ASYNC ROUTER AR-P, AR-5, AND SYNC ROUTER REFERENCE MANUAL

before—Position the filter expression name before the filter expression existing_name in the FE list.

after—Position the filter expression name after the filter expression existing_name in the FE list.

existing_name—The name of a filter expression currently residing in the FE priority list which you want to use to orient the placement of a new FE in the list of filter priorities.

filter spoof iface [{allow deny}] [syslog] [trap]

Enable detection of packets trying to perform “IP address spoofing,” which is a method of getting data forwarded out of a network, from an external location.

A packet is “IP address spoofing” if it arrives on a Router interface with a source address, that is inappropriate for that interface. For example, if a packet arrives at an external Router interface (modem0, etc.) with a source address that is always internal to your network (i.e., it should always be via eth0), then the packet is “IP address spoofing.”

The filter spoof command enables the Router to ensure that an incoming packet arrives on the interface that the Router would use to send packets to the source address of that packet. Essentially, the filter spoof command discards packets that imply that they are sourced from one interface, but actually arrived on a different interface.

[{allow deny}]—The deny option causes “IP address spoofing” packets to be discarded, and the allow option allows these packets to be forwarded. By default, spoof filters are disabled (allow).

[syslog]—The syslog option enables a syslog message to be generated when an “IP address spoofing” packet is detected.

[trap]—The trap option enables an SNMP trap to be generated when an “IP address spoofing” packet is detected.

filter status—Displays the list of IP packet filters

filter try src_addr [-sport] dest_addr [-dport] [-pproto]

Use the filter try command to test your filters. The filter try command specifies test packets that are submitted to your current filter list, and returns the result. For explanations of the parameters, refer to previous filter command descriptions.

4.5 icmp

Display ICMP protocol information

Syntax

icmp status

Description

The icmp status command displays the status of the Internet Control Message Protocol (ICMP), which consists of ICMP statistics such as the number of ICMP messages received of each type, the number sent, etc.

220

Page 220
Image 220
Black Box LRA005A-R2, LRS002A-R2, LRA001A-R2 manual 220, Filter spoof iface allow deny syslog trap, Icmp status