Alcatel-Lucent SPEDDTOUCH PRO User Manual 1
SPEED TOUCH Pro
CLI Reference Guide
with Firewall DSL Router
3EC 16982 AFAA TCZZA Ed. 01
Status
Released
2 / 264
Change Note
Short Title
BD F aa 39813
CD-RG STFire CLI
All rights reserved. Passing on and copying of this
document, use and communication of its contents
not permitted without written authorization from Alcatel.
3EC 16982 AFAA TCZZA Ed. 01
Contents
Preface 5. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
1 ADSL Commands 21. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2 ATMF Commands 23. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
3 Bridge Commands 31. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
4 CIP Commands 47. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
5 Config Commands 57. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
6 DHCP Commands 63. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
7 DNS Commands 101. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
8 Firewall Commands 123. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Contents
9 IP Commands 149. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
10 MER Commands 171. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
11 NAT Commands 181. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
12 Phonebook Commands 197. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
13 PPP Commands 207. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
14 PPTP Commands 225. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
15 Software Commands 233. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
16 SHDSL Commands 239. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
17 System Commands 245. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
18 TD Commands 253. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Index 257. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
3EC 16982 AFAA TCZZA Ed. 01
3 / 264
Contents
4 / 264
3EC 16982 AFAA TCZZA Ed. 01
Preface
Preface
Welcome to the Alcatel SpeedTouchPro with Firewall Series Command Line Interface
Reference Guide !
This Reference Guide aims to give the fastidious user a concise, practical and easy to use document
for configuring the SpeedTouchPro with Firewall via its character based Command Line
Interface.
Although the SpeedTouchPro with Firewall Web interface is adequate enough for most users,
access via the CLI may be still important for advanced and detailed configuration and
troubleshooting.
This CLI Reference Guide covers the CLI commands of the following Alcatel DSL Speed Touch
products:
Alcatel SpeedTouchPro with Firewall
Alcatel SpeedTouchPro with Firewall ISDN
Alcatel SpeedTouchPro with Firewall SHDSL
The Reference Guide consists of three main parts:
Part 1 : CLI Navigation
This part is meant to make the user familiar with the use and operation of the
SpeedTouchPro with Firewall CLI. Next to describing the various access methods to the
CLI, this part will describe in brief some general manipulations to navigate through and to
perform some operations on the CLI.
Part 2 : CLI Command Description
This part forms the main part of this Reference Guide. Here all available CLI commands of the
Speed TouchPro with Firewall products are alphabetically described per group selection.
Each command is described in a systematic manner:
The full name of the CLI command (including the group selection)
A short description of the CLI command, if needed completed by a description of the
possible impact on the user and/or the Speed TouchPro with Firewall
The syntax of the command with a description of each parameter
An example to demonstrate the use of the CLI command
A list of related CLI commands.
Part 3 : CLI Command Index
This part allows the user to look up a command alphabetically in its incomplete form.
3EC 16982 AFAA TCZZA Ed. 01
5 / 264
Preface
Trademarks
The following trademarks are used in this document:
Speed Touch is a trademark of the Alcatel Company
Netscape and Netscape Navigator are registered trademarks of Netscape
Communications Corporation
Windows and Internet Explorer are trademarks of Microsoft Corporation
Apple and MacOS are registered trademarks of Apple Computer Inc.
UNIX is a registered trademark of UNIX System Laboratories, Inc.
Ethernet is a trademark of Xerox Corporation.
Other products may be trademarks or registered trademarks of their respective manufacturers.
Updates
Due to the continuous evolution of the Alcatel DSL technology, existing products are regularly
upgraded. Alcatel documentation changes accordingly.
For more information on the newest technological changes and documents, please consult the
Alcatel web site at following URL:
http://www.alcatel.com
http://www.alcateldsl.com
Directive
Unless expressly and unambiguously approved by Alcatel, you may not:
disassemble, decompile, reverse engineer, trace or otherwise analyse the equipment, its
content, operation, or functionality, or otherwise attempt to derive source code (or the
underlying ideas, algorithms, structure or organization) from the equipment or from any
other information provided by Alcatel, except to the extent that this restriction is expressly
prohibited by local law;
copy, rent, loan, resell, sublicense, or otherwise transfer or distribute the equipment to
others;
modify, adapt or create a derivative work of the equipment;
remove from any copies of the equipment any product identification, copyright or other
notices;
disseminate performance information or analysis (including, without limitation,
benchmarks) from any source relating to the equipment.
