D-link DFL-2500, DFL-260, DFL-800, DFL-1600, DFL-860 User Manual

...

Security

Network Security Firewall

CLI Reference Guide

DFL-210/ 800/1600/ 2500 DFL-260/ 860

Ver. 1.01

Network Security Solution http://www.dlink.com

CLI Reference Guide

DFL-210/260/800/860/1600/2500

NetDefendOS version 2.12

No. 289, Sinhu 3rd Rd, Neihu District, Taipei City 114, Taiwan R.O.C.

D-Link Corporation

http://www.DLink.com

Published 2007-04-17

CLI Reference Guide

DFL-210/260/800/860/1600/2500 NetDefendOS version 2.12

This publication, including all photographs, illustrations and software, is protected under international copyright laws, with all rights reserved. Neither this manual, nor any of the material contained herein, may be reproduced without written consent of the author.

Disclaimer

The information in this document is subject to change without notice. The manufacturer makes no representations or warranties with respect to the contents hereof and specifically disclaim any implied warranties of merchantability or fitness for any particular purpose. The manufacturer reserves the right to revise this publication and to make changes from time to time in the content hereof without obligation of the manufacturer to notify any person of such revision or changes.

Limitations of Liability

UNDER NO CIRCUMSTANCES SHALL D-LINK OR ITS SUPPLIERS BE LIABLE FOR DAMAGES OF ANY CHARACTER (E.G. DAMAGES FOR LOSS OF PROFIT, SOFTWARE RESTORATION, WORK STOPPAGE, LOSS OF SAVED DATA OR ANY OTHER COMMERCIAL DAMAGES OR LOSSES) RESULTING FROM THE APPLICATION OR IMPROPER USE OF THE D-LINK PRODUCT OR FAILURE OF THE PRODUCT, EVEN IF D-LINK IS INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. FURTHERMORE, D-LINK WILL NOT BE LIABLE FOR THIRD-PARTY CLAIMS AGAINST CUSTOMER FOR LOSSES OR DAMAGES. D-LINK WILL IN NO EVENT BE LIABLE FOR ANY DAMAGES IN EXCESS OF THE AMOUNT D-LINK RECEIVED FROM THE END-USER FOR THE PRODUCT.

Preface ............................................................................................................... ix

1. Introduction ...................................................................................................... 1

1.1. Running a command ................................................................................ 1

1.2. Help ..................................................................................................... 2

1.2.1. Help for commands ....................................................................... 2

1.2.2. Help for object types ..................................................................... 2

1.3. Function keys ......................................................................................... 3

1.4. Command line history .............................................................................. 4

1.5. Tab completion ....................................................................................... 5

1.5.1. Inline help ................................................................................... 5

1.5.2. Autocompleting current value and default value .................................. 5

1.5.3. Configuration object type categories ................................................. 6

1.6. User roles .............................................................................................. 7

2. Command Reference .......................................................................................... 9

2.1. Configuration ......................................................................................... 9

2.1.1. activate ....................................................................................... 9

2.1.2. add ............................................................................................. 9

2.1.3. cancel ........................................................................................10

2.1.4. cc .............................................................................................11

2.1.5. cd .............................................................................................12

2.1.6. commit ......................................................................................12

2.1.7. copy ..........................................................................................12

2.1.8. delete ........................................................................................13

2.1.9. enter ..........................................................................................13

2.1.10. pskgen .....................................................................................13

2.1.11. reject .......................................................................................14

2.1.12. set ...........................................................................................15

2.1.13. show ........................................................................................16

2.1.14. undelete ...................................................................................18

2.2. Runtime ...............................................................................................20

2.2.1. about .........................................................................................20

2.2.2. arp ............................................................................................20

2.2.3. arpsnoop ....................................................................................21

2.2.4. ats .............................................................................................22

2.2.5. bigpond .....................................................................................22

2.2.6. blacklist .....................................................................................22

2.2.7. buffers .......................................................................................24

2.2.8. cam ...........................................................................................24

2.2.9. certcache ....................................................................................25

2.2.10. cfglog ......................................................................................25

2.2.11. connections ...............................................................................25

