MN_Telnet-CLI_guide.pdf

Konfiguracja QOS, firewall - zmniejszenie prędkości internetu.

Witam, Posiadam router Siemens SX541 z wgranym oprogramowaniem SMC VoWBRA7908A ver. 2.15. Ogólnie jestem zadowolony z tego sprzętu za wyjątkiem odpowiedniej konfiguracji QOS oraz firewall. Otóż, gdyż włączę obie w/w funkcję router od razu ucina mi pasmo do około 14Mb/s, gdzie bez tych funkcji mam średnio około 18-19Mb/s. Dlatego chciałbym, aby ktoś bardziej zorientowany pomógł mi w odpowiednim ustawieniu w/w funkcji tak aby wszystko działało prawidłowo lub chociaż naprowadził na odpowiednie artykuły, które tyczą się tego tematu. Dodam, że posiadam internet od Netii 20Mb/s. To jest moje pierwsze pytanie, drugie tyczy się samego routera - otóż wcześniej miałem oryginalny sprzęt od Netii firmy ASMAX 1004g. Na ASMAX'ie uzyskiwałem o około 1-2Mb/s większą przepustowość niż na SIEMENSIE czyli około 20-22Mb/s czy w związku z tym SIEMENS ma gorszy modem ADSL'owy (jego sterowniki)? Czy istnieje możliwość odzyskania tych 1-2Mb/s przez odpowiednią konfigurację? Poniżej zamieszczam zrzuty z okien wszystkich opcji oraz załączam pdf do telnetu od SIEMENSA: QOS: http://obrazki.elektroda.pl/3982217500_1312355714_thumb.jpg http://obrazki.elektroda.pl/5444142900_1312355715_thumb.jpg http://obrazki.elektroda.pl/4672405700_1312355715_thumb.jpg FIREWALL: http://obrazki.elektroda.pl/8581593200_1312355712_thumb.jpg http://obrazki.elektroda.pl/5322768500_1312355713_thumb.jpg http://obrazki.elektroda.pl/3406745600_1312355714_thumb.jpg STATUS / ADSL http://obrazki.elektroda.pl/8034536100_1312355717_thumb.jpg http://obrazki.elektroda.pl/3956576600_1312355716_thumb.jpg STATUS od ASMAX 1004g: http://obrazki.elektroda.pl/7125004500_1312355716_thumb.jpg Z góry dziękuje za pomoc. Zdjęcia należy poprawić zgodnie z INSTRUKCJĄ.


TELNET Command Line Interface
Quick Reference Syntax 1.0.10

1

Command syntax

SYSTEM part

system

INTERFACE part

Short Description

level II
information & lt; CR & gt;
op_mode & lt; Router|Bridging|Host & gt;
hostname [name]
domain_name [domain]
group_name & lt; name & gt;
time_zone & lt; 0~62 & gt;
use_time_server & lt; Disable|Enable & gt; [time]
update_interval & lt; 1~72 & gt;
daylight_save & lt; Disable|Enable & gt;
time_server & lt; ip & gt; [ip] [ip]
adsl_mode & lt; Auto|T1.413Full|T1.413Lite|G.DMT|G.Lite|ADSL2|ADSL2PLUS & gt;
clone_mac & lt; Default|PC's|mac & gt;
response_mode & lt; Normal|Brief & gt;

Show system hardware information
Kernel operation mode
Config local hostname
Config local domain name
Config group name for NetBIOS resource share
Time zone ID
Using time server or base time
Update interval (hours)
Automatic daylight saving
Time servers
ADSL modem operation mode
Clone WAN port MAC address
Config response mode in CLI

level II

interface

lan & lt; 1~4 & gt;

wireless & lt; 1~1 & gt;

atm & lt; 1~8 & gt;

address & lt; ip & gt; & lt; netmask & gt;
link_type & lt; Disable|Ethernet & gt;
nat_type & lt; Public|Private & gt;
bridge & lt; Disable|Enable & gt;
access-list & lt; 0~4 & gt; & lt; 0~4 & gt;
device-filter & lt; 0~4 & gt; & lt; 0~4 & gt;
access_ctrl & lt; Disable|Enable & gt;
inspect-rule & lt; 0~4 & gt; & lt; 0~4 & gt;
network_secure & lt; Untrust|Trust & gt;
vlan & lt; 0~4 & gt;
address & lt; ip & gt; & lt; netmask & gt;
link_type & lt; Disable|Ethernet & gt;
nat_type & lt; Public|Private & gt;
bridge & lt; Disable|Enable & gt;
access-list & lt; 0~4 & gt; & lt; 0~4 & gt;
device-filter & lt; 0~4 & gt; & lt; 0~4 & gt;
access_ctrl & lt; Disable|Enable & gt;
inspect-rule & lt; 0~4 & gt; & lt; 0~4 & gt;
network_secure & lt; Untrust|Trust & gt;
vlan & lt; 0~4 & gt;
address & lt; ip & gt; & lt; netmask & gt;

Interface IP address & netmask
Config interface link type
NAT network type
Config interface bridging function state
Binding interface access-list
Binding interface device-filter rules
Enable or disable access control
Binding interface inspection rule
Config interface security type
Config VLAN profile index
Interface IP address & netmask
Config interface link type
NAT network type
Config interface bridging function state
Binding interface access-list
Binding interface device-filter rules
Enable or disable access control
Binding interface inspection rule
Config interface security type
Config VLAN profile index
Interface IP address & netmask