Such acts not expressly approved by Alcatel will result in the loss of product warranty and will
invalidate the user's authority to operate this equipment.
6 / 264
3EC 16982 AFAA TCZZA Ed. 01
Alcatel
Speed TouchPro
with Firewall
CLI Navigation
3EC 16982 AFAA TCZZA Ed. 01
7 / 264
8 / 264
3EC 16982 AFAA TCZZA Ed. 01
Accessing the Command Line Interface
Users can access the Command Line Interface via:
The Speed TouchPro with Firewall CLI web pages
This requires that TCP/IP connectivity exists between the host from which the web browser is
opened and the Speed TouchPro with Firewall
A Telnet session
This requires that TCP/IP connectivity exists between the host from which the Telnet session is
opened and the Speed TouchPro with Firewall
The serial 'Console' interface
Access via the Web Pages
The Speed TouchPro with Firewall CLI is accessible via its web interface. Browse to the Speed
TouchPro with Firewall web pages and click
menu is opened in a new browser window:
in the left frame. As a result the CLI web
You can open the CLI web pages directly by pointing the browser to the following URL:
http://10.0.0.138/cli.htm (in which the 10.0.0.138 IP address should be replaced by the
actual Speed TouchPro with Firewall IP address if needed).
All CLI groups and commands are placed in a menu. You can open a group by clicking the
next to a group name, or clicking the group name.
Clicking on a command name will execute it. Commands without parameters are indicated with
and are executed immediately.
Commands which require additional parameters are indicated with
parameters you must click
3EC 16982 AFAA TCZZA Ed. 01
to execute the command.
. After you configured all
mark
9 / 264
Access via a Telnet Session or Serial Console
As soon a session to the CLI is opened, the SpeedTouchPro with Firewall banner pops up,
followed by the CLI prompt.
In case of a Telnet session authentication via the System password might be required before access
is granted.
The following figure shows an example of the SpeedTouchPro with Firewall banner after
opening a Telnet session and authentication.
EXAMPLE:
/home/doejohn{1}$ telnet 10.0.0.138
Trying 10.0.0.138...
Connected to 10.0.0.138.
Escape character is ’^]’.
User :
SpeedTouch (00–90–D0–00–01–23–45)
Password : ######
–––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––
*
* ______
* ___/_____/\
* / /\\ Alcatel Speed Touch Pro
* _____/__ / \\ with Firewall DSL Router
* _/ /\_____/___ \ Version R3.4
* // / \ /\ \
* _______//_______/ \ / _\/____ Copyright (c) 1999–2001 Alcatel
* / / \ \ / / / /\
* __/ / \ \ / / / / _\__
* / / / \_______\/ / / / / /\
* /_/______/___________________/ /________/ /___/ \
* \ \ \ ___________ \ \ \ \ \ /
* \_\ \ / /\ \ \ \ \___\/
* \ \/ / \ \ \ \ /
* \_____/ / \ \ \________\/
* /__________/ \ \ /
* \ _____ \ /_____\/
* \ / /\ \ /___\/
* /____/ \ \ /
* \ \ /___\/
* \____\/
*
–––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––
=>
10 / 264
3EC 16982 AFAA TCZZA Ed. 01
Navigation and Manipulation
Manipulation commands are commands that manipulate operations on the command line, for
example changing the command group, go to the beginning of the command line, go to the end of
the command line, etc.
Command group Navigation
From top level, you can change to a command group by executing the name of the desired
command group.
To obtain a list of all available command groups, execute help from the top level.
EXAMPLE:
=>help
Following commands are available :
help : Displays this help information
? : Displays this help information
exit : Exits this shell.
.. : Exits group selection.
Following command groups are available :
dhcp dns td atmf mer
bridge pptp ppp cip nat
adsl/shdsl qosbook phonebook ip software
system config firewall
=>
To return to top level, or to descend one level (in case of nested command groups) execute .. .
EXAMPLE:
=>phonebook
[phonebook]=>
[phonebook]=>..
=>
3EC 16982 AFAA TCZZA Ed. 01
11 / 264
The Help Command
Execute help from top level to list all available command groups for the SpeedTouchPro with
Firewall.
EXAMPLE:
=>help
Following commands are available :
help : Displays this help information
? : Displays this help information
exit : Exits this shell.
.. : Exits group selection.
Following command groups are available :
dhcp dns td atmf mer
bridge pptp ppp cip nat
adsl/shdsl qosbook phonebook ip software
system config firewall
=>
You can execute the help command from each command group selection. This results in a list of
the available commands (and nested command groups, if available) in this particular command
group.