2.2.12. cpuid .......................................................................................26

2.2.13. crashdump ................................................................................27

2.2.14. customlog .................................................................................27

2.2.15. dhcp ........................................................................................27

2.2.16. dhcprelay ..................................................................................28

2.2.17. dhcpserver ................................................................................29

2.2.18. dns ..........................................................................................29

2.2.19. dynroute ...................................................................................30

2.2.20. frags ........................................................................................30

2.2.21. ha ............................................................................................31

2.2.22. httpposter .................................................................................32

2.2.23. hwaccel ....................................................................................32

2.2.24. ifstat ........................................................................................32

2.2.25. ikesnoop ...................................................................................33

2.2.26. ippool ......................................................................................33

2.2.27. ipsecglobalstats ..........................................................................34

CLI Reference Guide

2.2.28. ipseckeepalive ...........................................................................34

2.2.29. ipsecstats ..................................................................................35

2.2.30. killsa .......................................................................................35

2.2.31. license .....................................................................................36

2.2.32. linkmon ....................................................................................36

2.2.33. lockdown ..................................................................................37

2.2.34. logout ......................................................................................37

2.2.35. memory ....................................................................................38

2.2.36. ospf .........................................................................................38

2.2.37. pipes ........................................................................................40

2.2.38. reconfigure ...............................................................................40

2.2.39. routemon ..................................................................................40

2.2.40. routes .......................................................................................41

2.2.41. rules ........................................................................................42

2.2.42. sessionmanager ..........................................................................42

2.2.43. shutdown ..................................................................................43

2.2.44. sshserver ..................................................................................44

2.2.45. stats .........................................................................................45

2.2.46. time .........................................................................................45

2.2.47. updatecenter ..............................................................................46

2.2.48. urlcache ...................................................................................46

2.2.49. userauth ...................................................................................47

2.2.50. vlan .........................................................................................48

2.2.51. vpnstats ....................................................................................48

2.2.52. zonedefense ..............................................................................48

2.3. Utility ..................................................................................................50

2.3.1. ping ..........................................................................................50

2.4. Misc ....................................................................................................51

2.4.1. help ...........................................................................................51

2.4.2. history .......................................................................................51

