home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Cream of the Crop 22
/
Cream of the Crop 22.iso
/
bbs
/
fnos16a5.zip
/
HELP.ZIP
/
IP
< prev
next >
Wrap
Text File
|
1995-11-29
|
5KB
|
119 lines
ip <subcommand>
These commands are used for the Internet Protocol service.
ip access <permit|deny|delete> <proto> <sourceaddr[/bits]|all>
<destaddr[/bits]|all> <iface> [loport | all [hiport]]
Display or set ip access controls. Controls packet routing via
<iface> and determines which source ip addresses <sourceaddr>
can route to which destination ip addresses <destaddr>.
Default is to permit all sources to access all destinations,
until the first IP access command is entered, at which point all
routes via <iface> are denied unless specifcally permitted by
subsequent ip access commands.
Execution of this subcommand will add or delete an access control
entry in an internal table. Entries are scanned for an <iface> match,
and then in the order they were added, to determine if access will
be granted. Access will be granted only if an entry matching <destaddr>
and <sourceaddr> is found with "permit" set before a match with "deny"
set, or no match is found. The optional /bits suffix to the ipaddr
specifies how many leading bits in the ipaddr are to be considered
significant in the routing comparisons. If not specified, 32
bits (i.e., full significance) is assumed. All addresses can be
specified by "all". Access can be made protocol dependent via the
<proto> parameter. <proto> may be 'a' for any, 't' for TCP, 'u'
for UDP, 'i' for ICMP, or the IP protocol number. For UDP and TCP
protocols, loport and hiport specify the port or
range of TCP or UDP ports for which the access control command applies.
If none or all is specified, all ports are assumed.
"ip access" will display the table of current access control entrys.
Access commands should be entered from the most specific to the
least specific, since the first match (permit or deny) encountered
for a given interface in the internal table is returned.
#Example:
#allow a specific AMPRnet host access to the internet
ip access permit any 44.76.1.199 all eth0
#but deny all others except DNS/Ping (UDP) access
ip access permit udp 44/24 all eth0 all
#permit only AMPRnet hosts access to RF port
ip access permit any 44/24 44/24 2m
ip address [<addr>]
Display or set the default local IP address. This command
must be given before an 'attach' command if it is to be used
as the default IP address for the interface.
ip encap [4 | 94]
Display or set the packet ID code used for transmitted IP-IP
encapsulated packets. As of 1 March 1995, the default pid is 4.
ip heard
Display the ip-heard list. This shows the recently heard tcp/ip
systems. See also the 'ip hport' and 'ip flush' commands.
ip flush
Clear the ip-heard list. See 'ip heard' and 'ip hport'.
ip hport [<iface> [ON | off]]
Display or set the ip-heard facility. If no argument is given,
show the interfaces on which ip-heard is currently active. If
<iface> is given, shows the status of the ip-heard flag for the
given interface. If <iface> <on|off> is given, it will set the
flag on or off. Default is on.
If this flag is on, ip heard frames will be logged in a table.
This table can be shown with the 'ip heard' command or with the
nodeshell 'IHeard' command. Ip-heard logging on ax.25 interfaces
logs all ip stations heard on the port, even if the system wasn't
directly involved in the ip activity. For non-ax.25 interfaces,
only ip frames that we were actively involved in (i.e. that we
routed) are logged. (this difference is due to code internals)
ip hport port1 off
ip hsize [n] Default: 16
Display or set the maximum size of the Ip heard table. 0 means
no limit.
ip rtimer [<seconds>] Default: 30
Display or set the IP reassembly time-out.
ip status
Display Internet Protocol (IP) statistics, such as total packet
counts and error counters of various types.
ip ttl [<hops>]
(B) Display or set the default time-to-live value placed in each
outgoing IP datagram. This limits the number of switch hops the
datagram will be allowed to take. The idea is to bound the
lifetime of the packet should it become caught in a routing loop.
You should make the value slightly larger than the number of hops
across the network you expect to transit packets. The default is
set at compilation time to 255, the official recommended value
for the Internet.