EXAMPLE:
=>firewall
[firewall]=>
[firewall]=>help
Following commands are available :
tron : Enables verbose console messaging.
troff : Disables verbose console messaging.
match : Defines an ip packet match.
assign : Assign a chain to an entry point.
list : Shows a list of all the hooks with the chain attached.
flush : Clears all hooks. If a hook is provided, that hook is cleared.
Following command groups are available :
chain rule
[firewall]=>
12 / 264
3EC 16982 AFAA TCZZA Ed. 01
Executing e.g. help firewall from top level gives the same result as executing help from the firewall
command group selection.
EXAMPLE:
=>firewall help
Following commands are available :
tron : Enables verbose console messaging.
troff : Disables verbose console messaging.
match : Defines an ip packet match.
assign : Assign a chain to an entry point.
list : Shows a list of all the hooks with the chain attached.
flush : Clears all hooks. If a hook is provided, that hook is cleared.
Following command groups are available :
chain rule
=>
Entering help followed by a specific command, e.g. help firewall assign (starting from top level)
or help assign (e.g. on the firewall command group selection) results in a description of the syntax
for the command.
EXAMPLE:
=>help firewall assign
Assign a chain to an entry point.
Syntax : assign hook = <{input|sink|forward|source|output}> chain = <string>
parameters :
hook = <{input|sink|forward|source|output}>
Name of hook to assign chain to.
chain = <string>
Name of chain to use.
=>
3EC 16982 AFAA TCZZA Ed. 01
13 / 264
Command Completion
The CLI features command completion, which means that when starting to enter a command it can
be completed by pressing the Tab" key.
For example, entering a at the firewall command group selection, followed by a Tab" stroke
results in the full assign command being completed. Entering firewall a from top level gives the
same result.
For the completion to be successful, the part to be added must be unique. Completion works for the
command groups, for the commands, for the options, but not for values.
EXAMPLE:
=>firewall
[firewall]=>a “Tab“
[firewall]=>assign
Going to the beginning or end of the Command Line
Go to the beginning of the Command Line by pressing "Ctrl+A"; to go to the end of the
Command Line press "Ctrl+E".
In the following example, the first
second
the position of the cursor after pressing "Ctrl+E".
indicates the position of the cursor after pressing "Ctrl+A", the
EXAMPLE:
=>list
Breaking off Commands
You can break off a command by pressing Ctrl+G". This can be useful in a situation where a user
is prompted to enter a value which it does not know and wants to abort the command. Instead of
being prompted over and over again for the same value, this allows to break of the command.
In the example below Ctrl+G" is pressed after the third prompt `vpi =`. The command is broken
of and the user returns to the command line.
EXAMPLE:
[firewall]=>match
chain =
chain =
chain =
[firewall]=>
Ctrl+G"
14 / 264
3EC 16982 AFAA TCZZA Ed. 01
History of Commands
To retake previous commands press the up arrow and come back to more recent commands
with the down arrow . Press Enter (
EXAMPLE:
=>firewall
[firewall]=>list
assign hook=input chain=input
assign hook=sink chain=sink
assign hook=forward chain=forward
assign hook=source chain=source
[firewall]=>
[firewall]=>:firewall list
↵)" to select and execute the retaken command.
3EC 16982 AFAA TCZZA Ed. 01
15 / 264
Command Line Interface Top Level Structure
The following command groups are available:
adsl (only applicable for the SpeedTouchPro with Firewall ADSL/POTS variant)
atmf (only applicable for models equipped with an ATMF25.6Mbps port)
bridge
cip
config
dhcp
dns
firewall
ip
mer
nat
phonebook
ppp
pptp
shdsl (only applicable for the SpeedTouchPro with Firewall SHDSL variant)
software
system
td
16 / 264
3EC 16982 AFAA TCZZA Ed. 01
Command Line Interface Commands
All CLI commands are commands that operate on, or configure, the SpeedTouchPro with
Firewall.
You can execute these commands from top level, preceded by the name of the command group
from which the command should be executed (e. g. firewall list).
You can also execute the commands from the command group itself, using the reduced form of the
command (e.g. list at the firewall command group selection).
`!` in a command means `NOT`, e.g. the `[!]syn` parameter in the firewall rule create command.