3. Configuration Reference ....................................................................................53

3.1. Access .................................................................................................54

3.2. Address ................................................................................................56

3.2.1. AddressFolder .............................................................................56

3.2.2. EthernetAddress ..........................................................................58

3.2.3. EthernetAddressGroup ..................................................................58

3.2.4. IP4Address .................................................................................58

3.2.5. IP4Group ...................................................................................58

3.2.6. IP4HAAddress ............................................................................58

3.3. AdvancedScheduleProfile ........................................................................59

3.3.1. AdvancedScheduleOccurrence .......................................................59

3.4. ALG ....................................................................................................60

3.4.1. ALG_FTP ..................................................................................60

3.4.2. ALG_H323 ................................................................................61

3.4.3. ALG_HTTP ...............................................................................61

3.4.4. ALG_SMTP ...............................................................................62

3.5. ARP ....................................................................................................64

3.6. BlacklistWhiteHost .................................................................................65

3.7. Certificate .............................................................................................66

3.8. Client ...................................................................................................67

3.8.1. DynDnsClientCjbNet ...................................................................67

3.8.2. DynDnsClientDLink ....................................................................67

3.8.3. DynDnsClientDyndnsOrg ..............................................................67

3.8.4. DynDnsClientDynsCx ..................................................................68

3.8.5. DynDnsClientPeanutHull ..............................................................68

3.8.6. LoginClientBigPond .....................................................................69

3.8.7. LoginClientTelia .........................................................................69

3.9. DateTime ..............................................................................................70

3.10. Device ................................................................................................71

3.11. DHCPRelay .........................................................................................72

3.12. DHCPServer ........................................................................................73

3.12.1. DHCPServerPoolStaticHost .........................................................73

3.12.2. DHCPServerCustomOption .........................................................74

CLI Reference Guide

3.13. DNS ...................................................................................................75

3.14. Driver ................................................................................................76

3.14.1. IXP4NPEEthernetDriver .............................................................76

3.14.2. MarvellEthernetPCIDriver ...........................................................76

3.14.3. R8139EthernetPCIDriver .............................................................76

3.15. DynamicRoutingRule ............................................................................78

3.15.1. DynamicRoutingRuleExportOSPF ................................................79

3.15.2. DynamicRoutingRuleAddRoute ....................................................79

3.16. EthernetDevice ....................................................................................81

3.17. HighAvailability ...................................................................................82

3.18. HTTPPoster .........................................................................................83

3.19. IDList ................................................................................................84

3.19.1. ID ...........................................................................................84

3.20. IDPRule ..............................................................................................85

3.20.1. IDPRuleAction ..........................................................................85

3.21. IKEAlgorithms ....................................................................................87

3.22. Interface .............................................................................................88

3.22.1. DefaultInterface .........................................................................88

3.22.2. Ethernet ...................................................................................88

3.22.3. InterfaceGroup ..........................................................................89

3.22.4. IPSecTunnel .............................................................................89

3.22.5. L2TPClient ...............................................................................91

3.22.6. L2TPServer ..............................................................................93

3.22.7. PPPoETunnel ............................................................................94

3.22.8. VLAN .....................................................................................95

3.23. IPRule ................................................................................................97

3.24. IPRuleFolder .......................................................................................99

3.24.1. IPRule .....................................................................................99

3.25. IPSecAlgorithms ................................................................................ 100

3.26. LDAPServer ...................................................................................... 101

3.27. LocalUserDatabase ............................................................................. 102

3.27.1. User ...................................................................................... 102

3.28. LogReceiver ...................................................................................... 103

3.28.1. LogReceiverMemory ................................................................ 103

3.28.2. LogReceiverSMTP ................................................................... 103

3.28.3. LogReceiverSyslog .................................................................. 104

3.29. OSPFProcess ..................................................................................... 105

3.29.1. OSPFArea ..............................................................................106

3.30. Pipe .................................................................................................109

3.31. PipeRule ........................................................................................... 112

3.32. PSK .................................................................................................113

3.33. RadiusServer .....................................................................................114

3.34. RemoteManagement ........................................................................... 115

3.34.1. RemoteMgmtHTTP ..................................................................115

3.34.2. RemoteMgmtSNMP ................................................................. 115

3.34.3. RemoteMgmtSSH .................................................................... 115

3.35. RoutingRule ...................................................................................... 118

3.36. RoutingTable .....................................................................................119

3.36.1. Route ..................................................................................... 119

3.36.2. SwitchRoute ........................................................................... 120

3.37. ScheduleProfile ..................................................................................121

3.38. Service ............................................................................................. 122

3.38.1. ServiceGroup .......................................................................... 122

3.38.2. ServiceICMP ...........................................................................122

3.38.3. ServiceIPProto ........................................................................ 123

3.38.4. ServiceTCPUDP ...................................................................... 123

3.39. Settings ............................................................................................125

3.39.1. ARPTableSettings .................................................................... 125

3.39.2. ConnTimeoutSettings ............................................................... 125

3.39.3. DHCPRelaySettings ................................................................. 126

3.39.4. DHCPServerSettings ................................................................ 127

3.39.5. FragSettings ............................................................................ 127

3.39.6. ICMPSettings .......................................................................... 128

CLI Reference Guide

3.39.7. IPSecTunnelSettings ................................................................. 128

3.39.8. IPSettings ............................................................................... 129

3.39.9. L2TPServerSettings .................................................................. 130

3.39.10. LengthLimSettings ................................................................. 131

3.39.11. LocalMgmtSettings ................................................................. 131

3.39.12. LocalReassSettings ................................................................. 132

3.39.13. LogSettings ........................................................................... 132

3.39.14. RemoteMgmtSettings .............................................................. 133

3.39.15. RoutingSettings ...................................................................... 133

3.39.16. SSLSettings ........................................................................... 134

3.39.17. StateSettings .......................................................................... 135

3.39.18. TCPSettings .......................................................................... 136

3.39.19. VLANSettings ....................................................................... 137

3.40. SSHClientKey ................................................................................... 138

3.41. ThresholdRule ................................................................................... 139

3.41.1. ThresholdAction ...................................................................... 139

3.42. UpdateCenter ..................................................................................... 141

3.43. UserAuthRule ....................................................................................142

3.44. ZoneDefenseBlock .............................................................................144

3.45. ZoneDefenseExcludeList ..................................................................... 145

3.46. ZoneDefenseSwitch ............................................................................ 146

Index ...............................................................................................................148