2

pppoe & lt; 1~8 & gt;

lan_sec & lt; 1~1 & gt;

link_type & lt; Disable|Ethernet|PPP|IPoA & gt;
nat_type & lt; Public|Private & gt;
bridge & lt; Disable|Enable & gt;
dial & lt; 1~20 & gt; & lt; 0~32767 & gt; & lt; -1~30 & gt;
vc & lt; 1~8 & gt;
access-list & lt; 0~4 & gt; & lt; 0~4 & gt;
device-filter & lt; 0~4 & gt; & lt; 0~4 & gt;
access_ctrl & lt; Disable|Enable & gt;
inspect-rule & lt; 0~4 & gt; & lt; 0~4 & gt;
network_secure & lt; Untrust|Trust & gt;
remote_route & lt; ip & gt; [Disable|Enable]
dns & lt; ip & gt; [ip]
ip_assign & lt; Dynamic|Fixed & gt;
vlan & lt; 0~4 & gt;
dhcp_clt & lt; Disable|Enable & gt;
address & lt; ip & gt; & lt; netmask & gt;
link_type & lt; Disable|PPPoE & gt;
ether_interface & lt; interface & gt;
dial & lt; 1~20 & gt; & lt; 0~32767 & gt; & lt; -1~30 & gt;
access-list & lt; 0~4 & gt; & lt; 0~4 & gt;
device-filter & lt; 0~4 & gt; & lt; 0~4 & gt;
access_ctrl & lt; Disable|Enable & gt;
inspect-rule & lt; 0~4 & gt; & lt; 0~4 & gt;
network_secure & lt; Untrust|Trust & gt;
ip_assign & lt; Dynamic|Fixed & gt;
vlan & lt; 0~4 & gt;
address & lt; ip & gt; & lt; netmask & gt;

Config interface link type
NAT network type
Config interface bridging function state
Config dial profile index and attributes
Specify VC profile index
Binding interface access-list
Binding interface device-filter rules
Enable or disable access control
Binding interface inspection rule
Config interface security type
Remote IP address and add route
ISP provides DNS IP addresses
Dynamic get IP address or use fixed IP
Config VLAN profile index
Enable or disable DHCP client
Interface IP address & netmask
Config interface link type
Config PPP over ehternet interface number
Config dial profile index and attributes
Binding interface access-list
Binding interface device-filter rules
Enable or disable access control
Binding interface inspection rule
Config interface security type
Dynamic get IP address or use fixed IP
Config VLAN profile index
Interface IP address & netmask

ps. The command `lan_sec` is for telefonica vendor.

VLAN part
vlan & lt; 1~4 & gt;

WLAN part
wlan

level II
name & lt; string & gt;
ipnet & lt; ip & gt; & lt; netmask & gt;
igmp-snooping & lt; Disable|Enable & gt;
igmp-querier & lt; Disable|Enable & gt;
func & lt; Disable|Enable & gt;

VLAN profile description
VLAN subnet value
Config IGMP-Snooping function
Config IGMP-Querier function
Enable or disable this VLAN port

level II
country & lt; 1~76 & gt;

Country selection

3

SSID & lt; string & gt;
hide_ssid & lt; Disable|Enable & gt;
channel & lt; 0~13 & gt;
tx_rate & lt; Auto|54|48|36|24|18|12|11|9|6|5.5|2|1 & gt;
mode & lt; mixed|long_range|g_only|b_only & gt;
stationName & lt; string & gt;
rtsThreshold & lt; 0~3000 & gt;
fragThreshold & lt; 256^2346 & gt;
func & lt; Disable|Enable & gt;
access_rule & lt; Deny|Allow & gt;
mac_filter
add & lt; mac & gt;
delete & lt; 1~32 & gt;
modify & lt; 1~32 & gt; & lt; mac & gt;
mode & lt; Disable|Enable & gt; [64|128]
dyna_key_prov & lt; Disable|Enable & gt;
defaultKeyId & lt; 1~4 & gt;
defaultKeys64 & lt; 1~4 & gt; & lt; hex & gt;
wep
defaultKeys128 & lt; 1~4 & gt; & lt; hex & gt;
key64ascii & lt; 1~4 & gt; & lt; string & gt;
key128ascii & lt; 1~4 & gt; & lt; string & gt;
passphrase64 & lt; string & gt;
passphrase128 & lt; string & gt;
mode & lt; Disable|Enable & gt; [802.1X|PSK]
psk_type & lt; Passphrase|Hex & gt;
psk_hex & lt; hex & gt;
psk_passphrase & lt; string & gt;
wpa
obscure_psk & lt; Disable|Enable & gt;
rekey_period & lt; Disable|Seconds|Packets & gt;
rekey_second & lt; number & gt;
rekey_packet & lt; number & gt;
func & lt; Disable|Enable & gt;
session_timeout & lt; number & gt;
re_auth_period & lt; number & gt;
quiet_period & lt; number & gt;
802.1x
server_ip & lt; ip & gt;
server_port & lt; 1~65534 & gt;
radius
secret_key & lt; string & gt;
nas_id & lt; string & gt;
func & lt; Disable|Enable & gt;
wds
func & lt; 1~4 & gt; & lt; Disable|Enable & gt;
connect
mac & lt; 1~4 & gt; & lt; mac & gt;

SSID
Hide SSID
Current operating frequency channel
Transmission rate (Mbit)
Wireless mode
Station name
RTS threshold
Fragmentation threshold (even numbers only)
Enable MAC filter
Access rule for registered MAC address
Add MAC address
Delete MAC address
Modify MAC address
WEP mode
Key provisioning, static or dynamic
WEP default key ID
64 bits WEP key table (Hex)
128 bits WEP key table (Hex)
64 bits WEP key table (ASCII)
128 bits WEP key table (ASCII)
Passphrase for 64 bits WEP key
Passphrase for 128 bits WEP key
WPA mode
Pre-shared key type
256 bits PSK
Passphrase for PSK
Obscure PSK
Rekey period
Rekey second
Rekey packet
Enable/Disable 802.1X
Session idle timeout (milli seconds)
Re-authentication period (milli seconds)
Quiet period (milli seconds)
Server IP
Server port
Secret key
NAS-ID
WDS functionality
MAC of LAN mode to be use
MAC of LAN mode

4

func & lt; Disable|Enable & gt;
security_mode & lt; disable|wep|wpa2_only|wpa_wpa2 & gt;

