Commands relating to IP Router

Revised for CPX 4.7.0.
IP ports
IP routings
Saved static IP routings
IP source routings
IP Routing administrative distances

IP access list

State commands and statistics
Initialization commands

Other commands

IP Ports top

A IPP Add IP port (Administrator)
A IPP:xx [par:val]

It adds a new IP port definition, identified by "IPP:xx". It also set the parameters to the values eventually specified. The not specified parameters are set to default values.

IP table can store up to 64 definitions, therefore the IP port identifier must be in the interval [0 - 63].

Definitions may not have consecutive identifiers, therefore new definition can have any identifier value less than the maximum (63).

If a port, whose "IPP:xx" is already used in the table, is going to be added, the following error message is generated: "IP PORT ALREADY EXISTS".

If the IP table is full and a new definition is asked to be added, an error message is generate: "IP PORT TABLE IS FULL, COMMAND NOT EXECUTED".

Changes made on the IP ports table are not immediately active. For their activation, it is needed to execute the initialization command INIT IPP, that refreshes all IP Ports parameters and purges queues, or the command INIT IPP:xxx, that refreshes the specified IP port parameters only.

The "Not Saved (SAVE CONF)" message is displayed every time the table is modified but not saved with the SAVE CONF command.

The "Not Refreshed (INIT)" message is displayed every time the table is modified but not refreshed with the initialization command.

C IPP Clear IP port (Administrator)
C IPP:xx

It removes the requested IP port from the IP port table.

IP port identifiers must be in the interval [0 - 63]. If no port matches the identifier, the following error message is displayed "IP PORT NOT PRESENT".

If the IP port table is empty, the message "IP PORT TABLE IS EMPTY" is generated.

Ports, whose IPP is higher than the removed one, are not decremented because of contiguity. The removed definition frees a place in the table, which won't be displayed by the command D IPP execution.

Changes made on the IP ports table are not immediately active. For their activation, it is needed to execute the initialization command INIT IPP, that refreshes all IP Ports parameters and purges queues, or the command INIT IPP:xxx, that refreshes the specified IP port parameters only.

The "Not Saved (SAVE CONF)" message is displayed every time the table is modified but not saved with the SAVE CONF command.

The "Not Refreshed (INIT)" message is displayed every time the table is modified but not refreshed with the initialization command.

D IPP Display IP port (User)
D IPP
D IPP:xx

It shows the IP port table.

By omitting the IP port identifier, the command will show all the ports currently defined.

Here is an example of the command execution:

[16:44:11] ABILIS_CPX: D IPP

IPRTR (PO:900) parameters:  R-ID:AUTO (192.168.000.213)
 
- Not Saved (SAVE CONF), Not Refreshed (INIT) ---------------------------------
 
IPP:0  - Lan_ip_port ----------------------------------------------------------
ACT    IPADD:192.168.000.213                       MTU:1500
       MASK :255.255.255.000 NAT:NO      SRCV:NO   outbuf:50
       IFTYPE:LAN            REDIS:YES             RP:RIP
       BRD:NET               LOWPO:158   HIDE:NO   FAIRQUEUE:YES
       SPEEDLIMIT:NO
       - RIP section ----------------------------------------------------------
       RIPSEND:RIP2B    RIPRECV:BOTH     RIPNU:YES    RIPMETRIC:1
       - TRFA section ---------------------------------------------------------
       TRFA:YES  trfa-mode:FULL      ip-reserve:AUTO  TRFA-IPADD:LOCAL
 
IPP:1  - Not Saved (SAVE CONF), Not Refreshed (INIT) --------------------------
NEW    ------------------------------------------------------------------------
       IPADD:000.000.000.000 NEIGH:000.000.000.000 MTU:1500       FRAG:NO
       MASK :255.255.255.255 NAT:NO      SRCV:NO   outbuf:50
       IFTYPE:LINK           REDIS:YES             RP:NONE
       ENC:RAW-IP            LOWPO:NONE  HIDE:NO   FAIRQUEUE:YES
       SPEEDLIMIT:NO
       - TRFA section ---------------------------------------------------------
       TRFA:NO
 
IPP:5  - test_line ------------------------------------------------------------
ACT    IPADD:000.000.000.000 NEIGH:000.000.000.000 MTU:1500       FRAG:NO
       MASK :255.255.255.000 NAT:OUTSIDE SRCV:NO   outbuf:50
       IFTYPE:LINK           REDIS:YES             RP:NONE
       ENC:RAW-IP            LOWPO:3     HIDE:NO   FAIRQUEUE:YES
       SPEEDLIMIT:NO
       - TRFA section ---------------------------------------------------------
       TRFA:YES  trfa-mode:FULL      ip-reserve:AUTO  TRFA-IPADD:LOCAL

The "Not Saved (SAVE CONF)" message is displayed every time the table is modified but not saved with the SAVE CONF command.

The "Not Refreshed (INIT)" message is displayed every time the table is modified but not refreshed with the initialization command.

By specifying IP port identifier, the command will show the definition of the requested port. IP port identifier must be in the interval [0 - 63]. If does not exist any port with that identifier, an error message is generated: "IP PORT NOT PRESENT".

Here is an example of the execution of the command "D IPP:1", displayed values are the default ones:

[16:44:11] ABILIS_CPX: D IPP:1
 
IPP:1  - Not Saved (SAVE CONF), Not Refreshed (INIT) --------------------------
NEW    ------------------------------------------------------------------------
       IPADD:000.000.000.000 NEIGH:000.000.000.000 MTU:1500       FRAG:NO
       MASK :255.255.255.255 NAT:NO      SRCV:NO   outbuf:50
       IFTYPE:LINK           REDIS:YES             RP:NONE
       ENC:RAW-IP            LOWPO:NONE  HIDE:NO   FAIRQUEUE:YES
       SPEEDLIMIT:NO
       - TRFA section ---------------------------------------------------------
       TRFA:NO

The "Not Saved (SAVE CONF)" message is displayed every time the IP port configuration is modified but not saved with the SAVE CONF command.

The "Not Refreshed (INIT)" message is displayed every time the IP port configuration is modified but not refreshed with the initialization command.

If the IP port table is empty, the following message is generated: "IP PORT TABLE IS EMPTY". Definitions may not have consecutive identifiers, that's why the not shown IPP values correspond to free places in the table.

In conclusion, as it is possible to notice from the previous examples, for those IP ports, which have been assigned a description, the command will display in the first row the informative string set by the User through the command A D.

S IPP Set IP port (Administrator)
S IPP:xx par:val [par:val]

It sets the parameters to their new values for the specified port.

IP port identifiers must be in the interval [0 - 63]. If no port matches the identifier, the following error message is displayed "IP PORT NOT PRESENT".

If the IP port table is empty, the message "IP PORT TABLE IS EMPTY" is generated.

The parameter list, defined in the command, is left to right evaluated: the parameters are set one after the other, starting from the leftmost.

Command evaluating will terminate if one the following events will occur:

All the parameters evaluated, before the error occurrence, will get the new value, the other ones will not be changed.

Changes made on the IP ports table are not immediately active. For their activation, it is needed to execute the initialization command INIT IPP, that refreshes all IP Ports parameters and purges queues, or the command INIT IPP:xxx, that refreshes the specified IP port parameters only.

The "Not Saved (SAVE CONF)" message is displayed every time the table is modified but not saved with the SAVE CONF command.

The "Not Refreshed (INIT)" message is displayed every time the table is modified but not refreshed with the initialization command.

IP routings top

A IPR Add IP routing (Administrator)
A IPR NET:x.x.x.x/yy [par:val] [-FD]
A IPR NET:x.x.x.x MASK:y.y.y.y [par:val] [-FD]

It adds a new IP routing definition and it sets any other parameters that is eventually indicated to the specified values. The not specified parameters are set to their default values.

The destination network address and the related mask can be specified either using the Slash Notation (e.g. NET:x.x.x.x/yy) or using the Dotted Decimal Notation for both the network address and the related mask (e.g. NET:x.x.x.x MASK:y.y.y.y).

Allowed values for the destination network address must be in the range [0.0.0.0, 1.0.0.0-126.255.255.255, 128.0.0.0-223.255.255.255].

When Slash Notation is used, valid values for the network mask mast be in the range [0-32]; while values in the range [0.0.0.0 - 255.255.255.255] are accepted in Dotted Decimal Notation.

Doing the "logical AND" between destination network address and the mask values, the result should be the destination network address itself; if not the message "INVALID STATIC NETWORK" will be shown and the new definition addition will be refused.

