ARCHITECTURE TECHNOLOGY CORPORATION CRR-1000 Краткое руководство по эксплуатации - Страница 6

Просмотреть онлайн или скачать pdf Краткое руководство по эксплуатации для Беспроводной маршрутизатор ARCHITECTURE TECHNOLOGY CORPORATION CRR-1000. ARCHITECTURE TECHNOLOGY CORPORATION CRR-1000 18 страниц.

Печатать страницу

CRR-1000 Quick Start Guide

3.4 View Route Information (show route)

Summary route information can be displayed with the "show route" command, e.g.,

admin@CRR> show route

default via 192.168.100.1 dev eth0

192.168.10.0/24 dev eth0 proto kernel scope link src 192.168.10.254

192.168.100.0/24 dev eth0 proto kernel scope link src 192.168.100.254

The "show route" command is equivalent to the Linux "ip route show" command. Reading the output of

the command shown above, the first line indicates a default route (next hop) of 192.168.100.1 on eth0; the

second line indicates the local connection to 192.168.10.0/24 through eth0, and the third line indicates

reachability to 192.168.100.0/24 also through eth0.

3.5 Configuration Backup (backup save/restore)

CRR-1000 configurations can be saved locally, and saved configurations can similarly be restored. The

backup/store feature allows administrators to switch between candidate configurations.

The current configuration can be saved with the "backup save" command, e.g.,

admin@CRR> backup save <backup-name>

Example:

admin@CRR> backup save blue

This will save a backup of the current configuration under the name "blue".

A previously saved configuration can be restored using the "backup restore" command, e.g.,

admin@CRR> backup restore <backup-name>

Example:

admin@CRR> backup restore blue

Refer to the user guide for additional backup options including saving configurations off of the router.

3.6 Packet Inspection (net dump)

To inspect packets transiting the router interfaces, use the "net dump" command, e.g.,

admin@CRR> net dump <interface> <protocol>

Example:

admin@CRR> net dump eth0 17

The above prints out all UDP (IP protocol 17) packets transiting eth0.

4 Firewall Configuration

Built on top of Linux iptables function, the CRR-1000 firewall employs the concept of input, forward,

and output chains. Briefly, input chains apply to traffic that is destined for an interface on the the CRR-

1000, forward chains apply to traffic that is forwarded by the router (i.e., traffic that is routed), and output

chains apply to traffic that originates from the CRR-1000.

In its default, "out of the box" configuration, the CRR-1000's firewall allows all output and forward

traffic. By default, the CRR-1000 blocks most input traffic with the notable exceptions of SSH and ping.