EXAMPLE:
=>firewall list
assign hook=input chain=input
assign hook=sink chain=sink
assign hook=forward chain=forward
assign hook=source chain=source
=>firewall
[firewall]=>list
assign hook=input chain=input
assign hook=sink chain=sink
assign hook=forward chain=forward
assign hook=source chain=source
[firewall]=>
Instead of entering a completely builtup command with all its parameters, you can also enter just
the command itself, without its parameters. After this you are prompted to complete the command
with the required and the optional parameters. For the optional parameters you can simply press
enter without giving a value.
The example below is the equivalent of `firewall assign hook=input chain=input`. To break of
such incomplete command press Ctrl+G".
EXAMPLE:
=>firewall assign
hook = input
chain= input
=>
3EC 16982 AFAA TCZZA Ed. 01
17 / 264
18 / 264
3EC 16982 AFAA TCZZA Ed. 01
Alcatel
Speed Touch
CLI Command Description
3EC 16982 AFAA TCZZA Ed. 01
19 / 264
20 / 264
3EC 16982 AFAA TCZZA Ed. 01
1 ADSL Commands
1 ADSL Commands
The adsl command group is only applicable to the Speed TouchPro with Firewall
ADSL/POTS variant, NOT to the Speed TouchPro with Firewall ADSL/ISDN and Speed
TouchPro with Firewall SHDSL variant.
adsl (to access the ADSL level)
adsl info
3EC 16982 AFAA TCZZA Ed. 01
21 / 264
1 ADSL Commands
adsl info
Show ADSL/POTS statistics and information about the SpeedTouchPro with Firewall status.
SYNTAX:
adsl info
EXAMPLE:
=>adsl info
Modemstate : up
Operation Mode : G.DMT Annex A [ POTS Overlay Mode ]
Channel Mode : fast
Number of resets : 1
Vendor (ITU) Local Remote
Country : 0f Of
Vendor : ALCB ALCB
VendorSpecific : 0000 0000
StandardRevisionNr : 01 01
Downstream Upstream
Margin [dB] : 31 31
Attenuation [dB] : 26 13
Available Bandwidth Cells Kbits
Downstream : 2641 1014
Upstream : 301 115
Transfer statistics
Total since power On Cells Kbits
Downstream : 185670 71297
Upstream : 10254 3937
Current Connection
Downstream : 185668 71296
Upstream : N/Avail N/Avail
Errors
Received FEC : 0
Received CRC : 0
Received HEC : 0
=>
22 / 264
3EC 16982 AFAA TCZZA Ed. 01
2 ATMF Commands
The atmf command group is only applicable to the Speed TouchPro with Firewall
ADSL/POTS variant equipped with an ATMF25.6Mbps port.
atmf (to access the ATMF level)
atmf add
atmf delete
atmf flush
atmf list
atmf load
atmf save
2 ATMF Commands
3EC 16982 AFAA TCZZA Ed. 01
23 / 264
2 ATMF Commands
atmf add
Add a crossconnection between the ATMF25 interface and the WAN interface.
SYNTAX:
atmf add vpi = <number {07}>
vci = <number {0511}>
vpi A number between 0 and 7.
Represents the Virtual Path identifier.
vci A number between 0 and 511.
Represents the Virtual Channel identifier.
Use VCI=0 for a VP crossconnection.
EXAMPLE:
=>atmf list
VPI = 1 VCI = 0
VPI = 2 VCI = 0
VPI = 3 VCI = 0
VPI = 4 VCI = 0
VPI = 5 VCI = 0
VPI = 6 VCI = 0
VPI = 7 VCI = 0
=>atmf add vpi=0 vci=35
=>atmf list
VPI = 0 VCI = 35
VPI = 1 VCI = 0
VPI = 2 VCI = 0
VPI = 3 VCI = 0
VPI = 4 VCI = 0
VPI = 5 VCI = 0
VPI = 6 VCI = 0
VPI = 7 VCI = 0
=>
REQUIRED
REQUIRED
RELATED COMMANDS:
atmf delete Delete a crossconnection on the ATMF25 interface.
atmf list Show current ATMF25 interface configuration.
24 / 264
3EC 16982 AFAA TCZZA Ed. 01
atmf delete
Delete a crossconnection on the ATMF25 interface.
SYNTAX:
atmf delete vpi = <number {07}>
vci = <number {0511}>
2 ATMF Commands
vpi A number between 0 and 7.
Represents the Virtual Path identifier.
vci A number between 0 and 511.
Represents the Virtual Channel identifier.
Use VCI=0 for a VP crossconnection.