vii

List of Examples

1. Command option notation .................................................................................. ix

1.1. Help for commands ......................................................................................... 2

1.2. Help for object types ........................................................................................ 2

1.3. Command line history ...................................................................................... 4

1.4. Tab completion ............................................................................................... 5

1.5. Inline help ..................................................................................................... 5

1.6. Edit an existing property value ........................................................................... 6

1.7. Using categories with tab completion .................................................................. 6

2.1. Create a new object ........................................................................................10

2.2. Change context ..............................................................................................11

2.3. Delete an object .............................................................................................13

2.4. Reject changes ...............................................................................................14

2.5. Set property values .........................................................................................16

2.6. Show objects .................................................................................................17

2.7. Undelete an object ..........................................................................................18

2.8. Block hosts ...................................................................................................23

2.9. frags ............................................................................................................31

2.10. Show a range of rules ....................................................................................42

viii

Preface

Audience

The target audience for this reference guide is:

• Administrators that are responsible for configuring and managing the D-Link Firewall.

• Administrators that are responsible for troubleshooting the D-Link Firewall. This guide assumes that the reader is familiar with the D-Link Firewall, and has the necessary basic

knowledge in network security.

Notation

The following notation is used throughout this reference guide when specifying the options of a command:

Angle brackets <name> or

-option=<description> Square brackets [option] or

-option[=value] Curly brackets {value1 | value2 |

Used for specifying the name of an option or a description of a value.

Used for specifying that an option or a value for an option is optional and can be omitted.

Used for specifying the available values for an option.

value3} Ellipsis ...

Used for specifying that more than one value can be specified for the option.

Example 1. Command option notation

One of the usages for the help command looks like this:

help -category={COMMANDS | TYPES} [<Topic>]

This means that help has an option called category which has two possible values which are COMMANDS and TYPES. There is also an optional option called Topic which in this case is a search string used to specify what

help topic to display. Since the topic is optional, it is possible to exclude it when running the command. Both of the following examples are valid for the usage described above:

gw-world:/> help -category=COMMANDS gw-world:/> help -category=COMMANDS activate

The usage for the routes command is:

routes [-all] [-switched] [-flushl3cache[=<percent>]] [-num=<n>]

None of the options of this command are mandatory. The flushl3cache option also has an optional value. This is because that option has a default value, 100, which will be used if no value is specified.

The following two examples will yield the same result:

gw-world:/> routes -flushl3cache=100 gw-world:/> routes -flushl3cache

[-nonhost] [-tables] [-lookup=<ip address>] [-verbose] [-setmtu=<mtu>] [-cacheinfo] [<table name>]...

Notation Preface

Because the table name option is followed by ellipses it is possible to specify more than one routing table. Since table name is optional as well, the user can specify zero or more policy-based routing tables.

gw-world:/> routes Virroute Virroute2

Chapter 1. Introduction

• Running a command, page 1

• Help, page 2

• Function keys, page 3

• Command line history, page 4

• Tab completion, page 5

• User roles, page 7

This guide is a reference for all commands and configuration object types that are available in the command line interface for NetDefendOS.

1.1. Running a command

The commands described in this guide can be run by typing the command name and then pressing the return key. Many commands require options to be set to run. If a required option is missing a brief syntax help will be displayed.

1.2. Help Chapter 1. Introduction

1.2. Help

1.2.1. Help for commands

There are two ways of getting help about a command. A brief help is displayed if the command name is typed followed by -? or -h. This applies to all commands and is therefore not listed in the option list for each command in this guide. Using the help command gives a more detailed help corresponding to the information found in this guide. In most cases it is possible to simply type help followed by the command name to get the full help. See Section 2.4.1, “help” for a more detailed description. To list the available commands, just type help and press return.