This command can be only used to add static IP routings to the table.

Once added, an IP routing is unambiguously identified by the destination network address and the related mask. If an IP routing with the same destination network address and mask values of the specified one is already present in the table, an error message will be displayed "STATIC ROUTING IS ALREADY PRESENT".

The "-FD" option can be optionally specified to force routing duplication, i.e. the addition of two routings with the same destination network and mask, but with different destination IP port. E.g.:

Destination routes and conditional source routes:
+-+-+-+-+--------------------+--------------------+-----------------+----+---+
|B|P|S|H|     NET:/MASK:     |      MASK: or      |       GW:       |IPP:|AD:|
| | | | |                    |   SRNET:/SRMASK:   |                 |    |   |
+-+-+-+-+--------------------+--------------------+-----------------+----+---+
|*|S| | | 001.001.001.001/32 | 255.255.255.255    |                 |D  1|  1|
| |S| | | 001.001.001.001/32 | 255.255.255.255    |                 |NONE|  1|
+-+-+-+-+--------------------+--------------------+-----------------+----+---+

If the table is full and a new IP routing is going to be added, the following error message will be displayed: "IP ROUTING TABLE OVERFLOW COMMAND NOT EXECUTED".

Changes made on the IP routings table are immediately active, they do not need any initialization command to be operative.

The "Not Saved (SAVE CONF)" message is displayed every time the table is modified but not saved with the SAVE CONF command.

C IPR Clear IP routing (Administrator)
C IPR NET:x.x.x.x [par:val]

It deletes from the table the IP routing identified by the specified destination network "NET:x.x.x.x", expressed in Dotted Decimal Notation.

Allowed values for the destination network address must be in the range [0.0.0.0, 1.0.0.0-126.255.255.255, 128.0.0.0-223.255.255.255].

This command can be only used to remove static IP routings from the table.

Once added, an IP routing is unambiguously identified by the destination network address and the related mask. If one or more IP routings with the same destination network address of the specified one are present in the table, the user should specify one or more additional parameters in order to allow the unambiguous identification of the definition. Otherwise the result of the command will be the following:

[16:12:05] ABILIS_CPX: C IPR NET:1.1.1.1

 +-----+--------------------+-----------------+-----------------+----+
 |HIDE:|        NET:        |      MASK:      |        GW:      |IPP:|
 +-----+--------------------+-----------------+-----------------+----+
 |  NO | 001.001.001.001/32 | 255.255.255.255 | 000.000.000.000 |D  1|
 |  NO | 001.001.001.001/32 | 255.255.255.255 | 000.000.000.000 |NONE|
 +-----+--------------------+-----------------+-----------------+----+

More routing match. Please specify additional parameters.

On the contrary, if no entry is found for the specified parameter's values, the message "STATIC ROUTING NOT FOUND" will be generated.

Changes made on the IP routings table are immediately active, they do not need any initialization command to be operative.

The "Not Saved (SAVE CONF)" message is displayed every time the table is modified but not saved with the SAVE CONF command.

D IPR Display IP routing (User)
D IPR [filter:value]

It shows the IP routing table.

In absence of additional parameters, the command will show all the routings.
Here is an example of the command "D IPR" execution:

[11:18:14] ABILIS_CPX: D IPR

- Not Saved (SAVE CONF) -------------------------------------------------------

[16:41:28] CPX_TRFA_213:d ipr

Unconditional source routes:
+-------+--------------------+--------------------+-----------------+----+---+
|       |     NET:/MASK:     |      MASK: or      |       GW:       |IPP:|   |
|       |                    |   SRNET:/SRMASK:   |                 |    |   |
+-------+--------------------+--------------------+-----------------+----+---+
|       | 002.002.000.000/16 | 255.255.000.000    |                 |    |   |
|       |                    | 005.005.005.005/32 |                 |D  2|   |
|       |                    | 005.005.005.005/32 |                 |D  1|   |
+-------+--------------------+--------------------+-----------------+----+---+

Destination routes and conditional source routes:
+-+-+-+-+--------------------+--------------------+-----------------+----+---+
|B|P|S|H|     NET:/MASK:     |      MASK: or      |       GW:       |IPP:|AD:|
| | | | |                    |   SRNET:/SRMASK:   |                 |    |   |
+-+-+-+-+--------------------+--------------------+-----------------+----+---+
|*|S| | | 001.001.001.001/32 | 255.255.255.255    |                 |D  1|  1|
| |S| | | 001.001.001.001/32 | 255.255.255.255    |                 |NONE|  1|
| | | | |                    | 005.005.005.005/32 |                 |NONE|   |
|*|S| | | 001.005.005.005/32 | 255.255.255.255    |                 |NONE|  1|
|*|S| |*| 002.002.002.002/32 | 255.255.255.255    |                 |  10|  1|
| |S| | | 002.002.002.002/32 | 255.255.255.255    |                 |NONE|  1|
|*|S| | | 002.002.002.003/32 | 255.255.255.255    |                 |  10|  1|
|*|S| |*| 005.005.005.005/32 | 255.255.255.255    |                 |   5|  1|
|*|S| | | 005.005.005.006/32 | 255.255.255.255    |                 |   6|  1|
|*|S| | | 009.009.009.009/32 | 255.255.255.255    |                 |NONE|  1|
|*|S| | | 010.000.000.001/32 | 255.255.255.255    |                 |   5|  5|
|*|S| | | 032.032.032.032/32 | 255.255.255.255    |                 |  32|  1|
|*|S| | | 192.168.000.005/32 | 255.255.255.255    |                 |  15|  1|
|*|R| | | 192.168.000.060/32 | 255.255.255.255    | 192.168.000.060 |   0|120|
|*|C| | | 192.168.000.213/32 | 255.255.255.255    |                 |R-ID|  0|
|*|C| | | 192.168.010.001/32 | 255.255.255.255    |                 |  30|  0|
|*|C| | | 192.168.031.213/32 | 255.255.255.255    |                 |  31|  0|
|*|C| | | 212.025.018.178/32 | 255.255.255.255    |                 |  30|  0|
|*|C| | | 006.006.006.000/24 | 255.255.255.000    |                 |D 63|  0|
|*|C| | | 192.168.000.000/24 | 255.255.255.000    |                 |   0|  0|
|*|R| | | 192.168.001.000/24 | 255.255.255.000    | 192.168.000.060 |   0|120|
|*|S| | | 192.168.006.000/24 | 255.255.255.000    | 192.168.000.251 |   0|  1|
|*|S| | | 192.168.008.000/24 | 255.255.255.000    | 192.168.000.251 |   0|  1|
|*|C| | | 002.002.000.000/16 | 255.255.000.000    |                 |  40|  0|
| |S| | | 002.002.000.000/16 | 255.255.000.000    |                 |  40|  1|
| | | | |                    | 005.005.005.005/32 |                 |   0|   |
| | | | |                    | 005.005.005.005/32 |                 |NONE|   |
|*|S| | | 010.000.000.000/16 | 255.255.000.000    | 192.168.000.253 |   0|  1|
+-+-+-+-+--------------------+--------------------+-----------------+----+---+

It is possible to use additional parameters for filtering the selection of the routing to be displayed. Then only those routings that match the requests will be displayed.
Here is an example of the command "D IPR NET:192.168.000.000" execution:

[17:35:12] CPX_TRFA_213: D IPR NET:192.168.000.000

- Not Saved (SAVE CONF) -------------------------------------------------------

Unconditional source routes:
+-------+--------------------+--------------------+-----------------+----+---+
|       |     NET:/MASK:     |      MASK: or      |       GW:       |IPP:|   |
|       |                    |   SRNET:/SRMASK:   |                 |    |   |
+-------+--------------------+--------------------+-----------------+----+---+


Destination routes and conditional source routes:
+-+-+-+-+--------------------+--------------------+-----------------+----+---+
|B|P|S|H|     NET:/MASK:     |      MASK: or      |       GW:       |IPP:|AD:|
| | | | |                    |   SRNET:/SRMASK:   |                 |    |   |
+-+-+-+-+--------------------+--------------------+-----------------+----+---+
|*|C| | | 192.168.000.000/24 | 255.255.255.000    |                 |   0|  0|
+-+-+-+-+--------------------+--------------------+-----------------+----+---+

The "Not Saved (SAVE CONF)" message is displayed every time the table is modified but not saved with the SAVE CONF command.