EXAMPLE:
=>atmf list
VPI = 0 VCI = 35
VPI = 1 VCI = 0
VPI = 2 VCI = 0
VPI = 3 VCI = 0
VPI = 4 VCI = 0
VPI = 5 VCI = 0
VPI = 6 VCI = 0
VPI = 7 VCI = 0
=>atmf delete vpi=0 vci=35
=>atmf list
VPI = 1 VCI = 0
VPI = 2 VCI = 0
VPI = 3 VCI = 0
VPI = 4 VCI = 0
VPI = 5 VCI = 0
VPI = 6 VCI = 0
VPI = 7 VCI = 0
=>
REQUIRED
REQUIRED
RELATED COMMANDS:
atmf add Add a crossconnection on the ATMF25 interface.
atmf list Show current ATMF25 interface configuration.
3EC 16982 AFAA TCZZA Ed. 01
25 / 264
2 ATMF Commands
atmf flush
Flush complete ATMF25 interface configuration.
The flush command does not impact previously saved configurations.
SYNTAX:
atmf flush
EXAMPLE:
=>atmf list
VPI = 1 VCI = 0
VPI = 2 VCI = 0
VPI = 3 VCI = 0
VPI = 4 VCI = 0
VPI = 5 VCI = 0
VPI = 6 VCI = 0
VPI = 7 VCI = 0
=>atmf flush
=>atmf list
=>
RELATED COMMANDS:
atmf load Load saved or default ATMF25 interface configuration.
atmf save Save current ATMF25 interface configuration.
26 / 264
3EC 16982 AFAA TCZZA Ed. 01
atmf list
Show all current ATMF25 interface crossconnections .
SYNTAX:
atmf list
EXAMPLE OUTPUT:
=>atmf list
VPI = 0 VCI = 35
VPI = 1 VCI = 0
VPI = 2 VCI = 0
VPI = 3 VCI = 0
VPI = 4 VCI = 0
VPI = 5 VCI = 0
VPI = 6 VCI = 0
VPI = 7 VCI = 0
=>
2 ATMF Commands
RELATED COMMANDS:
atmf add
atmf delete
Add an ATMF25 interface crossconnection.
Delete a crossconnection on the ATMF25 interface.
3EC 16982 AFAA TCZZA Ed. 01
27 / 264
2 ATMF Commands
atmf load
Load saved (or default) ATMF25 interface configuration.
Execute atmf flush prior to atmf load.
SYNTAX:
atmf load [defaults = <yes|no>]
[defaults] Load factory defaults (yes) or saved configuration (no).
Not specifying this parameter loads the saved configuration
EXAMPLE:
=>atmf list
VPI = 0 VCI = 35
=>atmf save
=>atmf flush
=>atmf load defaults=yes
=>atmf list
VPI = 0 VCI = 0
VPI = 1 VCI = 0
VPI = 2 VCI = 0
VPI = 3 VCI = 0
VPI = 4 VCI = 0
VPI = 5 VCI = 0
VPI = 6 VCI = 0
VPI = 7 VCI = 0
=>atmf flush
=>atmf load defaults=no
=>atmf list
VPI = 0 VCI = 35
=>
RELATED COMMANDS:
atmf flush Flush complete ATMF25 interface configuration.
atmf save Save current ATMF25 interface configuration.
OPTIONAL
28 / 264
3EC 16982 AFAA TCZZA Ed. 01
atmf save
Save current ATMF25 interface configuration.
SYNTAX:
atmf save
EXAMPLE:
=>atmf list
VPI = 0 VCI = 35
VPI = 1 VCI = 0
VPI = 2 VCI = 0
VPI = 3 VCI = 0
VPI = 4 VCI = 0
VPI = 5 VCI = 0
VPI = 6 VCI = 0
VPI = 7 VCI = 0
=>atmf save
=>atmf flush
=>atmf list
=>atmf load
=>atmf list
VPI = 0 VCI = 35
VPI = 1 VCI = 0
VPI = 2 VCI = 0
VPI = 3 VCI = 0
VPI = 4 VCI = 0
VPI = 5 VCI = 0
VPI = 6 VCI = 0
VPI = 7 VCI = 0
=>
2 ATMF Commands
RELATED COMMANDS:
atmf flush Flush complete ATMF25 interface configuration.
atmf load Load saved or default ATMF25 interface configuration.
3EC 16982 AFAA TCZZA Ed. 01
29 / 264
2 ATMF Commands
30 / 264
3EC 16982 AFAA TCZZA Ed. 01
Loading...