BRIDGE part
bridge

Wireless disable or enable
Config wireless security mode

level II
generic & lt; Disable|Enable & gt; & lt; ip & gt; & lt; netmask & gt;
static
mac_address & lt; mac & gt;
LAN1_port & lt; Filter|Forward|Dynamic & gt;
WLAN1_port & lt; Filter|Forward|Dynamic & gt;
ATM1_port & lt; Filter|Forward|Dynamic & gt;
ATM2_port & lt; Filter|Forward|Dynamic & gt;
ATM3_port & lt; Filter|Forward|Dynamic & gt;
ATM4_port & lt; Filter|Forward|Dynamic & gt;
ATM5_port & lt; Filter|Forward|Dynamic & gt;
ATM6_port & lt; Filter|Forward|Dynamic & gt;
add
ATM7_port & lt; Filter|Forward|Dynamic & gt;
ATM8_port & lt; Filter|Forward|Dynamic & gt;
LAN2_port & lt; Filter|Forward|Dynamic & gt;
LAN3_port & lt; Filter|Forward|Dynamic & gt;
LAN4_port & lt; Filter|Forward|Dynamic & gt;
WDS1_port & lt; Filter|Forward|Dynamic & gt;
WDS2_port & lt; Filter|Forward|Dynamic & gt;
WDS3_port & lt; Filter|Forward|Dynamic & gt;
WDS4_port & lt; Filter|Forward|Dynamic & gt;
delete & lt; 1~20 & gt;
modify & lt; 1~20 & gt; mac_address & lt; mac & gt;
LAN1_port & lt; Filter|Forward|Dynamic & gt;
WLAN1_port & lt; Filter|Forward|Dynamic & gt;
ATM1_port & lt; Filter|Forward|Dynamic & gt;
ATM2_port & lt; Filter|Forward|Dynamic & gt;
ATM3_port & lt; Filter|Forward|Dynamic & gt;
ATM4_port & lt; Filter|Forward|Dynamic & gt;
ATM5_port & lt; Filter|Forward|Dynamic & gt;
ATM6_port & lt; Filter|Forward|Dynamic & gt;
ATM7_port & lt; Filter|Forward|Dynamic & gt;
ATM8_port & lt; Filter|Forward|Dynamic & gt;
LAN2_port & lt; Filter|Forward|Dynamic & gt;
LAN3_port & lt; Filter|Forward|Dynamic & gt;
LAN4_port & lt; Filter|Forward|Dynamic & gt;
WDS1_port & lt; Filter|Forward|Dynamic & gt;
WDS2_port & lt; Filter|Forward|Dynamic & gt;
WDS3_port & lt; Filter|Forward|Dynamic & gt;

Config
Config
Config
Config
Config
Config
Config
Config
Config
Config
Config
Config
Config
Config
Config
Config
Config
Config
Config
Delete
Config
Config
Config
Config
Config
Config
Config
Config
Config
Config
Config
Config
Config
Config
Config
Config
Config

bridging function, IP and subnet mask
mac address
LAN1 bridging type
WLAN1 bridging type
ATM1 bridging type
ATM2 bridging type
ATM3 bridging type
ATM4 bridging type
ATM5 bridging type
ATM6 bridging type
ATM7 bridging type
ATM8 bridging type
LAN2 bridging type
LAN3 bridging type
LAN4 bridging type
WDS1 bridging type
WDS2 bridging type
WDS3 bridging type
WDS4 bridging type
static MAC entry
mac address
LAN1 bridging type
WLAN1 bridging type
ATM1 bridging type
ATM2 bridging type
ATM3 bridging type
ATM4 bridging type
ATM5 bridging type
ATM6 bridging type
ATM7 bridging type
ATM8 bridging type
LAN2 bridging type
LAN3 bridging type
LAN4 bridging type
WDS1 bridging type
WDS2 bridging type
WDS3 bridging type

5

WDS4_port & lt; Filter|Forward|Dynamic & gt;

VC part

vc & lt; 1~8 & gt;

PPP part

level II
Config VPI/VCI value
Config encapsulation type
Config ATM virtual circuit state
QoS class
Peak cell rate
Sustain cell rate
Maximum brust size

vpi_vci & lt; 0~255 & gt; & lt; 0~65535 & gt;
encapsulate & lt; VC-Mux|LLC & gt;
state & lt; Disable|Enable & gt;
qos & lt; CBR|VBR|UBR & gt;
pcr & lt; 0~9999 & gt;
scr & lt; 0~9999 & gt;
mbs & lt; 0~9999 & gt;

level II
modify & lt; 1~25 & gt;
profile & lt; name & gt; & lt; pass_set0 & gt;
delete & lt; 1~25 & gt;
address_pool
ip_pool & lt; ip & gt; & lt; 1~127 & gt;
authenticate & lt; User_Pool|RADIUS & gt; & lt; User_Pool|RADIUS & gt;
assign_address & lt; Address_Pool|RADIUS & gt; & lt; Address_Pool|RADIUS & gt;
wan_pppoe & lt; Disable|PPPoE & gt;
users_edit

ppp

DIAL part
dial & lt; 1~20 & gt;

IP_SHARE part
ip_share

Config WDS4 bridging type

User account and password
Delete user profile
Edit IP pool. Based IP address & range number
User authentication policy
Peer address assignment policy
WAN port PPPoE function

level II
isp_profile & lt; string & gt; [string]
account_profile & lt; account & gt; & lt; pass_set1 & gt;
on_demand & lt; Disable|Enable & gt;
auto_reconnect & lt; Disable|Enable & gt;
startup & lt; Disconnected|Connected|Last & gt;
mtu & lt; 512~1500 & gt;

Config dial-out ISP name and destination string
Config access account and password
Continuous or dial on demand
Automatic reconnect
Connection state while system startup
Config MTU

level II
address_mapping
add

delete & lt; 1~20 & gt;

interface & lt; interface & gt;
func & lt; Disable|Enable & gt;
virtual_ip & lt; ip & gt; & lt; 1~254 & gt;
global_ip & lt; ip & gt;

Activate interface
Enable or disable this entry
Local address pool
Global address
Delete address mapping