Example 1.1. Help for commands

Brief help for the activate command:

gw-world:/> activate -? gw-world:/> activate -h

Full help for activate:

gw-world:/> help activate

Help for the arp command. Arp is also the name of a configuration object type, so it is necessary to specify that the help text for the command should be displayed:

gw-world:/> help -category=COMMANDS arp

List all available commands:

gw-world:/> help

1.2.2. Help for object types

To get help about configuration object types, use the help command. It is also possible to get information about each property in an object type, such as data type, default value, etc. by entering the ? character when entering the value of a property and pressing tab. More on this in Section 1.5.1, “Inline help”.

Example 1.2. Help for object types

Full help for IP4Address:

gw-world:/> help IP4Address

Help for the ARP configuration object type, which collides with the arp command:

gw-world:/> help -category=TYPES ARP

1.3. Function keys Chapter 1. Introduction

1.3. Function keys

In addition to the return key there are a number of function keys that are used in the CLI.

Backspace Tab Ctrl-A or Home Ctrl-B or Left Arrow Ctrl-C

Ctrl-D or Delete Ctrl-E or End Ctrl-F or Right Arrow Ctrl-K Ctrl-N or Down Arrow Ctrl-P or Up Arrow Ctrl-T Ctrl-U Ctrl-W

Delete the character to the left of the cursor. Complete current word. Move the cursor to the beginning of the line. Move the cursor one character to the left. Clear line or cancel page view if more than one page of informa-

tion is shown. Delete the character to the right of the cursor. Move the cursor to the end of the line. Move the cursor one character to the right. Delete from the cursor to the end of the line. Show the next entry in the command history. Show the previous entry in the command history. Transpose the current and the previous character. Delete from the cursor to the beginning of line. Delete word backwards.

1.4. Command line history Chapter 1. Introduction

1.4. Command line history

Every time a command is run, the command line is added to a history list. The up and down arrow keys are used to access previous command lines (up arrow for older command lines and down arrow to move back to a newer command line). See also Section 2.4.2, “history”.

Example 1.3. Command line history

Using the command line history via the arrow keys:

gw-world:/> show Address gw-world:/> (up arrow) gw-world:/> show Address (the previous commandline is displayed)

1.5. Tab completion Chapter 1. Introduction

1.5. Tab completion

By using the tab function key in the CLI the names of commands, options, objects and object properties can be automatically completed. If the text entered before pressing tab only matches one possible item, e.g. "activate" is the only match for "acti" if a command is expected, the name will be autocompleted. Should there be more than one match the part common to all matches will be completed. At this point the user can either enter more characters or press tab again, which will display a list of the possible completions. This can also be done without entering any characters, but the resulting list might be long if there are many possible completions, e.g. all commands.

Example 1.4. Tab completion

An example of tab completion when using the add command:

gw-world:/> add Add (tab) gw-world:/> add Address ("ress" was autocompleted) gw-world:/> add Address i (tab) gw-world:/> add Address IP4 ("IP4" was autocompleted) gw-world:/> add Address IP4 (tab, or double tab if IP4 were entered manually) A list of all types starting with IP4 is listed. gw-world:/> add Address IP4a (tab) gw-world:/> add Address IP4Address ("Address" was autocompleted) gw-world:/> add Address IP4Address example_ip a (tab) gw-world:/> add Address IP4Address example_ip Address= ("Address=" was autocompleted) gw-world:/> add Address IP4Address example_ip Address=1.2.3.4

Tab completion of references:

gw-world:/> set Address IP4Group examplegroup Members= (tab, tab) A list of valid objects is displayed. gw-world:/> set Address IP4Group examplegroup Members=e (tab) gw-world:/> set Address IP4Group examplegroup Members=example_ip ("xample_ip" was autocompleted)

1.5.1. Inline help

It is possible to get help about available properties of configuration objects while a command line is being typed by using the ? character. Write ? instead of a property name and press tab and a help text for the available properties is shown. If ? is typed in stead of a property value and tab is pressed a help text for that property which contains more information such as data type, default value, etc. is displayed.

