IPX Source and Destination Network Filtering Using CLI | 3Com 812

Creating Filters Using Command Line Interface 6-33

IPX Source and Destination Network Filtering Using CLI

IPX network numbers must be specified as an network number no greater than 8-digits in hexadecimal format. The following rule example rejects IPX packets with a source address: 00-03-42-BF.

IPX:

1 REJECT src-net = 00-03-42-BF;

IPX Source and Destination Host Filtering Using CLI

Host addresses must consist of the 8-digit network number, followed by the four digit node number in hexadecimal format.

The following rule example accepts IPX packets with a destination address of

04-0B-43-AA:

IPX:

1ACCEPT dest-host = 04-0B-43-AA;

999DENY;

IPX Source and Destination Socket Number Filtering Using CLI

Sockets numbers represent communications interfaces that let an application access a network protocol by opening a socket and declaring a destination. Sockets are useful because they provide a simple way to direct an application onto the network.

You can compare the source or destination IPX socket number contained in the packet to the socket number defined in the filter rules. You must specify the type of the comparison.

For example, the following rule example accepts IPX packets with the IPX source socket number 0x001:

IPX:

1ACCEPT src-socket = 0x001;

999DENY;

IPX RIP Packet Filtering Using CLI

Routing Information Protocol (RIP) packets are used to identify all attached networks as well as the number of router hops required to reach them. The responses are used to update a router's routing table.

You define IPX RIP packet filtering rules in the IPX-RIP protocol section of the filter file. You can filter IPX RIP packets by network only.

The following rule example filters the route specified by the IPX network address

00-03-55-BF:

IPX-RIP:

1 REJECT network = 00-03-55-BF;

Image 71

3Com 812 manual IPX Source and Destination Network Filtering Using CLI, IPX Source and Destination Host Filtering Using CLI