6

modify & lt; 1~20 & gt;

add

virtual_server

delete & lt; 1~20 & gt;

modify & lt; 1~20 & gt;

add
special_ap

interface & lt; interface & gt;
func & lt; Disable|Enable & gt;
virtual_ip & lt; ip & gt; & lt; 1~254 & gt;
global_ip & lt; ip & gt;
name & lt; name & gt;
interface & lt; interface & gt;
server & lt; ip & gt;
port_map & lt; wan_ports & gt; & lt; lan_ports & gt;
func & lt; Disable|Enable & gt;
name & lt; name & gt;
interface & lt; interface & gt;
server & lt; ip & gt;
port_map & lt; wan_ports & gt; & lt; lan_ports & gt;
func & lt; Disable|Enable & gt;
incoming & lt; port_range & gt; & lt; TCP|UDP & gt;
func & lt; Disable|Enable & gt;
trigger & lt; 1~65534 & gt; & lt; TCP|UDP & gt;

delete & lt; 1~10 & gt;
modify & lt; 1~10 & gt;

local
nat
global

incoming & lt; port_range & gt; & lt; TCP|UDP & gt;
func & lt; Disable|Enable & gt;
trigger & lt; 1~65534 & gt; & lt; TCP|UDP & gt;
range & lt; 1~5 & gt; & lt; ip & gt; & lt; 1~253 & gt;
delete & lt; 1~5 & gt;
range & lt; 1~5 & gt; & lt; ip & gt; & lt; 1~253 & gt;
interface & lt; 1~5 & gt; & lt; interface & gt;
delete & lt; 1~5 & gt;

Activate interface
Enable or disable this entry
Local address pool
Global address
Service name
Activate interface
LAN Host IP address
public to private protocol/ports mapping
Enable or disable this virtual server
Delete virtual server mapping
Service name
Activate interface
LAN Host IP address
public to private protocol/ports mapping
Enable or disable this virtual server
Incoming protocol & ports number
Enable or disable this application
Trigger port and protocol
Delete special application mapping
Incoming protocol & ports number
Enable or disable this application
Trigger port and protocol
Edit address range
Delete address range
Edit address range
Bind address range to specific interface
Delete address range

FIREWALL-FUNC part level II

firewall-func

all & lt; Disable|Enable & gt;
DMZ & lt; Disable|Enable & gt;
schedule_rule & lt; Disable|Enable & gt;
inspect & lt; Disable|Enable & gt;
DoS & lt; Disable|Enable & gt;
WAN_ping & lt; Disable|Enable & gt;
rip_defect & lt; Disable|Enable & gt;
modify & lt; 1~20 & gt; & lt; ip & gt; & lt; ip|WAN_IP & gt;
virtual_DMZ
interface & lt; 1~20 & gt; & lt; interface & gt;
delete & lt; 1~20 & gt;
maillog & lt; DoS|Ping|RIP & gt; & lt; Disable|Enable & gt;

Enable or disable overall firewall function
Enable or disable DMZ function
Enable or disable schedule rule function
Enable or disable inspection module
Enable or disable DoS pattern detect
Deny ping request from WAN
Deny RIP from WAN
Modify DMZ address mapping
Bind address pair to specific interface
Delete DMZ address mapping
Mail log functionality

7

ACCESS-LIST part

level II

access-list

standard & lt; 1~4 & gt;

add & lt; Deny|Permit|Count & gt; & lt; ip/mask|Any & gt;
delete [1~1|All]
modify & lt; 1~1 & gt; & lt; Deny|Permit|Count & gt; & lt; ip/mask|Any & gt;
reset_counter [1~1]
default_action & lt; Deny|Permit & gt;
policy & lt; 1~1 & gt; & lt; 1~65535 & gt;
from
to
add & lt; 1~65534 & gt;
& lt; ip/mask| & lt; ip/mask|
& lt; Deny|Permit|
Any & gt;
Any & gt;
& lt; CR & gt;
Count & gt;
& lt; port_str & lt; port_str
& lt; TCP|UDP & gt;
|Any & gt;
|Any & gt;
add & lt; 1~65534 & gt;
& lt; Deny|Permit|
Count & gt;
& lt; ICMP & gt;

extended & lt; 1~4 & gt;

from
& lt; ip/mask|
Any & gt;

add & lt; 1~65534 & gt;
from
& lt; Deny|Permit|
& lt; ip/mask|
Count & gt;
Any & gt;
& lt; IP & gt;
delete [1~250|All]
from
modify & lt; 1~250 & gt;
& lt; ip/mask|
& lt; Deny|Permit|
Any & gt;
Count & gt;
& lt; port_str
& lt; TCP|UDP & gt;
|Any & gt;
modify & lt; 1~250 & gt;
from
& lt; Deny|Permit|
& lt; ip/mask|
Count & gt;
Any & gt;
& lt; ICMP & gt;

device-filter
& lt; 1~4 & gt;

to
& lt; ip/mask|
Any & gt;
to
& lt; ip/mask|
Any & gt;

Add new access control rule
Delete access control rule
Modify access control rule properties
Reset access control rule counter
Access-list default action
Assign policy number to access control rule
Access control rule

Access control rule
type_code
& lt; 0 ~ 1 8 | D o n ' t C a r e & gt; ICMP type, code
& lt; 0~15|Don'tCare & gt;
& lt; CR & gt;

& lt; CR & gt;

Access control rule
Delete access control rule

to
& lt; ip/mask|
Any & gt;
& lt; port_str
|Any & gt;
to
& lt; ip/mask|
Any & gt;

modify & lt; 1~250 & gt;
from
to
& lt; Deny|Permit|
& lt; ip/mask| & lt; ip/mask|
Count & gt;
Any & gt;
Any & gt;
& lt; IP & gt;
reset_counter [1~250]
default_action & lt; Deny|Permit & gt;
policy & lt; 1~250 & gt; & lt; 1~65535 & gt;
add & lt; Deny|Permit & gt; & lt; hex & gt;
delete [1~32|All]
modify & lt; 1~32 & gt; & lt; Deny|Permit & gt; & lt; hex & gt;
default_action & lt; Deny|Permit & gt;

& lt; CR & gt;

Modify access control rule

& lt; CR & gt;

Modify access control rule

type_code
& lt; 0 ~ 1 8 | D o n ' t C a r e & gt; ICMP type, code
& lt; 0~15|Don'tCare & gt;
& lt; CR & gt;