Here is a brief description of the optional parameters allowed by the command:

Parameter Description
P: Routing provenience [C(connected), S (static), O, R ( obtained form the RIP/OSPF routing algorithm)];
it can be used for displaying IP routings by their source.
H: It sets if the static routing (can) has to be invisible to other routers during RIP/OSPF refreshing [NO, YES];
it can be used for displaying IP routings by the same feature.
NET: IP address of the destination network (in the range [0.0.0.0, 1.0.0.0-126.255.255.255, 128.0.0.0-223.255.255.255]) or destination network address and mask (in the range [0-32]) in Slash Notation;
it can be used for displaying IP routings with the same destination network.
MASK: Mask associated to the destination network, expressed in Dotted Decimal Notation (in the range [0.0.0.0 - 255.255.255.255]);
it can be used for displaying IP routings characterized by a certain mask.
SRNET: IP address of the source routing network (in the range [0.0.0.0, 1.0.0.0-126.255.255.255, 128.0.0.0-223.255.255.255]) or source routing network address and mask (in the range [0-32]) in Slash Notation;
it can be used for displaying IP routings with the same source routing network.
SRMASK: Source routing network mask, expressed in Dotted Decimal Notation (in the range [0.0.0.0 - 255.255.255.255]);
it can be used for displaying IP routings characterized by a certain source routing network mask.
GW: IP address of the destination Gateway in Dotted Decimal Notation (in the range [0.0.0.0, 1.0.0.0-126.255.255.255, 128.0.0.0-223.255.255.255]);
it can be used for displaying IP routings characterized by a certain destination Gateway.
IPP: Destination IP port [0 - 63];
it can be used for displaying IP routings characterized by a given IP port.
UN: Unconditional source routing [NO, YES];
it can be used for displaying unconditional source routes only.

For a more detailed description of shown information, please refer to the IP routings section.

S IPR Set IP routing (Administrator)
S IPR NET:x.x.x.x [par:val]

It sets one or more parameters to their new values, in the IP routing identified by the specified destination network "NET:x.x.x.x", expressed in Dotted Decimal Notation.

Allowed values for the destination network address must be in the range [0.0.0.0, 1.0.0.0-126.255.255.255, 128.0.0.0-223.255.255.255].

This command can be only used to modify static IP routing definitions in the table.

Once added, an IP routing is unambiguously identified by the destination network address and the related mask. If one or more IP routings with the same destination network address of the specified one are present in the table, the user should specify one or more additional parameters in order to allow the unambiguous identification of the definition. Otherwise the result of the command result will be the following:

[16:12:05] ABILIS_CPX: S IPR NET:1.1.1.1

 +-----+--------------------+-----------------+-----------------+----+
 |HIDE:|        NET:        |      MASK:      |        GW:      |IPP:|
 +-----+--------------------+-----------------+-----------------+----+
 |  NO | 001.001.001.001/32 | 255.255.255.255 | 000.000.000.000 |D  1|
 |  NO | 001.001.001.001/32 | 255.255.255.255 | 000.000.000.000 |NONE|
 +-----+--------------------+-----------------+-----------------+----+

More routing match. Please specify additional parameters.

On the contrary, if no entry is found for the specified parameter's values, the message "STATIC ROUTING NOT FOUND" will be generated.

The parameter's list, defined in the command, is left to right evaluated: the parameters are set one after the other, starting from the leftmost.

Command evaluating will terminate if one the following events will occur:

All the parameters evaluated, before the error occurrence, will get the new value, the other ones will not be changed.

Changes made on the IP routings table are immediately active, they do not need any initialization command to be operative.

The "Not Saved (SAVE CONF)" message is displayed every time the table is modified but not saved with the SAVE CONF command.


Saved static IP routings top

A IPRS
A SIPR		 Add saved static IP routing (Available only in off-line Configurator)
A IPRS ID:xxx [par:val]
A SIPR ID:xxx [par:val]

It adds new saved static IP routing. The command can only be executed for adding static IP routing by off-line configurator.

The table of saved static IP routings can store up to 255 routings, therefore the identifier of the specified routing must be in the interval [0 - 254].

If a new IP routing, whose "ID:xxx" identifier is already present in the table, is going to be added, an error message will be display "STATIC IP ROUTING ALREADY EXISTS".

If the table is full and a new IP routing is going to be added, the following error message will be displayed: "STATIC IP ROUTING TABLE OVERFLOW, COMMAND NOT EXECUTED".

Optional parameters can be set together with the routing addition. The not specified parameters are set to their default values.

The "Not Saved (SAVE CONF)" message is displayed every time the table is modified but not saved with the SAVE CONF command.

C IPRS
C SIPR		 Clear saved static IP Routing (Available only in off-line Configurator)
C IPRS ID:xxx
C SIPR ID:xxx

It removes a static IP routing from the saved ones table. The command can only be executed for deleting static IP routing by off-line configurator.

The table of saved static IP routings can store up to 255 routings, therefore the identifier of the specified routing must be in the interval [0 - 254].

If the requested IP routing is not present in the table, the error message "STATIC IP ROUTING NOT PRESENT" will be generated. If the table of saved static IP routings is empty, the following message will be displayed: "STATIC IP ROUTING TABLE IS EMPTY".

The "Not Saved (SAVE CONF)" message is displayed every time the table is modified but not saved with the SAVE CONF command.

D IPRS
D SIPR		 Display saved static IP routing (User)
D IPRS [ID:xxx]
D SIPR [ID:xxx]

It shows saved static IP routings.

Here is an example of the command execution:

[17:22:35] ABILIS_CPX: D SIPR
 
+-----+-------+-----------------+-----------------+-----------------+------+
| ID: | HIDE: |      NET:       |      MASK:      |       GW:       | IPP: |
+-----+-------+-----------------+-----------------+-----------------+------+
|   0 |  YES  | 002.002.002.002 | 255.255.255.255 | 000.000.000.000 |   10 |
|   1 |  NO   | 002.002.002.003 | 255.255.255.255 | 000.000.000.000 |   10 |
|   2 |  YES  | 005.005.005.005 | 255.255.255.255 | 000.000.000.000 |    5 |
|   3 |  NO   | 005.005.005.006 | 255.255.255.255 | 000.000.000.000 |    6 |
|   4 |  NO   | 010.000.000.001 | 255.255.255.255 | 000.000.000.000 |    5 |
|   5 |  NO   | 032.032.032.032 | 255.255.255.255 | 000.000.000.000 |   32 |
|   6 |  NO   | 192.168.006.000 | 255.255.255.000 | 192.168.000.251 |    0 |
|   7 |  NO   | 192.168.008.000 | 255.255.255.000 | 192.168.000.251 |    0 |
|   8 |  NO   | 002.002.000.000 | 255.255.000.000 | 000.000.000.000 |   40 |
|   9 |  NO   | 010.000.000.000 | 255.255.000.000 | 192.168.000.253 |    0 |
|  10 |  NO   | 000.000.000.000 | 000.000.000.000 | 192.168.000.232 |    0 |
+-----+-------+-----------------+-----------------+-----------------+------+

By specifying the routing identifier, the command will display only the requested routing, of course if it is present in the table.

The table of saved static IP routings can store up to 255 routings, therefore the identifier of the specified routing must be in the interval [0 - 254].

If no static IP routing exists with that identifier, the message "STATIC IP ROUTING NOT PRESENT" will be displayed.

If the table of saved static IP routings is empty, the following message will be displayed: "STATIC IP ROUTING TABLE IS EMPTY".

The "Not Saved (SAVE CONF)" message is displayed every time the table is modified but not saved with the SAVE CONF command.

For a more detailed description of shown information, please refer to the Saved static IP routings section.

S IPRS
S SIPR		 Set saved static IP routing (Available only in off-line Configurator)
S IPRS ID:xx par:val [par:val]
S SIPR ID:xx par:val [par:val]

It sets the parameters of the specified saved static IP routing to their new values. The command can only be executed for setting static IP routing by off-line configurator.

The table of saved static IP routings can store up to 255 routings, therefore the identifier of the specified routing must be in the interval [0 - 254].

If no static IP routing exists with that identifier, the message "STATIC IP ROUTING NOT PRESENT" will be displayed.

If the table of saved static IP routings is empty, the following message will be displayed: "STATIC IP ROUTING TABLE IS EMPTY".

The parameter list, defined in the command, is left to right evaluated: the parameters are set one after the other, starting from the leftmost.

Command evaluating will terminate if one the following events will occur:

All the parameters evaluated, before the error occurrence, will get the new value, the other ones will not be changed.

The "Not Saved (SAVE CONF)" message is displayed every time the table is modified but not saved with the SAVE CONF command.