Example 1.5. Inline help

Get inline help for all properties of an IP4Address:

gw-world:/> set IP4Address example_ip ? (tab) A help text describing all available properties is displayed.

Getting inline help for the Address property:

gw-world:/> set IP4Address example_ip Address=? (tab) A more detailed help text about Address is displayed.

1.5.2. Autocompleting current value and default value

Another special character that can be used together with tab completion is <. If < is entered instead of a property value and tab is pressed it will be replaced by the current value of that property. This is

1.5.3. Configuration object type categories

useful when editing an existing list of items or a long text value. If no value has been set yet for the property in question the default value, if one exists, will be used. Some values, such as binary data, cannot be autocompleted in this way.

Example 1.6. Edit an existing property value

Edit the current value:

gw-world:/> add IP4Address example_ip Address=1.2.3.4 gw-world:/> set IP4Address example_ip Address=< (tab) gw-world:/> set IP4Address example_ip Address=1.2.3.4 (the value was inserted) The value can now be edited by using the arrow keys or backspace.

gw-world:/> set IP4Group examplegroup Members=ip1,ip2,ip3,ip5 gw-world:/> set IP4Group examplegroup Members=< (tab) gw-world:/> set IP4Group examplegroup Members=ip1,ip2,ip3,ip5 (the value was inserted) It is now possible to add or remove a member to the list without having to enter all the other members again.

Edit the default value:

gw-world:/> add LogReceiverSyslog example Address=example_ip LogSeverity=< (tab) gw-world:/> add LogReceiverSyslog example Address=example_ip LogSeverity=Emergency, Alert,Critical,Error,Warning,Notice,Info (the default value was inserted) Now it is easy to remove a log severity.

Chapter 1. Introduction

1.5.3. Configuration object type categories

Some object types are grouped together in a category in the CLI. This only matters when using tab completion as they are used to limit the number of possible completions when tab completing object types. The category can always be omitted when running commands if the type name is entered manually.

Example 1.7. Using categories with tab completion

Accessing an IP4Address object with the use of categories:

gw-world:/> show ad (tab) gw-world:/> show Adress (the category is autocompleted) gw-world:/> show Adress ip4a (tab) gw-world:/> show Adress IP4Address (the type is autocompleted) gw-world:/> show Adress IP4Address example_ip

Accessing an IP4Address object without the use of categories:

gw-world:/> show IP4Address example_ip

1.6. User roles Chapter 1. Introduction

1.6. User roles

Some commands and options cannot be used unless the logged in user has administrator priviege. This is indicated in this guide by a note following the command or "Admin only" written next to an option.

1.6. User roles Chapter 1. Introduction

Chapter 2. Command Reference

• Configuration, page 9

• Runtime, page 20

• Utility, page 50

• Misc, page 51

2.1. Configuration

2.1.1. activate

Activate changes.

Description

Activate the latest changes. This will issue a reconfiguration, using the new configuration. If the reconfiguration is successful a

commit command must be issued within the configured timeout interval in order to save the changes to media. If not, the system will revert to using the previous version of the configuration.

Usage

activate

2.1.2. add

Create a new object.

Description

Create a new object and add it to the configuration. Specify the type of object you want to create and the identifier, if the type has one, unless the object

is identified by an index. Set the properties of the object by writing the propertyname equals (=) and then the value. An optional category can be specified for some object types when using tab completion.

If a mandatory property isn't specified a list of errors will be shown after the object is created. If an invalid property or value type is specified or if the identifier is missing the command will fail and not create an object.

Note

Requires Administrator privilege.

Adjustments can be made after the object is created by using the set command.

2.1.3. cancel Chapter 2. Command Reference

Example 2.1. Create a new object

Add objects with an identifier property (not index):

gw-world:/> add Address IP4Address example_ip Address=1.2.3.4 Comments="This is an example" gw-world:/> add IP4Address example_ip2 Address=2.3.4.5

Add an object with an index:

gw-world:/main> add Route Interface=lan

Add an object without identifier:

gw-world:/> add DynDnsClientDyndnsOrg DNSName=example Username=example

Usage

add [<Category>] <Type> [<Identifier>] [<key-value pair>]...