Modify access control rule
Reset access control rule counter
Access-list default action
Assign policy number to access control rule
Add new device-filter rule
Delete device-filter rule
Modify device-filter rule properties
Device-filter default action

8

URL_list

schedule

policy & lt; 1~32 & gt; & lt; 1~65535 & gt;
add & lt; keyword & gt;
delete & lt; 1~30 & gt;
modify & lt; 1~30 & gt; & lt; keyword & gt;
everyday_start & lt; 0~23|Don'tCare & gt; & lt; 0~59|Don'tCare & gt;
everyday_end & lt; 0~23|Don'tCare & gt; & lt; 0~59|Don'tCare & gt;
sunday_start & lt; 0~23|Don'tCare & gt; & lt; 0~59|Don'tCare & gt;
sunday_end & lt; 0~23|Don'tCare & gt; & lt; 0~59|Don'tCare & gt;
monday_start & lt; 0~23|Don'tCare & gt; & lt; 0~59|Don'tCare & gt;
monday_end & lt; 0~23|Don'tCare & gt; & lt; 0~59|Don'tCare & gt;
tuesday_start & lt; 0~23|Don'tCare & gt; & lt; 0~59|Don'tCare & gt;
tuesday_end & lt; 0~23|Don'tCare & gt; & lt; 0~59|Don'tCare & gt;
wednesday_start & lt; 0~23|Don'tCare & gt; & lt; 0~59|Don'tCare & gt;
add
wednesday_end & lt; 0~23|Don'tCare & gt; & lt; 0~59|Don'tCare & gt;
thursday_start & lt; 0~23|Don'tCare & gt; & lt; 0~59|Don'tCare & gt;
thursday_end & lt; 0~23|Don'tCare & gt; & lt; 0~59|Don'tCare & gt;
friday_start & lt; 0~23|Don'tCare & gt; & lt; 0~59|Don'tCare & gt;
friday_end & lt; 0~23|Don'tCare & gt; & lt; 0~59|Don'tCare & gt;
saturday_start & lt; 0~23|Don'tCare & gt; & lt; 0~59|Don'tCare & gt;
saturday_end & lt; 0~23|Don'tCare & gt; & lt; 0~59|Don'tCare & gt;
func & lt; Disable|Enable & gt;
name & lt; name & gt; [string]
delete & lt; 1~10 & gt;
everyday_start & lt; 0~23|Don'tCare & gt; & lt; 0~59|Don'tCare & gt;
everyday_end & lt; 0~23|Don'tCare & gt; & lt; 0~59|Don'tCare & gt;
sunday_start & lt; 0~23|Don'tCare & gt; & lt; 0~59|Don'tCare & gt;
sunday_end & lt; 0~23|Don'tCare & gt; & lt; 0~59|Don'tCare & gt;
monday_start & lt; 0~23|Don'tCare & gt; & lt; 0~59|Don'tCare & gt;
monday_end & lt; 0~23|Don'tCare & gt; & lt; 0~59|Don'tCare & gt;
tuesday_start & lt; 0~23|Don'tCare & gt; & lt; 0~59|Don'tCare & gt;
tuesday_end & lt; 0~23|Don'tCare & gt; & lt; 0~59|Don'tCare & gt;
wednesday_start & lt; 0~23|Don'tCare & gt; & lt; 0~59|Don'tCare & gt;
modify
& lt; 1~10 & gt;
wednesday_end & lt; 0~23|Don'tCare & gt; & lt; 0~59|Don'tCare & gt;
thursday_start & lt; 0~23|Don'tCare & gt; & lt; 0~59|Don'tCare & gt;
thursday_end & lt; 0~23|Don'tCare & gt; & lt; 0~59|Don'tCare & gt;
friday_start & lt; 0~23|Don'tCare & gt; & lt; 0~59|Don'tCare & gt;
friday_end & lt; 0~23|Don'tCare & gt; & lt; 0~59|Don'tCare & gt;
saturday_start & lt; 0~23|Don'tCare & gt; & lt; 0~59|Don'tCare & gt;
saturday_end & lt; 0~23|Don'tCare & gt; & lt; 0~59|Don'tCare & gt;
func & lt; Disable|Enable & gt;
name & lt; name & gt; [string]

Assign policy number to access control rule
Add new blocking site or keyword
Delete blocking site or keyword
Modify blocking site or keyword
Config schedule start time
Config schedule end time
Config schedule start time
Config schedule end time
Config schedule start time
Config schedule end time
Config schedule start time
Config schedule end time
Config schedule start time
Config schedule end time
Config schedule start time
Config schedule end time
Config schedule start time
Config schedule end time
Config schedule start time
Config schedule end time
Enable this schedule rule
Schedule name and comment
Delete schedule rule
Config schedule start time
Config schedule end time
Config schedule start time
Config schedule end time
Config schedule start time
Config schedule end time
Config schedule start time
Config schedule end time
Config schedule start time
Config schedule end time
Config schedule start time
Config schedule end time
Config schedule start time
Config schedule end time
Config schedule start time
Config schedule end time
Enable this schedule rule
Schedule name and comment

9

INSPECT part

level II
name & lt; rule-name & gt; & lt; Frag|TCP|UDP|FTP|H323|TFTP|L2TP|SIP & gt;
name_delete & lt; 1~4 & gt;
synwait-time & lt; 1~120 & gt;
finwait-time & lt; 1~60 & gt;
idle-time & lt; 1800~7200 & gt;
udp
idle-time & lt; 1~120 & gt;
high & lt; 1~300 & gt;
max-incomplete
low & lt; 1~250 & gt;
high & lt; 1~250 & gt;
one-minute
low & lt; 1~200 & gt;
port_scan_defect & lt; 50~5000 & gt; & lt; 1~150 & gt;
fragment & lt; 10~60000 & gt; & lt; 1~150 & gt; & lt; 1~120 & gt;
block-time & lt; 0~30000 & gt;
h323-timeout & lt; 0~3600 & gt;
tcp