IP source routings top

A IPSR Add IP source routing (Available only in off-line Configurator)
A IPSR ID:xxx [par:val]

It adds new IP source routing. The command can only be executed by off-line configurator.

The table of IP source routings can store up to 255 routings, therefore the identifier of the specified routing must be in the interval [0 - 254].

If a new IP routing, whose "ID:xxx" identifier is already present in the table, is going to be added, an error message will be display "IP SOURCE ROUTING ALREADY EXISTS".

If the table is full and a new IP routing is going to be added, the following error message will be displayed: "IP SOURCE ROUTING TABLE OVERFLOW, COMMAND NOT EXECUTED".

Optional parameters can be set together with the routing addition. The not specified parameters are set to their default values.

The "Not Saved (SAVE CONF)" message is displayed every time the table is modified but not saved with the SAVE CONF command.

C IPSR Clear IP source routing (Available only in off-line Configurator)
C IPSR ID:xxx

It removes an existing IP source routing from the related table. The command can only be executed by off-line configurator.

The table of IP source routings can store up to 255 routings, therefore the identifier of the specified routing must be in the interval [0 - 254].

If the requested IP routing is not present in the table, the error message "IP SOURCE ROUTING NOT PRESENT" will be generated. If the table of IP source routings is empty, the following message will be displayed: "IP SOURCE ROUTING TABLE IS EMPTY".

The "Not Saved (SAVE CONF)" message is displayed every time the table is modified but not saved with the SAVE CONF command.

D IPSR Display IP source routing (User)
D IPSR [ID:xxx]

It shows IP source routings.

Here is an example of the command execution:

[11:02:59] ABILIS_CPX: D IPSR
                                                                           
+-----+--------------------+--------------------+-----------------+------+----+
| ID: |     NET:/MASK:     |   SRNET:/SRMASK:   |        GW:      | IPP: | UN:|
+-----+--------------------+--------------------+-----------------+------+----+
|   0 | 001.001.001.001/32 | 005.005.005.005/32 | 000.000.000.000 | NONE | NO |
|   1 | 002.002.000.000/16 | 005.005.005.005/32 | 000.000.000.000 |    0 | NO |
|   2 | 002.002.000.000/16 | 005.005.005.005/32 | 000.000.000.000 | NONE | NO |
|   3 | 002.002.000.000/16 | 005.005.005.005/32 | 000.000.000.000 |    2 | YES|
|   4 | 002.002.000.000/16 | 005.005.005.005/32 | 000.000.000.000 |    1 | YES|
+-----+--------------------+--------------------+-----------------+------+----+

By specifying the routing identifier, the command will display only the requested routing, of course if it is present in the table.

The table of IP source routings can store up to 255 routings, therefore the identifier of the specified routing must be in the interval [0 - 254].

If no IP source routing exists with that identifier, the message "IP SOURCE ROUTING NOT PRESENT" will be displayed.

If the table of IP source routings is empty, the following message will be displayed: "*** NO SOURCE ROUTINGs DEFINED ***".

The "Not Saved (SAVE CONF)" message is displayed every time the table is modified but not saved with the SAVE CONF command.

For a more detailed description of shown information, please refer to the IP source routings section.

S IPSR Set IP source routing (Available only in off-line Configurator)
S IPSR ID:xxx par:val [par:val]

It sets the parameters of the specified IP source routing to their new values. The command can only be executed for setting IP source routing parameter by off-line configurator.

The table of IP source routings can store up to 255 routings, therefore the identifier of the specified routing must be in the interval [0 - 254].

If no IP source routing exists with that identifier, the message "IP SOURCE ROUTING NOT PRESENT" will be displayed.

If the table of IP source routings is empty, the following message will be displayed: "IP SOURCE ROUTING TABLE IS EMPTY".

The parameter list, defined in the command, is left to right evaluated: the parameters are set one after the other, starting from the leftmost.

Command evaluating will terminate if one the following events will occur:

All the parameters evaluated, before the error occurrence, will get the new value, the other ones will not be changed.

The "Not Saved (SAVE CONF)" message is displayed every time the table is modified but not saved with the SAVE CONF command.


IP Routing administrative distances top

A IPAD Add IP Routing Administrative distance (Administrator)
A IPAD NET:x.x.x.x/yy PROT:val [par:val]

This command adds a new entry to the IP Routing Administrative distance table and it sets additional parameters that are eventually specified.

The "NET:" parameter value must consist in a network address plus the related network mask, in Slash Notation.
Valid network addresses must be expressed in Dotted Decimal Notation. The allowed values are shown in the following table:

HEX: 00000000 01000000 - 7EFFFFFF 80000000 - DFFFFFFF
DDN: 0.0.0.0 1.0.0.0 - 126.255.255.255 128.0.0.0 - 223.255.255.255

IP addresses of class D and E are not currently supported.

Valid mask values must contain sequence of bit set to 1, estimated leaving from the most meaningful bit towards the less meaningful one; therefore they must be in the range [0..32].

Doing the "logical AND" between network address and mask values, the result should be the network address value itself.

The "PROT:" parameter value must correspond to a routing protocol value in the range [NONE, LOCAL, STATIC, OSPF, RIP].

Every entry in the IP Routing Administrative Distances table is unambiguously identified by its "NET:" and "PROT:" parameters values.
If the indicated entry matches an already existing entry, the following message will be displayed "IP ROUTING ADMINISTRATIVE DISTANCE ALREADY PRESENT".

If the table is full, i.e. no free record is currently available, the message "IP ROUTING ADMINISTRATIVE DISTANCEs TABLE IS FULL, COMMAND NOT EXECUTED" will be shown.

Changes made on the IP Routing Administrative distance table are NOT immediately active, they can be activated by executing the initialization command INIT IPAD.

The "Not Saved (SAVE CONF)" message is displayed every time the table is modified but not saved with the SAVE CONF command.

The "Not Refreshed (INIT)" message is displayed every time the table is modified but not refreshed with the initialization command.

If the Abilis CPX version, currently in use, does not support IP Routing Administrative Distances services, the following message will be shown "IP ROUTING ADMINISTRATIVE DISTANCE SERVICE NOT PRESENT".

C IPAD Clear IP Routing Administrative distance (Administrator)
C IPAD NET:x.x.x.x/yy PROT:val

This command deletes the specified entry from the IP Routing Administrative distance table, if it is present.

Every entry in the IP Routing Administrative Distances table is unambiguously identified by its "NET:" and "PROT:" parameters values. If the specified entry is not present the message "IP ROUTING ADMINISTRATIVE DISTANCE NOT PRESENT" will be displayed.

The "NET:" parameter value must consist in a network address plus the related network mask, in Slash Notation.
Valid network addresses must be expressed in Dotted Decimal Notation. The allowed values are shown in the following table:

HEX: 00000000 01000000 - 7EFFFFFF 80000000 - DFFFFFFF
DDN: 0.0.0.0 1.0.0.0 - 126.255.255.255 128.0.0.0 - 223.255.255.255

IP addresses of class D and E are not currently supported.

Valid mask values must contain sequence of bit set to 1, estimated leaving from the most meaningful bit towards the less meaningful one; therefore they must be in the range [0..32].

Doing the "logical AND" between Network address and mask values, the result should be the network address value itself.

The "PROT:" parameter value must correspond to a routing protocol value in the range [NONE, LOCAL, STATIC, OSPF, RIP].

If the table is empty, the following message is generated: "IP ROUTING ADMINISTRATIVE DISTANCEs TABLE IS EMPTY".

Changes made on the IP Routing Administrative distance table are NOT immediately active, they can be activated by executing the initialization command INIT IPAD.

The "Not Saved (SAVE CONF)" message is displayed every time the table is modified but not saved with the SAVE CONF command.

The "Not Refreshed (INIT)" message is displayed every time the table is modified but not refreshed with the initialization command.

If the Abilis CPX version, currently in use, does not support IP Routing Administrative Distances services, the following message will be shown "IP ROUTING ADMINISTRATIVE DISTANCE SERVICE NOT PRESENT".

D IPAD Display IP Routing Administrative distances (Administrator)
D IPAD
D IPAD NET:x.x.x.x/yy PROT:val

This command displays configured IP Routing Administrative distance's entries.

