu 22 SNMP

 

sys snmp trap community [community]

Set the community string of trap

Menu 22 SNMP

 

sys snmp trap destination [IP address]

Set the destination address of trap

Menu 22 SNMP

 

sys snmp discard

Discard changes

 

 

sys snmp clear

Clear Working Buffer

 

 

sys snmp save

Set the SNMP parameters

Menu 22 SNMP

 

 

 

 

 

sys password [new password]

Set system password [save immediately]

Menu 23 system password

 

 

 

 

 

sys baud [1-5]

Index 12,3 will be 38400,19200, 9600, 57600, 115200 bps [save immediately]

Menu 24.2.2 console speed

 

 

 

 

 

sys server load

Load setting before editing

 

 

sys server access [ftp|telnet|web] [access type]

Set the server access type to be 0: ALL, 1: None, 2:LAN only, 3:WAN only

Menu 24.11 remote management

 

sys server port [ftp|telnet|web] [port]

Set the server port number

Menu 24.11 remote management

 

sys server secureip[ftp|telnet|web] [address]

Set the server security IP address

Menu 24.11 remote management

 

sys server disp [1]

Display server settings, [1] means display buffer

 

 

sys server save

Save the embedded server (remote management) parameters

 

 

 

 

 

 

wlan load

Load system parameters into working buffer

Menu 3.5 for Wireless LAN

 

wlan disp

Display the working buffer

Menu 3.5 for Wireless LAN

 

wlan essid [name]

Set the wireless ESSID

Menu 3.5 for wireless LAN

 

wlan hideessid [on|off]

Set to hide ESSID or not

 

Menu 3.5 for wireless LAN

 

wlan chid [#=1~11]

Set channel ID 1-11

Menu 3.5 for wireless LAN

 

wlan threshold rts [value]

Set the RTS threshold value

Menu 3.5 for wireless LAN

 

wlan threshold fragment [value]

Set fragment threshold

Menu 3.5 for wireless LAN

 

wlan wep type [none|64|128]

Set the wep type to be none, 64bit or 128bits

Menu 3.5 for wireless LAN

 

wlan wep key set [key set#1-4] [key value]

Set wep key value

Menu 3.5 for wireless LAN

 

wlan wep key default [key set # 1-4]

Set default key set value

Menu 3.5 for wireless LAN

 

 

 

 

 

wlan macfilter enable

Enable mac filter

Menu 3.5.1 for wireless LAN

 

wlan macfilter disable

Disable mac filter

Menu 3.5.1 for wireless LAN

 

wlan macfilter action [allow|deny]

Set the action type of filter

Menu 3.5.1 for wireless LAN

 

wlan macfilter set [set# 1-12] [mac address]

Set the mac address of filter

Menu 3.5.1 for wireless LAN

 

wlan clear

Clear Working Buffer

 

 

wlan save

Save wireless MAC filter parameters

 

 


All contents copyright © 2004 ZyXEL Communications Corporation.