inspect

ROUTE part

level II
static

route
rip

DHCP part
dhcp

& lt; CR & gt;
Modify inspection rule
d i s a b l e & lt; C R & gt; Disable specific protocol inspection function
Delete inspection rule
TCP session to be established waiting time
TCP session to be closed waiting time
TCP session idle timeout
UDP session idle timeout
Maximum existing half-open sessions
Minimum existing half-open sessions
Maximum rate of new half-open session
Minimum rate of new half-open session
'Port Scan/Flooding' defect sensitive criteria
Fragmention half-open entry threshold
Flood hacker blocking time
H.323 data channel idle timeout

add & lt; network_ip & gt; & lt; netmask & gt; & lt; gateway_ip & gt;
delete & lt; 1~20 & gt;
generic & lt; Disable|Enable & gt; & lt; Disable|Enable & gt;
version & lt; None|RIP1|RIP2 & gt;
attrib & lt; Disable|Enable|Silent & gt;
lan & lt; 1~4 & gt;
& lt; None|PASSWORD|MD5 & gt; & lt; Disable|Enable & gt;
authenticate & lt; string & gt;
version & lt; None|RIP1|RIP2 & gt;
attrib & lt; Disable|Enable|Silent & gt;
wlan & lt; 1~1 & gt;
& lt; None|PASSWORD|MD5 & gt; & lt; Disable|Enable & gt;
authenticate & lt; string & gt;
version & lt; None|RIP1|RIP2 & gt;
attrib & lt; Disable|Enable|Silent & gt;
atm & lt; 1~8 & gt;
& lt; None|PASSWORD|MD5 & gt; & lt; Disable|Enable & gt;
authenticate & lt; string & gt;

Add static route entry
Delete static route entry
Config operation and auto summary mode
Config RIP protocol version
Config operation, authentication and Poison
reverse mode
Config authentication code
Config RIP protocol version
Config operation, authentication and Poison
reverse mode
Config authentication code
Config RIP protocol version
Config operation, authentication and Poison
reverse mode
Config authentication code

interface & lt; interface & gt;
gateway & lt; ip & gt;

DHCP server activate interface
Default gateway for DHCP client

level II
server_generic

10

netmask & lt; netmask & gt;
ip_range & lt; ip & gt; & lt; 1~222 & gt;
name_server & lt; ip & gt; [ip] [ip]
lease_time & lt; -1~1209600 & gt;
service & lt; Disable|Enable & gt;
add & lt; mac & gt; & lt; ip & gt;
delete & lt; 1~10 & gt;

fixed

client_release & lt; ip & gt;
client & lt; Disable|Enable & gt;
client_interface & lt; interface & gt;

DNS part
dns

DDNS part
ddns

SNMP part

level II
proxy_func & lt; Disable|Enable & gt;
server & lt; ip & gt; [ip] [ip]

Dynamic DNS functionality
Dynamic DNS Provider
Dynamic Domain Name
Account (Email address)
Passowrd for Account

level II

snmp
trap & lt; 1~5 & gt;

mail

Enable or disable DNS Proxy function
DNS servers

level II
func & lt; Disable|Enable & gt;
provider & lt; DynDNS.org|TZO.com & gt;
domain_name & lt; domain & gt;
account & lt; address & gt;
password & lt; password & gt;

community
& lt; 1~5 & gt;

MAIL part

Subnet mask for DHCP client
Dynamic assigned IP address range
Domain name servers
Lease time (seconds)
Trigger DHCPD service
Add a fixed host entry
Delete a fixed host entry
Release DHCP client(Ref.'monitor dhcp_client'
command)
DHCP client functionality
DHCP client activate interface number

modify & lt; Disable|Enable & gt; & lt; string & gt;
& lt; Read|Write|Read_Write|Deny & gt;
delete & lt; CR & gt;
modify & lt; Disable|1|2 & gt; & lt; ip & gt; & lt; string & gt;
delete & lt; CR & gt;

Edit community entry

smtp & lt; domain & gt;
pop3 & lt; domain & gt;
mail & lt; address & gt;
account & lt; name & gt;
password & lt; pass_set0 & gt;

Sharing account's SMTP server address
Sharing account's POP3 server address
Sharing account's E-mail address
POP3 server access account
POP3 server access password

Delete community entry
Edit trap host parameter
Delete trap host entry

level II
generic

11

CHUSER part

level III
max_user & lt; 1~5 & gt;
telnet_port & lt; 1~54999 & gt;

chuser

UPNP part

Maximum allow telnet access user number
Telnet TCP port config

attrib & lt; 13~30 & gt; & lt; Command|Menu & gt;
& lt; VT100|ANSI|Linux|XTerm & gt;
source & lt; 1~16|Pool|Unlimited|Subnet & gt;
add
privilege & lt; User|Conf & gt;
& lt; User|Conf|Root|Unlimited & gt;
profile & lt; name & gt; & lt; pass_conf & gt;
user_profile
delete & lt; 2~5 & gt;
attrib & lt; 13~30 & gt; & lt; Command|Menu & gt;
& lt; VT100|ANSI|Linux|XTerm & gt;
source & lt; 1~16|Pool|Unlimited|Subnet & gt;
modify
& lt; 1~5 & gt;
privilege & lt; User|Conf & gt;
& lt; User|Conf|Root|Unlimited & gt;
profile & lt; name & gt; & lt; pass_conf & gt;
entry_edit & lt; network_ip & gt; & lt; netmask & gt;
modify & lt; 1~16 & gt;
& lt; Deny|Permit & gt;
delete & lt; 1~16 & gt;
address_control
default_act & lt; Deny|Permit & gt;
remote_subnet & lt; ip & gt; & lt; netmask & gt;
login_timeout & lt; 0~1440 & gt;
remote_login & lt; Disable|Enable|Disable_Lan & gt;

Client attributes

User login privilege and maximum allow privilege
Setting username and password
Delete user profile
Client attributes
Legal client IP address index or type
User login privilege and maximum allow privilege
Setting username and password
Modify adress control pool
Delete address control
Default access control action
Remote management address & netmask
Login timeout (minutes)
Remote management function disable or enable

level II
Enable or disable Universal Plug and Play

upnp & lt; Disable|Enable & gt;