Here is an example of the information shown by the command execution:

[10:49:13] ABILIS_CPX: D IPAD

- Not Saved (SAVE CONF), Not Refreshed (INIT) ---------------------------------

+--------------------+----------+-----------+--------+
|        NET:        |   PROT:  | DISTANCE: |  IPP:  |
+--------------------+----------+-----------+--------+
| 001.001.001.001/32 |  NONE    |       255 |        |
| 001.001.001.001/32 |  STATIC  |         1 |     *  |
| 002.002.002.002/32 |  STATIC  |         2 |  NONE  |
| 002.002.002.002/32 |  OSPF    |       255 |        |
| 002.002.002.002/32 |  RIP     |       255 |        |
| 192.168.006.002/32 |  STATIC  |         1 |     0  |
+--------------------+----------+-----------+--------+

The "Not Saved (SAVE CONF)" message is displayed every time the table is modified but not saved with the SAVE CONF command.

The "Not Refreshed (INIT)" message is displayed every time the table is modified but not refreshed with the initialization command INIT IPAD.

If no entry is currently defined the message "*** NO IP ROUTING ADMINISTRATIVE DISTANCEs DEFINED ***" will be displayed.

The "NET:" and the "PROT:" parameters allows to display the specified entry of the table, if it is present.

[16:54:38] ABILIS_CPX: D IPAD NET:192.168.006.002/32 PROT:STATIC

+--------------------+----------+-----------+--------+
|        NET:        |   PROT:  | DISTANCE: |  IPP:  |
+--------------------+----------+-----------+--------+
| 192.168.006.002/32 |  STATIC  |         1 |     0  |
+--------------------+----------+-----------+--------+

The "NET:" parameter value must consist in a network address plus the related network mask, in Slash Notation.
Valid network addresses must be expressed in Dotted Decimal Notation. The allowed values are shown in the following table:

HEX: 00000000 01000000 - 7EFFFFFF 80000000 - DFFFFFFF
DDN: 0.0.0.0 1.0.0.0 - 126.255.255.255 128.0.0.0 - 223.255.255.255

IP addresses of class D and E are not currently supported.

Valid mask values must contain sequence of bit set to 1, estimated leaving from the most meaningful bit towards the less meaningful one; therefore they must be in the range [0..32].

The "PROT:" parameter value must correspond to a routing protocol value in the range [NONE, LOCAL, STATIC, OSPF, RIP].

Every entry in the IP Routing Administrative Distances table is unambiguously identified by its "NET:" and "PROT:" parameters values. If the specified entry is not present the message "IP ROUTING ADMINISTRATIVE DISTANCE NOT PRESENT" will be displayed.

If the Abilis CPX version, currently in use, does not support IP Routing Administrative Distances services, the following message will be shown "IP ROUTING ADMINISTRATIVE DISTANCE SERVICE NOT PRESENT".

For a more detailed description of the displayed information, please refer to the Administrative distance table section of IP routings.

S IPAD Set IP Routing Administrative distance (Administrator)
S IPAD NET:x.x.x.x/yy PROT:val par:val [par:val]

This command sets parameters of the selected entry of the IP Routing Administrative Distances table.

Every entry in the IP Routing Administrative Distances table is unambiguously identified by its "NET:" and "PROT:" parameters values. If the specified entry is not present the message "IP ROUTING ADMINISTRATIVE DISTANCE NOT PRESENT" will be displayed.

The "NET:" parameter value must consist in a network address plus the related network mask, in Slash Notation.
Valid network addresses must be expressed in Dotted Decimal Notation. The allowed values are shown in the following table:

HEX: 00000000 01000000 - 7EFFFFFF 80000000 - DFFFFFFF
DDN: 0.0.0.0 1.0.0.0 - 126.255.255.255 128.0.0.0 - 223.255.255.255

IP addresses of class D and E are not currently supported.

Valid mask values must contain sequence of bit set to 1, estimated leaving from the most meaningful bit towards the less meaningful one; therefore they must be in the range [0..32].

Doing the "logical AND" between Network address and mask values, the result should be the network address value itself.

The "PROT:" parameter value must correspond to a routing protocol value in the range [NONE, LOCAL, STATIC, OSPF, RIP].

The parameters list, defined in the command, is left to right evaluated: the parameters are set one after the other, starting from the leftmost.

If a parameter is bad or its value out of the allowed range or if it is in conflict with the current value of any other parameter, then the command evaluation will terminate: all the parameters evaluated, before the error occurrence, will get the new value, the other ones will not be changed.

For a more detailed description of IP Routing Administrative distance entry's parameters, please refer to the Administrative distance table section of IP routings.

Changes made on the IP Routing Administrative distance table are NOT immediately active, they can be activated by executing the initialization command INIT IPAD.

The "Not Saved (SAVE CONF)" message is displayed every time the table is modified but not saved with the SAVE CONF command.

The "Not Refreshed (INIT)" message is displayed every time the table is modified but not refreshed with the initialization command.

If the Abilis CPX version, currently in use, does not support IP Routing Administrative Distances services, the following message will be shown "IP ROUTING ADMINISTRATIVE DISTANCE SERVICE NOT PRESENT".

IP access list top

A IPACL Add IP Access List (Administrator)
A IPACL PR:xxx TYPE:val SA:val DA:val PROT:val [SPO:val DPO:val] [par:val]
A IPACL PR:xx TYPE:val SA:val DA:val PROT:val [PO:val] [par:val]

It adds a new filter to the IP access list, with priority "PR:xxx" and it sets the requested parameters to the specified values. The not specified parameters are set to their default values.

It is possible, by typing "A IPACL PR: ?", to have a complete list of syntax and allowed options of the command. For example:

[12:04:05] ABILIS_CPX: A IPACL PR: ?

IP Access List parameters:

TYPE:      Access list type [DENY, PERMIT]                          <Mandatory>
SA:        Source Ip Addresses Range:                               <Mandatory>
           a single Ip address [1.0.0.0-126.255.255.255, 128.0.0.0-
           223.255.255.255] or two Ip addresses separated by ':' (colon) or "*"
           (Any Ip address) or the name of an IP/IR/RU/MR list between primes.
           (Es.: 150.200.192.192 or 192.168.0.0:192.168.0.100 or * or 'List')
DA:        Destination Ip Addresses Range:                          <Mandatory>
           a single Ip address [1.0.0.0-126.255.255.255, 128.0.0.0-
           223.255.255.255] or two Ip addresses separated by ':' (colon) or "*"
           (Any Ip address) or the name of an IP/IR/RU/MR list between primes.
           (Es.: 150.200.192.192 or 192.168.0.0:192.168.0.100 or * or 'List')
PROT:      Internet Protocol:                                       <Mandatory>
           Internet protocol mnemonic or decimal value [1..254] or "*" (Any
           Internet protocol) or "tcpudp" or the name of an IPT/RU/MR list
           between primes. (Es.: icmp or 1 or * or tcpudp or 'List)
PO:        Source or destination Ports Range:      <Mandatory for PROT:TCP/UDP>
           a single port mnemonic or decimal value [1..65535] or two port
           values separated by ':' (colon) or "*" (Any port) or the name of a
           TUP/RU/MR list between primes. (Es.: 23 or SSH or 1:1200 or 'List')
SPO:       Source Ports Range:                     <Mandatory for PROT:TCP/UDP>
           a single port mnemonic or decimal value [1..65535] or two port
           values separated by ':' (colon) or "*" (Any port) or the name of a
           TUP/RU/MR list between primes. (Es.: 23 or SSH or 1:1200 or 'List')
DPO:       Destination Ports Range:                <Mandatory for PROT:TCP/UDP>
           a single port mnemonic or decimal value [1..65535] or two port
           values separated by ':' (colon) or "*" (Any port) or the name of a
           TUP/RU/MR list between primes. (Es.: 23 or SSH or 1:1200 or 'List')
TOS:       Type of Service [D, T, R, C, N or *]                      <Optional>
           (D= Min. Delay; T= Max. Throughput; R= Max. Reliability; C= Min.
           Monetary Cost; N= None; *= ignore.)
SIPP:      Source Ip port [0..63, INT, *]                            <Optional>
DIPP:      Destination Ip port [0..63, INT, *]                       <Optional>
IPCOS:     Ip Class of Service [DFT, HIGH, NORMAL, LOW or D, H, N, L]<Optional>
CRDIR:     Encryption/decryption direction [NONE, ENCRYPT, DECRYPT]  <Optional>
CRKEY:     Encryption/decryption key index [DFT, 1..63]              <Optional>

As it can be seen from the previous example, the command required a large set of mandatory parameters, that must be specified in the definition of new IP access filter:

Parameter Description
TYPE: Type of the filter [DENY, PERMIT].
SA: Source IP address. It may be expressed as:
- a single value, using the Dotted Decimal Notation (E.g.: 150.200.192.192);
- an interval, by separating the two IP addresses with ':' (colon) character (E.g.: 192.168.0.0:192.168.0.100);
- the name of an Elements List of type IP or IR or RU or MR, written between primes (E.g.: 'My_List');
- the "*" (asterisk) string, that stands for "any IP address".
DA: Destination IP address. It may be expressed as:
- a single value, using the Dotted Decimal Notation (E.g.: 150.200.192.192);
- an interval, by separating the two IP addresses with ':' (colon) character (E.g.: 192.168.0.0:192.168.0.100);
- the name of an Elements List of type IP or IR or RU or MR, written between primes (E.g.: 'My_List');
- the "*" (asterisk) string, that stands for "any IP address".
PROT: Internet Protocol. It may be expressed as:
- mnemonic or numeric identifier [1 - 254] of an Internet Protocol (E.g.: tcp or 6);
- the name of an Elements List of type IPT or RU or MR, written between primes (E.g.: 'My_List');
- the "tcpudp" string, that stands for "tcp and/or udp protocols".
- the "*" (asterisk) string, that stands for "any Internet protocol".