Contents

Release OfficeConnectTM Remote Adsl Router CLI User’s Guide Santa Clara, California Contents Quick VC Setup Dhcp IPX Source and Destination Network Filtering Using CLI Officeconnect Remote 812 Sample Configuration Delete B-10 Dial Hangup Resolve Paused Commands Input Counters Show interface interfacename settings Show ip counters Verify TCP SettingsInput Counters Page Page Macintosh Computers IBM-PC Compatible Computers Telnet ipaddress UNIX-Based ComputersFrom Windows 95, you can go to the DOS Window and run Values Add ip network is the commandParameters Stand for ip, iprouting, or ipsourcevalidation Names or StringsNetwork Address Formats Conventions 4CHAPTER 2 CLI Command Conventions and Terminology Configuration Methods Manual Setup Instructions CLI Quick Setup Script Quick Setup Quick Setup Management Information Password ProtectionWhich portions of the network do you want to configure? Quick Setup Identification information Telnet information This completes the section on Snmp management configurationQuick Setup IP information Quick Setup IPX information IP setup is completed Sample Identification Information Quick Setup Bridge InformationThis section contains a sample of possible settings IP Mask Management InformationTelnet Management IP Information Sample Output Display as Quick Setup Executes 8CHAPTER 4 Quick Setup Starting QuickVC Setup OCR-DSL quickvc CLI QuickVC Setup Script Network Service PPP RFC1483 IP configuration for VC name is now complete Review IPX Routing Network Service PPPIPX Routing Network Service RFC Bridging Sample Output Display 6CHAPTER 5 Quick VC Setup IPX Routing Bridging System Administration Configuration Overview List vcs Show vc defaultRemote Site Management Service Information Disable vc InternetSet vc Internet sendpassword testpassword Enable vc Internet IP Routing To configure the profile for VBRTo configure the profile for CBR Set vc vc name atm categoryofservice constant pcr cell rate Disable ip RIP Enable ip forwardingDisable ip forwarding Enable ip RIP Delete ip network network name Show ip settings Show ip routing settings Addressselection negotiate Defaultrouteoption Disable EnableRemoteipaddress ip address/mask Metric metric Ipsourcevalidation Disable Enable Translation Address Privateport port Set vc vc name natdefaultaddress ip address Mode 12CHAPTER 6 Manual Setup Monitoring the Dhcp Set dhcp mode relayMaxhops count enabled YES no Show dhcp server counters List dhcp server leases Set dns cachesize size Numberretries number timeout seconds Enable dnsDisable dns Show dns settings Delete dns server domain name Disable ipx network network nameIPX Routing List dns servers Ipxaddress Ffffffff You can delete a disabled network using the commandDelete ipx network network name Node server node address To add a Static IPX route over the LAN, use the command Set ipx network network name Ipxnet server network address name service name Bridging Configure bridging for the remote site connection Show bridge settings To see the current IP Forwarding status use the commandShow ip settings To disable IP Forwarding use the command Set bridge agingtime seconds Simultaneous Bridging Routing Set time AdministrationSystem Show date Delete user name Add user name password passwordSet system name name location location contact contact List users Exit cli Set command loginrequired yes Set command loginrequired noSet command idletimeout timeout Capabilities Local or remote users can accessUse of a forged IP source address to circumvent a firewall Discards it IPX-RIP IPXIP-RIP IPX-SAP Line #filter Generic FiltersRouter CLI User’s Guide Filter File Components BR-ETH Protocol Rules Accept src-addr=xxx Accept dst-addr=yyy Deny IPX IP Source and Destination Network Filtering Using CLI IP RIP Packet Filtering Using CLI IP Source and Destination Port Filtering Using CLIIP Protocol Filtering Using CLI IPX RIP Packet Filtering Using CLI IPX Source and Destination Network Filtering Using CLIIPX Source and Destination Host Filtering Using CLI Creating Filter Files IPX SAP Packet Filtering Using CLIBridge / Generic Filtering Using CLI Using CLI IP 1 Accept src-addr = Accept dst-addr = Deny Unit’s CLI commands to use Applying a Filter to an VC/Remote Site Profile Filter List Using CLIRemoving a Filter from an Interface Using CLI Adding Filters to IPX-RIP IPX-SAP 40CHAPTER 6 Manual Setup Officeconnect Remote 812 Sample Configuration Set dhcp server start 192.168.200.1 end 192.168.200.40 mask Set dhcp mode server2APPENDIX a Officeconnect Remote 812 Sample Configuration Disable bridge spanningtree Add bridge network bridge 4APPENDIX a Officeconnect Remote 812 Sample Configuration Set vc Internet nat enable IPaddress CLI CommandsAdd bridge network Enabled yes Networkname Add dns host Add framedroute vc name Iproute ipaddress Metric number Add ip defaultroute Metric2APPENDIX B CLI Command Description Secondaryaddress ipaddress Vcname vcname Gateway gatewayaddr Metric hopcount Add ip network networkname 4APPENDIX B CLI Command Description Add ipx service servicenameType servicetype Name Hops number Below is a partial list of the IPX services availableIpxnet ipxaddress Metric hopcount Ticks ticknumber Adds an IPX route for the a user over the WAN 6APPENDIX B CLI Command Description Http Data string Closeactiveconnections True False Add snmp address IPaddress trapcommunity Name 8APPENDIX B CLI Command Description Parameters for all users Add user name Enabled yesDefault Ipnameoraddr Arp output outputfilename ipnameoraddr Delete Delete commands remove anything you previously added10APPENDIX B CLI Command Description Trapcommunity ServicenameDelete snmp Community name Disable interface Disable bridge networkDisable bridge Disable icmp Output outputfile Connections will be closed when the server is disabledDisable snmp Authentication traps Networks 14APPENDIX B CLI Command Description Hangup List 16APPENDIX B CLI Command Description Normal Easyfilter.fil 18APPENDIX B CLI Command Description Other List tcp connections Or list snmpTrapcommunities List syslog Outputfile exist More or CR Continue printing QuitMore or CR IPhostname Set adsl resetSet command history numerical range Resolve name YES no Sets console parameters for CLI commandsSet dhcp relay server2 Address IPaddress Enabled YES no Idle timout minutes Localprompt string Prompt string Set dns cachesize number CLI Commands B-25 26APPENDIX B CLI Command Description Flashupdate D/NOFLASHUPDATE SENDDEFAULT/NOSENDDEFAULT DACCEPTDEFAULT/NOACCEPT Default D Sets parameters for the specified IPX network 28APPENDIX B CLI Command Description Sets parameters for dynamic IPX networks Set network service adminnamePoolmembers number Set system Name name Location location Transmitauthenticationname nameOptions Modifies user parameters Set time time Specifies parameters for VCs 32APPENDIX B CLI Command Description MTU ENABLED, Disabled Sets ATM parameters for VCs Show Show commands display details about system entities34APPENDIX B CLI Command Description Fields Operational Mode either loss of signal or operationalDisplays the current status of the ADSL/ATM link Show bridge network name 36APPENDIX B CLI Command DescriptionAdsl Alcatel chipset firmware release version History Depth Current Prompt OCR-DSL Local Prompt OCR-DSL Counters Settings38APPENDIX B CLI Command Description Problems with Name Server internal server error Format Errors server said invalid request format Input Counters 40APPENDIX B CLI Command Description Show ip counters Displays system wide IP network statistics Counters Input Counters 42APPENDIX B CLI Command Description Total Packets Received sum of IPX packets received Show ipx counters Show ipx network networkname counters Displays information about RIP for IPX 44APPENDIX B CLI Command DescriptionShow ipx rip Dynamic Address Pool Begin starting IPX address Vcname settingsShow ipx sap Displays information about SAP for IPX Operational Status not opened or opened Name settings46APPENDIX B CLI Command Description Name counters Remote PPP entity. Default Enabled Settings for PPP Bundle 1 Compression 48APPENDIX B CLI Command Description Entity, PAP is the default System Descriptor for example System Contact modify using set systemSystem Name modify using set system System Location modify using set system Total Output Datagrams sum of UDP datagrams sent 50APPENDIX B CLI Command Description Pressing control CommandsHelp Lists the available commands Telnet ipnameoraddr Telnet ipnameoraddr TCPport number Status Recall the next command in the history listCLI Exit Setescape string Comments 54APPENDIX B CLI Command Description ATM PAT Adsl Overview Proxy Statistics Show dns counters Ping DNS Tftp LANRIP RIP SAP RoutingSAP Telnet PPPWAN CLI WAN PPP Delete snmp trapcommunity B-11 3Com Corporation Limited Warranty FCC Class B Statement