VOIP_SIP part

Legal client IP address index or type

level II

voip_sip
phone_config
& lt; 1~4 & gt;

sip_server

advanced_config

phone_valid & lt; Disable|Enable & gt;
phone_number & lt; string & gt;
display_name & lt; string & gt;
sip_domain & lt; ip|domain & gt;
account & lt; string & gt; & lt; sting & gt; & lt; pass_set1 & gt;
listen_port & lt; 1~65534 & gt;
call_waiting & lt; Disable|Enable & gt;
sip_proxy & lt; ip|domain & gt; & lt; 1~65534 & gt;
sip_registrar & lt; ip|domain & gt; & lt; 1~65534 & gt;
expire_time & lt; number & gt;
call_waiting & lt; Disable|Enable & gt;

Enable or disable Phone
Phone Number
Display Name
SIP Domain
Account : Realm Username Password
SIP listening port
Enable or disable Support Call Waiting
Proxy IP Address and Port
Registrar IP Address and Port
Expire Time
Enable or disable Support Call Waiting

12

caller_id & lt; Disable|Enable & gt;
user_agent & lt; Disable|Enable & gt;
dtmf & lt; Disable|Enable & gt;

port_config
& lt; 1~4 & gt;

call_hold_version & lt; RFC2543|RFC3264 & gt;
tone_country & lt; Japan|USA|France|Germany|Spain|Taiwan
|Canada|Italy|Belgium & gt;
hook_flash_timer & lt; number & gt;
voip_tone & lt; Disable|Enable & gt;
add_codec & lt; G7231|G711Ulaw|G711Alaw|G729 & gt;
del_codec & lt; G7231|G711Ulaw|G711Alaw|G729 & gt;
codec
codec_pri & lt; G7231|G711Ulaw|G711Alaw|G729 & gt;
& lt; 1~4 & gt;
volume_gain & lt; Off|Fixed|Adaptive & gt;
gain_input & lt; number & gt;
gain_output & lt; number & gt;
gain_adapt & lt; number & gt;
jitter_buffer & lt; Off|Fixed|Adaptive|Sequential & gt;
delay & lt; number & gt;
echo_canceller & lt; Off|08MS|16MS|32MS|48MS|64MS & gt;
comfort_noise & lt; Off|On & gt;
voice_detect & lt; Off|On & gt;
packet_loss & lt; Disable|Enable & gt;
add_call_prefix & lt; Disable|Enable & gt;

dial_plan

quick_dial

call_prefix & lt; number & gt;
add & lt; number & gt; & lt; connect_code & gt;
modify & lt; number & gt; & lt; connect_code & gt;
delete & lt; number & gt;
delete_all & lt; CR & gt;
add & lt; 1~20 & gt; & lt; string & gt; & lt; string & gt;
modify & lt; 1~20 & gt; & lt; string & gt; & lt; string & gt;
delete & lt; 1~20 & gt;
delete_all & lt; CR & gt;

active & lt; CR & gt;

VOIP_QOS part
voip_qos

Enable or disable Caller-ID Presentation
Enable or disable Support User-Agent Header
Enable or disable Support RFC 2833 (DTMF out of
band)
Config Call Hold Version
Config Telephony Tone Country
Config Telephony Hook Flash Timer
Enable or disable different dial tone for VoIP
Add Codec
Delete Codec
Modify Codec Priority
Config Volume Gain
Config Gain Input
Config Gain Output
Config Gain Adapt
Config Jitter Buffer
Config Fixed Delay
Config Echo Canceller
On or Off Comfort Noise Generation
On or Off Voice Activity Detector
Enable or disable Packet Loss Compensation
Enable or disable Automatically Ahead all
PSTN-number
Phone number of the call-by-call-provider
Add dial plan rule
Modify dial plan rule
Delete dial plan rule
Delete all dial plan rule
Add quick dial rule
Modify quick plan rule
Delete quick plan rule
Delete all quick plan rule
Active the changes

level II
state & lt; Disable|Enable & gt;
bind & lt; By_Routing|VC_1|VC_2|VC_3|VC_4|VC_5|VC_6|VC_7|VC_8 & gt;

Disable or Enable VOIP QOS
Config VOIP QOS route parameter

13

QOS part

qos

NETBIOS part
netbios

level II
outbound & lt; Disable|Enable & gt;
bandwidth & lt; BE|AF1|AF2|AF3|AF4|EF & gt; & lt; 0~100 & gt; & lt; Disable|Enable & gt;
src & lt; mac_str|ip_range|thisrouter|any & gt;
dst & lt; ip_range|any & gt;
tfc & lt; FTP|VoIP|E-MAL|SNMP|TELNET|WWW|VPN|IP & gt;
dscp & lt; any|notany & gt; & lt; 0x00~0xFF & gt;
mapeto & lt; BE|AF1|AF2|AF3|AF4|EF & gt; & lt; remark|notremark & gt;
& lt; 0x00~0xFF & gt;
outvc & lt; 0~8 & gt;
add
src & lt; mac_str|ip_range|thisrouter|any & gt;
& lt; string & gt; dst & lt; ip_range|any & gt;
tfc & lt; TCP|UDP & gt;
localport & lt; port_str & gt;
remoteport & lt; port_str & gt;
dscp & lt; any|notany & gt; & lt; 0x00~0xFF & gt;
mapeto & lt; BE|AF1|AF2|AF3|AF4|EF & gt; & lt; remark|notremark & gt;
& lt; 0x00~0xFF & gt;
outvc & lt; 0~8 & gt;
rule_name & lt; string & gt;
src & lt; mac_str|ip_range|thisrouter|any & gt;
dst & lt; ip_range|any & gt;
classify
tfc & lt; FTP|VoIP|E-MAL|SNMP|TELNET|WWW|VPN|IP & gt;
dscp & lt; any|notany & gt; & lt; 0x00~0xFF & gt;
mapeto & lt; BE|AF1|AF2|AF3|AF4|EF & gt; & lt; remark|notremark & gt;
& lt; 0x00~0xFF & gt;
outvc & lt; 0~8 & gt;
modify
rule_name & lt; string & gt;
& lt; 1~16 & gt;
src & lt; mac_str|ip_range|thisrouter|any & gt;
dst & lt; ip_range|any & gt;
tfc & lt; TCP|UDP & gt;
localport & lt; port_str & gt;
remoteport & lt; port_str & gt;
dscp & lt; any|notany & gt; & lt; 0x00~0xFF & gt;
mapeto & lt; BE|AF1|AF2|AF3|AF4|EF & gt; & lt; remark|notremark & gt;
& lt; 0x00~0xFF & gt;
outvc & lt; 0~8 & gt;
delete & lt; string & gt;
moveup & lt; string & gt;
movedown & lt; string & gt;
active & lt; CR & gt;