If the Internet Protocol is set to "tcp(6)" or "udp(17)" or to the "tcpudp" string, the command requires also to specify the correspondent values of the source and destination TCP/UDP ports:

Parameter Description
SPO: Source port. It may be expressed as:
- mnemonic or numeric identifier [1 - 65535] of a TCP/UDP port (E.g.: telnet or 23);
- an interval, by separating the two TCP/UDP ports value with ':' (colon) character (E.g. 23:161 or telnet:snmp);
- the name of an Elements List of type TUP or RU or MR, written between primes (E.g.: 'My_List');
- the "*" (asterisk) string, that stands for "any TCP/UDP port".
DPO: Destination port. It may be expressed as:
- mnemonic or numeric identifier [1 - 65535] of a TCP/UDP port (E.g.: telnet or 23);
- an interval, by separating the two TCP/UDP ports value with ':' (colon) character (E.g. 23:161 or telnet:snmp);
- the name of an Elements List of type TUP or RU or MR, written between primes (E.g.: 'My_List');
- the "*" (asterisk) string, that stands for "any TCP/UDP port".

In alternative to the parameters "SPO:" and "DPO:" it is possible to use only one parameter, "PO:", that will be used to filter both source port and destination port:

Parameter Description
PO: Source port or destination port. It may be expressed as:
- mnemonic or numeric identifier [1 - 65535] of a TCP/UDP port (E.g.: telnet or 23);
- an interval, by separating the two TCP/UDP ports value with ':' (colon) character (E.g. 23:161 or telnet:snmp);
- the name of an Elements List of type TUP or RU or MR, written between primes (E.g.: 'My_List');
- the "*" (asterisk) string, that stands for "any TCP/UDP port".

These are, on the other hand, the optional parameters allowed by the command:

Parameter Description
TOS: Type of Service [D, T, R, C, N or *] (D= Min. Delay; T= Max. Throughput; R= Max. Reliability; C= Min. Monetary Cost; N= None; *= ignore.)
SIPP: Source IP port [0..63, INT, *]
DIPP: Destination Ip port [0..63, INT, *]
IPCOS: IP class of service associated to the access list [DFT, HIGH (or H), NORMAL (or N), LOW (or L)].
CRDIR: Direction of cryptography [NONE, ENCRYPT, DECRYPT].
CRKEY: Index of the cryptography key [DFT, 1..63].

The parameter list, defined in the command, is left to right evaluated: the parameters are set one after the other, starting from the leftmost.

Command evaluating will terminate, no definition will be added to the table, if one the following events will occur:

IP access list can store up to 256 filter definition, therefore the priority value specified must be in the interval [0 - 255].

If a filter, whose priority is "PR:xxx" is already present in the table, the new filter will occupy the "xxx" entry, while the old one priority will be increased by one.

If "PR:xxx" is higher than the maximum value already present in the table, the new filter will get the maximum value plus one.

If the IP access list is full and a new filter is tried to add, the message "IP ACCESS LIST TABLE IS FULL, COMMAND NOT EXECUTED" will be displayed.

Changes made on the IP access list are immediately active, they do not need any initialization command to be operative.

The "Not Saved (SAVE CONF)" message is displayed every time the table is modified but not saved with the SAVE CONF command.

C IPACL Clear IP Access List (Administrator)
C IPACL PR:xx

It deletes the specified definition, if present in the IP access list. The priority value must be in the interval [0 - 255].

The priority of those filters, whose "PR:xxx" is higher that the deleted one, is decremented by one, because of table contiguity.

If the requested filter is not in the table, the following message will be displayed: "IP ACCESS LIST NOT PRESENT".

Changes made on the IP access list are immediately active, they do not need any initialization command to be operative.

The "Not Saved (SAVE CONF)" message is displayed every time the table is modified but not saved with the SAVE CONF command.

D IPACL Display IP Access List
D IPACL
D IPACL PR:xx

It shows the current content of the IP access list.

By omitting the priority, the command will show all the filters currently in the table.

Here is an example of command "D IPACL" execution:

[18:14:08] ABILIS_CPX: D IPACL

IPRTR (PO:900) parameters:  ACL:NO        ACLBYPASS:#
                            COS:DISABLED  COSDFT:NORMAL

- Not Saved (SAVE CONF) -------------------------------------------------------

Tot-IPACL-Number:4

-------------------------------------------------------------------------------
PR: TYPE:  SA:                               DA:
    IPCOS: PROT:                  SPO:/PO:               DPO:
    TOS:   SIPP:  DIPP:  CRDIR:   CRKEY:
-------------------------------------------------------------------------------
0   PERMIT 001.001.001.001                   002.002.002.002
    DFT    tcp                    telnet(23)
-------------------------------------------------------------------------------
1   DENY   001.001.001.001                   002.002.002.002
           ospf
-------------------------------------------------------------------------------
2   PERMIT 001.001.001.001                   002.002.002.002
    LOW    udp                    snmp(161)              *
    *      *      INT    NONE
-------------------------------------------------------------------------------
3   PERMIT *                                 *
    LOW    *                      *
    *      *      *      ENCRYPT  DFT
-------------------------------------------------------------------------------

The command desn't display information about parameters whose values are the default ones. They will be only displayed if their values have been changed from the default ones. In such way, the description of single entry is simply contained in two rows.

The "Not Saved (SAVE CONF)" message is displayed every time the table is modified but not saved with the SAVE CONF command.

If the IP access list is empty the message "*** NO IP ACCESS LISTS DEFINED ***" will be displayed.

By specifying a priority value, the command shows only the definition identified by the "PR:xxx" priority. The priority value must be in the interval [0 - 255].

If specified priority doesn't match any existing filter in the table, the following message will be displayed: "IP ACCESS LIST NOT PRESENT".

For a more detailed description of the information displayed, refer to the Configuration of the IP access list section.

F IPACL Find IP Access List (User)
F IPACL [STD] SrcAddr DstAddr SrcIpp [DstIpp]
F IPACL EXT SrcAddr DstAddr Protocol SrcPort DstPort SrcIpp [DstIpp]

It makes possible to verify how the IP datagram, whose characteristics are specified in the command, will be managed depending on the current content of the IP access list.

[14:21:47] ABILIS_CPX: F IPACL ?

F IPACL [STD] SrcAddr DstAddr TOS     Standard Ip forwarding test using IPACL
              SrcIpp [DstIpp]

F IPACL EXT SrcAddr DstAddr TOS       Extended Ip forwarding test using IPACL
            Protocol SrcPort DstPort
            SrcIpp [DstIpp]

SrcAddr           Source Ip Address [1.0.0.0-126.255.255.255, 128.0.0.0-
                  223.255.255.255].                                <Mandatory>
DstAddr           Destination Ip Address [1.0.0.0-126.255.255.255,
                  128.0.0.0-223.255.255.255].                      <Mandatory>
TOS               Type Of Service [NONE or N, COST or C, REL or R, THR or T,
                  DELAY or D]                                      <Mandatory>
Protocol          Internet protocol mnemonic or decimal value [1..254]
                  (Es.: TCP or 6).        <Mandatory for Extended search only>
SrcPort           Source port mnemonic or decimal value [1..65535]
                  (Es.: FTP or 21).     <Mandatory for TCP/UDP protocol only>
DstPort           Destination port mnemonic or decimal value [1..65535]
                  (Es.: TELNET or 23).   <Mandatory for TCP/UDP protocol only>
SrcIpp            Source Ip port [INT, 0..63]
                                                                   <Mandatory>
DstIpp            Destination Ip port [INT, 0..63]
                                                                    <Optional>

The command has two different ways of searching in the IP access list:

The following table lists mandatory and optional parameters:

Parameter Description Note
SrcAddr Source IP address [1.0.0.0 - 126.255.255.255, 128.0.0.0 - 223.255.255.255]. Mandatory for both "Standard" and "Extended" search.
DstAddr Destination IP address [1.0.0.0 - 126.255.255.255, 128.0.0.0 - 223.255.255.255]. Mandatory for both "Standard" and "Extended" search.
TOS Type Of Service [NONE or N, COST or C, REL or R, THR or T, DELAY or D] Mandatory for both "Standard" and "Extended" search.
SrcIpp Source IP port [INT, 1 - 63]. Mandatory for both "Standard" and "Extended" search.
Protocol Internet protocol mnemonic or decimal value [1 - 254]. Mandatory for "Extended" search.
SrcPort Source TCP/UDP port mnemonic or decimal value [1 - 65535]. Mandatory for "Extended" search, but required for TCP and UDP protocols only.
DstPort Destination TCP/UDP port mnemonic or decimal value [1 - 65535]. Mandatory for "Extended" search, but required for TCP and UDP protocols only.
DstIpp Destination IP port [INT, 1 - 63]. Optional for both "Standard" and "Extended" search.

Here are some examples of command executions with different results: all of them are pertinent to the following IP access list content:

[15:10:57] ABILIS_CPX: D IPACL

IPRTR (PO:900) parameters:  ACL:NO        ACLBYPASS:#
                            COS:DISABLED  COSDFT:NORMAL

Tot-IPACL-Number:2

-------------------------------------------------------------------------------
PR: TYPE:  SA:                               DA:
    IPCOS: PROT:                  SPO:/PO:               DPO:
    TOS:   SIPP:  DIPP:  CRDIR:   CRKEY:
-------------------------------------------------------------------------------
0   PERMIT *                                 *
    LOW    *                      *
    *      INT    *      NONE
-------------------------------------------------------------------------------
1   DENY   *                                 002.002.002.002
           *                      *
    *      1      *      NONE
-------------------------------------------------------------------------------

EXAMPLE 1: "Standard" search, entered information matches PR:0 filer, which permits IP forwarding:

[19:10:16] ABILIS_CPX: F IPACL 1.1.1.1 1.1.1.2 NONE INT

STANDARD SEARCH RESULT:

MATCH FOUND WITH IPACL PR:0

IP FORWARDING IS PERMITTED:
- IP CLASS OF SERVICE: LOW
- ENCRYPTION/DECRYTPTION DIRECTION: NONE

EXAMPLE 2: "Standard" search, entered information doesn't match any filer, then the IP forwarding is permitted:

[19:10:27] ABILIS_CPX: F IPACL 1.1.1.1 1.1.1.2 NONE 1

STANDARD SEARCH RESULT:

NO MATCH FOUND

IP FORWARDING IS PERMITTED:
- IP CLASS OF SERVICE: NORMAL (COSDFT)
- ENCRYPTION/DECRYTPTION DIRECTION: NONE

EXAMPLE 3: "Extended" search, current IP access list content denies IP forwarding for the specified values:

[15:00:38] ABILIS_CPX: F IPACL EXT 1.1.1.1 2.2.2.2 COST tcp 1024 2000 1

IP FORWARDING IS NOT PERMITTED

EXAMPLE 4: "Extended" search, entered information matches PR:0 filer, which permits IP forwarding:

[15:12:38] ABILIS_CPX: F IPACL EXT 1.1.1.1 2.2.2.2 COST tcp 1024 2000 INT

EXTENDED SEARCH RESULT:

MATCH FOUND WITH IPACL PR:0

IP FORWARDING IS PERMITTED:
- IP CLASS OF SERVICE: LOW
- ENCRYPTION/DECRYTPTION DIRECTION: NONE

If the IP access list is empty, the message: "IP ACCESS LIST TABLE EMPTY" is generated.

M IPACL Move IP Access list (Administrator)
M IPACL PR:xxx PR:yyy

It changes the filter priority value from "PR:xxx" to "PR:yyy". Consequently also its position inside the IP access list will change.

The other definitions are sorted again because of table contiguity.

Priority value must be in the interval [0 - 255]. If the requested filter is not in the table, the following message will be displayed: "IP ACCESS LIST NOT PRESENT".

Changes made on the IP access list are immediately active, they do not need any initialization command to be operative.

The "Not Saved (SAVE CONF)" message is displayed every time the table is modified but not saved with the SAVE CONF command.

S IPACL Set IP Access list (Administrator)
S IPACL PR:xxx par:val [par:val]

It sets the values of the specified filter. Priority value must be in the interval [0 - 255]. If specified priority doesn't match any existing filter in the table, the following message will be displayed: "IP ACCESS LIST NOT PRESENT".

The parameter list, defined in the command, is left to right evaluated: the parameters are set one after the other, starting from the leftmost.

Command evaluating will terminate if one the following events will occur:

Changes made on the IP access list are immediately active, they do not need any initialization command to be operative.

The "Not Saved (SAVE CONF)" message is displayed every time the table is modified but not saved with the SAVE CONF command.

State commands and statistics top

C S IPP Clear Status IP port (Administrator)
C S IPP

It clears the statistics counters of all currently running IP ports.

warning! This command generates events neither in the System Log or in the Events Log; it is up to the User to refer statistics to the proper time interval. it is important to remember that statistics are always cleared at each Abilis CPX start.

If the IP Router is not present, the command will generate an error message: "PO:xxx PORT NOT PRESENT OR NOT RUNNING", where "PO:xxx" stands for the IPRTR port identifier.

D S IPP Display Status IP port (User)
D S IPP
D S IPP:A
D S IPP:xxx

It shows state information about the currently running IP ports.

By specifying the an IP port identifier, the command will display state information of the requested IP port only, of course if it is present and currently running. The identifier must be in the interval [0 - 63].

By specifying the "IPP:A" value or omitting an IP port identifier, the command will display state information of all IP ports.

Here is an example of "D S IPP" command execution:

[18:52:00] ABILIS_CPX: D S IPP

PO:900 ------------------------------------------------------------------------
IPRTR  IPP:0  - Lan_IP_port ---------------------------------------------------
              IFTYPE:LAN                     LOWPO:158    STATE:LINKREADY
       IPP:5  - test_line -----------------------------------------------------
              IFTYPE:LINK     ENC:RAW-IP     LOWPO:3      STATE:LINKREADY
       IPP:6  -----------------------------------------------------------------
              IFTYPE:LINK     ENC:RAW-IP     LOWPO:4      STATE:LINKREADY
       IPP:10 -----------------------------------------------------------------
              IFTYPE:X25BSVC  CDI:920                     STATE:X25CONNECTED
                              CDO:NO
       IPP:15 -----------------------------------------------------------------
              IFTYPE:VIRTUAL                 P-IPP:0      STATE:LINKREADY
       IPP:20 -----------------------------------------------------------------
              IFTYPE:VIRTUAL                 P-IPP:0      STATE:LINKREADY
       IPP:30 -----------------------------------------------------------------
              IFTYPE:PPP      ENC:NONE       LOWPO:541    STATE:LINKREADY
       IPP:31 -----------------------------------------------------------------
              IFTYPE:PPP      ENC:NONE       LOWPO:542    STATE:LINKREADY
       IPP:32 - test-remote ---------------------------------------------------
              IFTYPE:LINK     ENC:RAW-IP     LOWPO:751    STATE:LINKREADY

The last example points out that, if an IP port has its own description, the command will show on the first row the informative string set by the User using the command A D IPP:xxx.

If the IP Router is not present, the command will generate an error message: "PO:xxx PORT NOT PRESENT OR NOT RUNNING", where "PO:xxx" stands for the IPRTR port identifier.

D SE IPP Display Statistics Extended IP port (User)
D SE IPP
D SE IPP:A
D SE IPP:xxx

It shows, in extended format, state information and statistics of IP running port.

By specifying the an IP port identifier, the command will display information of the requested IP port only, of course if it is present and currently running. The identifier must be in the interval [0 - 63].

By specifying the "IPP:A" value or omitting an IP port identifier, the command will display state information of all IP ports.