Disable or Enable outbound control
Config bandwidth allocation

Add classify rule

Modify classify rule

Delete classify rule
Move classify rule up
Move classify rule down
Active the changes

level II
func & lt; Disable|Enable & gt;
remote_access & lt; Disable|Enable & gt;

NetBIOS file server function
Allow remote access to NetBIOS file server

14

name & lt; name & gt;
group_name & lt; name & gt;
description & lt; string & gt;
name & lt; name & gt;
description & lt; string & gt;
volume & lt; 0~32 & gt;
path & lt; path & gt;
share_profile
secure & lt; Disable|Enable & gt; & lt; RO|FUL|DEP & gt;
& lt; 1~10 & gt;
read_pass [pass_set0]
full_pass [pass_set0]
func & lt; Disable|Enable & gt;
type & lt; Printer|Disk & gt;
usb_disk1 & lt; 1~7 & gt;
usb_disk2 & lt; 1~7 & gt;
paper_out_wait & lt; 0~150 & gt;
spooler

STORAGE part
storage

level II
usb_disk1
usb_disk2

SHOW part
show

Device name for NetBIOS server
Workgroup name for NetBIOS server
Device description
Share name string
Description of share resource
Volume ID of sharing path
Root sharing path
Enable or disable password protect
Read-only password (Empty for don't check)
Full access password (Empty for don't check)
Share resource function disable or enable
Share resource type, printer or disk
Volume bind share profile index
Volume bind share profile index
Paper out waiting time (sec.)
Print job spooling configuration

volume
unplug & lt; CR & gt;
volume

mount & lt; 1~32 & gt; & lt; Disable|Enable & gt;
mount & lt; 1~32 & gt; & lt; Disable|Enable & gt;

mount & lt; 1~32 & gt; & lt; Disable|Enable & gt;
Unplug USB disk 1 device
USB disk volume mount

level I
run & lt; CR & gt;
configuration & lt; CR & gt;
system & lt; CR & gt;
vc & lt; CR & gt;
interface [LAN|WAN]
mail & lt; CR & gt;
ppp [Generic|Users|Pool|IP_Pool]
ip_share [AddressMapping|VirtualServer|SpecialAP|NAT]
dhcp [Server|Fixed|Client]
ddns & lt; CR & gt;
route [Static|RIP]
bridge [Generic|Static|STP]
dial & lt; CR & gt;
wLAN [Generic|WEP|MAC|WPA|802.1x|status|WDS]
firewall_func [Generic|DMZ]
access-list [1~4]
inspect [Generic|Rule]

Show
Show
Show
Show
Show
Show
Show
Show
Show
Show
Show
Show
Show
Show
Show
Show
Show

all configuration
all configuration in command script
common system configuration
ATM virtual circuit configuration
interface configuration
mail configuration
PPP configuration
IP address sharing configuration
DHCP configuration
Dynamic DNS configuration
routing configuration
bridging configuration
Dial configuration
wireless LAN configuration
firewall function configuration
access control rules pool
access control rules pool

15

user [Generic|Profile|Pool]
voip_sip [phone|server|advanced|port|dial_plan|quick_dial]
qos [traffic_ctrl|classify|statistics]
netbios [Generic|usb1_binding|usb2_binding|share_profile]
storage [usbdisk1|usbdisk2]

MONITOR part

monitor

Monitor
Monitor
Monitor
Monitor
Monitor
Monitor
Monitor
Monitor
Monitor
Monitor
Monitor

routing table
NetBIOS name database
ADSL router running status or statistics
interface status or statistics
login user information
access control rules pool
inspection run-time pool
firewall alert or system log
DHCP client request address pool
socket run-time information
DNS cache table

level III
all & lt; ip|Xmodem & gt; [file]
kernel & lt; ip|Xmodem & gt; [file]
web_image & lt; ip|Xmodem & gt; [file]
conf_file & lt; ip|Xmodem & gt; [file]
boot_code & lt; ip|Xmodem & gt; [file]

BACKUP part
backup

configuration parameters and users profile
VOIP SIP profile
QoS profile
NetBIOS file server configuration
storage device info

level I
route & lt; CR & gt;
netbios_pool & lt; Basic|Advance & gt;
adsl [Status|Statistics]
interface [Status|ATM|Ethernet]
user & lt; CR & gt;
access-list & lt; 1~4 & gt;
inspect [Frag|TCP|UDP]
syslog [Alert|Log]
dhcp_client & lt; CR & gt;
socket [TCP|UDP|ICMP]
dns & lt; CR & gt;

UPGRADE part
upgrade

Show
Show
Show
Show
Show

Upgrade
Upgrade
Upgrade
Upgrade
Upgrade

firmware image
kernal run-time code image
web image file
configuration file
boot code

level III
conf_file & lt; ip|Xmodem & gt; [file]

Backup configuration file

level I
passwd [username] [old_pass] [new_pass]

Change user password

level II
Reset system configuration to default status

default_reset & lt; CR & gt;

level II
write [reboot|exit]

Write configuration and restart system

16

level II
Restart system

reboot & lt; CR & gt;

level I
Enable configuration mode

enable & lt; CR & gt;

level I
Change to super user(root) mode

su & lt; password & gt;

level I
ping & lt; ip|domain & gt; [1~65534|-t] [1~1999]

Ping test

level I
tracert & lt; ip|domain & gt; [option1] [option2]

Trace route utility

level I
exit & lt; CR & gt;

exit & lt; CR & gt;

17


Pobierz plik - link do postu