Here is an example of "D SE IPP" command execution:

[18:52:03] ABILIS_CPX: D SE IPP
 
PO:900 ------------------------------------------------------------------------
IPRTR  --- Cleared 000:01:23:50 ago, on 16/03/2004 at 17:52:55 ----------------
       IPP:0  - Lan_Ip_Port ---------------------------------------------------
       IFTYPE:LAN
       -----------|---INPUT---|--OUTPUT---|-----------|---INPUT---|--OUTPUT---|
       SEG        |          0|          0|CHAR       |     615355|     904607|
       DG         |       5222|       2895|ICMP       |          1|          0|
       TCP        |       1873|       2892|UDP        |       3348|          3|
       BRD        |          0|           |CAL        |          0|          0|
       RST        |          0|           |LONG       |          0|          0|
       SHORT      |          0|           |LOST-LOOP  |           |          0|
       LOST-BUF   |           |          0|LOST-OTH   |           |          0|
       B-VER      |          0|           |B-ICMP     |          0|           |
       B-LEN      |          0|           |NO-ROUTE   |          0|           |
       B-FCS      |          0|           |UNK-PROT   |          0|           |
       TTL-EXP    |           |          0|LOST-INC-DG|          0|           |
       LOST-ACC   |          0|           |B-FR-HDR   |          0|           |
       SLARP-FRM  |          0|          0|SLARP-CHAR |          0|          0|
       SLARP-KEEP |          0|          0|SLARP-DOWN |          0|           |
       IPP-DOWN   |          0|           |SP-LIM-OVFL|           |          0|
       ------------------------------------------------------------------------
       IPP:5  - test_line -----------------------------------------------------
       IFTYPE:LINK     ENC:RAW-IP
       -----------|---INPUT---|--OUTPUT---|-----------|---INPUT---|--OUTPUT---|
       SEG        |          0|          0|CHAR       |   10905000|   10611000|
       DG         |      10905|      10611|ICMP       |          0|          0|
       TCP        |          0|          0|UDP        |          0|          0|
       BRD        |          0|           |CAL        |          0|          0|
       RST        |          0|           |LONG       |          0|          0|
       SHORT      |          0|           |LOST-LOOP  |           |          0|
       LOST-BUF   |           |          0|LOST-OTH   |           |          0|
       B-VER      |          0|           |B-ICMP     |          0|           |
       B-LEN      |          0|           |NO-ROUTE   |          0|           |
       B-FCS      |          0|           |UNK-PROT   |          0|           |
       TTL-EXP    |           |          0|LOST-INC-DG|          0|           |
       LOST-ACC   |          0|           |B-FR-HDR   |          0|           |
       SLARP-FRM  |          0|          0|SLARP-CHAR |          0|          0|
       SLARP-KEEP |          0|          0|SLARP-DOWN |          0|           |
       IPP-DOWN   |          0|           |SP-LIM-OVFL|           |          0|
       ------------------------------------------------------------------------
       IPP:10 -----------------------------------------------------------------
       IFTYPE:X25BSVC
       -----------|---INPUT---|--OUTPUT---|-----------|---INPUT---|--OUTPUT---|
       SEG        |  174630288|     425456|CHAR       | 2324458408|   26591000|
       DG         |   10914393|      26591|ICMP       |          0|          0|
       TCP        |          0|          0|UDP        |          0|          0|
       BRD        |          0|           |CAL        |          1|          0|
       RST        |          0|           |LONG       |          0|          0|
       SHORT      |          0|           |LOST-LOOP  |           |          0|
       LOST-BUF   |           |          0|LOST-OTH   |           |          0|
       B-VER      |          0|           |B-ICMP     |          0|           |
       B-LEN      |          0|           |NO-ROUTE   |          0|           |
       B-FCS      |          0|           |UNK-PROT   |          0|           |
       TTL-EXP    |           |          0|LOST-INC-DG|          0|           |
       LOST-ACC   |          0|           |B-FR-HDR   |          0|           |
       SLARP-FRM  |          0|          0|SLARP-CHAR |          0|          0|
       SLARP-KEEP |          0|          0|SLARP-DOWN |          0|           |
       IPP-DOWN   |          0|           |SP-LIM-OVFL|           |          0|
       ------------------------------------------------------------------------
       IPP:15 -----------------------------------------------------------------
       IFTYPE:VIRTUAL  on P-IPP:0
       ------------------------------------------------------------------------

The last example points out that, if an IP port has its own description, the command will show on the first row the informative string set by the User using the command A D IPP:xxx.

If the IP Router is not present, the command will generate an error message: "PO:xxx PORT NOT PRESENT OR NOT RUNNING", where "PO:xxx" stands for the IPRTR port identifier.

C IPS Clear IP Router Statistics (Administrator)
C IPS

It clears the statistics of the IP Router (IPRTR port).

warning! This command generates events neither in the System Log or in the Events Log; it is up to the User to refer statistics to the proper time interval. it is important to remember that statistics are always cleared at each Abilis CPX start.

If the IP Router is not present, or not active, the command will generate an error message: "IP SERVICE NOT PRESENT".

D IPS Display IP Router Statistics (User)
D IPS

It shows the statistics of the IP Router, if it is running.

If the IP Router is not present or not active, the command will generate an error message: "IP SERVICE NOT PRESENT".

The following example shows the extended statistics of the IP Router:

[17:19:47] ABILIS_CPX: D IPS
 
PO:900 ------------------------------------------------------------------------
IPRTR  STATE:READY
       ROUTINGs TABLE Diagnostics
       -----------|---State---|-Current%--|--Current--|---Peak----|----Max----|
       ROUTINGS   |NORMAL     |          4|         20|         20|        500|
       ------------------------------------------------------------------------
       --- Cleared 000:01:28:58 ago, on 16/03/2004 at 17:52:54 ----------------
       ROUTER Statistics
       -----------|---INPUT---|--OUTPUT---|-----------|---INPUT---|--OUTPUT---|
       DGM        |   11622652|       3376|HDR-ERR    |          0|           |
       ADDR-ERR   |          0|           |FRW-DGM    |           |   11617048|
       UNK-PROT   |          0|           |DISCARDS   |          0|          0|
       LOCAL-DGM  |       7988|           |NO-ROUT    |           |          8|
       REAS-TOUT  |          0|           |REAS-REQD  |          0|           |
       REAS-OK    |          0|           |REAS-FAIL  |          0|           |
       FRAG-OK    |           |          0|FRAG-FAIL  |           |          0|
       FRAG-CREATE|           |          0|ROUT-DISC  |          0|           |
       ------------------------------------------------------------------------
       ICMP Statistics
       -----------|---INPUT---|--OUTPUT---|-----------|---INPUT---|--OUTPUT---|
       MSG        |          1|          4|ERR        |          0|           |
       DEST-UNREAC|          1|          4|T-EXCEED   |          0|          0|
       PARM-PROB  |          0|          0|SRC-QUENCH |          0|          0|
       REDIRECT   |          0|          0|ECHO       |          0|          0|
       ECHO-REP   |          0|          0|TSTAMP     |          0|          0|
       TSTAMP-REP |          0|          0|ADMASK     |          0|          0|
       ADMASK-REP |          0|          0|
       ------------------------------------------------------------------------

For a more detailed description of the information displayed, refer to The IP Router port (IPRTR) section.

Initialization Commands top

INIT IPAD IP Routing administrative distances (User)
INIT IPAD

It reinitializes the table of IP Routing administrative distances, updating eventual parameters that might have been changed.

If the command is successful the message "COMMAND EXECUTED" is generated, otherwise the one "COMMAND FAILED".

INIT IPP Init IP Ports (User)
INIT IPP

It reinitializes all IP ports, updating eventual parameters that might have been changed, and purges queues.

All IP ports parameters are run-time changeable; changes do not need the system to be restarted, but they are activated by executing this command.

If the command is successful the message "COMMAND EXECUTED" is generated, otherwise the one "COMMAND FAILED".

INIT IPP:xxx Init IP Port (User)
INIT IPP:xxx

It reinitializes the specified IP port, updating eventual parameters that might have been changed. IP port identifiers must be in the interval [0 - 63].

All IP ports parameters are run-time changeable; changes do not need the system to be restarted, but they are activated by executing this command.

If the command is successful the message "COMMAND EXECUTED" is generated, otherwise the one "COMMAND FAILED".

INIT IPR Init IP Router
INIT IPR

It reinitializes the IP Router: all the static and connected IP routings are deleted from the IP routings table, subsequently the static IP routings are reloaded from the table of the saved static IP routings.

At the same time, IP routings, calculated by the RIP routing algorithm, will get ready to be updated and the request procedure, from the router to the other ones of the network, is activated.

If the command is successful the message "COMMAND EXECUTED" is generated. If the IP router is not present an error message is generated: "PORT NOT PRESENT OR INACTIVE".

printPrint this page