Options

<key-value pair>

<Type>

2.1.3. cancel

Cancel ongoing commit.

Description

Cancel commit operation immediately, without waiting for the timeout.

Usage

Category that groups object types. The property that identifies the configuration object. May not be applic-

able depending on the specified <Type>. One or more property-value pairs, i.e. <property name>=<value> or

<property name>="<value>". Type of configuration object to perform operation on.

Note

Requires Administrator privilege.

cancel

Note

Requires Administrator privilege.

2.1.5. cd Chapter 2. Command Reference

2.1.4. cc

Change the current context.

Description

Change the current configuration context. A context is a group of objects that are dependent on and grouped by a parent object. Many objects

lie in the "root" context and do not have a specific parent. Other objects, e.g. User objects lie in a sub-context (or child context) of the root - in this case in a LocalUserDatabase. In order to add or modify users you have to be in the correct context, e.g. a LocalUserDatabase called "exampledb". Only objects in the current context can be accessed.

Example 2.2. Change context

Change to a sub/child context:

gw-world:/> cc LocalUserDatabase exampledb gw-world:/exampledb>

Go back to the parent context:

gw-world:/ospf1/area1> cc .. gw-world:/ospf1> cc .. gw-world:/>

Go back to the root context:

gw-world:/ospf1/area1> cc gw-world:/>

gw-world:/ospf1/area1> cc / gw-world:/>

Usage

cc [<Category>] <Type> <Identifier>

Change the current context.

cc -print

Print the current context.

Change to root context (same as "cc /").

Options

-print <Category> <Identifier>

<Type>

Print the current context. Category that groups object types. The property that identifies the configuration object. May not be applicable

depending on the specified <Type>. Type of configuration object to perform operation on.

2.1.6. commit Chapter 2. Command Reference

2.1.5. cd

Alias for cc.

2.1.6. commit

Save new configuration to media.

Description

Save the new configuration to media. This command can only be issued after a successful activate command.

Usage

commit

2.1.7. copy

Copy object.

Description

Make a copy of a configuration object. The created copy will have identical values for all properties, except for the identifier, which is modified to be unique for the new object.

Some objects can't be copied. It is not possible to copy an object that has child objects. Also it is not possible to copy for example "DNS" and "DateTime", as there can only be a single instance of these object types.

Usage

copy [<Category>] <Type> [<Identifier>] [<Parent>]

Options

Note

Requires Administrator privilege.

Category that groups object types. The property that identifies the configuration object. May not be applicable

depending on the specified <Type>. Parent of new object. Type of configuration object to perform operation on.

2.1.9. enter Chapter 2. Command Reference

2.1.8. delete

Delete specified objects.

Description

Delete the specified object, removing it from the configuration. Add the force flag to delete the object even if it is referenced by other objects or if it is a context that

has child objects that aren't deleted. This may cause objects referring to the specified object or one of its children to get errors that must be corrected before the configuration can be activated.

2.1.9. enter

Force object to be deleted even if it's used by other objects or has children. Category that groups object types. The property that identifies the configuration object. May not be applicable

depending on the specified <Type>. Type of configuration object to perform operation on.

Note

Requires Administrator privilege.

Alias for cc.

2.1.10. pskgen

Generate random pre-shared key.

2.1.11. reject Chapter 2. Command Reference

Description

Generate a pre-shared key of specified size, containing randomized key data. If a key with the specified name exists, the existing key is modified. Otherwise a new key object is created.

Usage

pskgen <Name> [-comments=<String>] [-size={64 | 128 | 256 | 512 |

Options

-comments=<String>

-size={64 | 128 | 256 | 512 | 1024 | 2048 | 4096} <Name>

2.1.11. reject

Reject changes.

Description

1024 | 2048 | 4096}]

Comments for this key. Number of bits of data in the generated key. (Default: 64) Name of key.

Note

Requires Administrator privilege.

Reject the changes made to the specified object by reverting to the values of the last committed configuration.

All changes made to the object will be lost. If the object is added after the last commit, it will be removed.

To reject the changes in more than one object, use either the -recursive flag to delete a context and all its children recursively or the -all flag to reject the changes in all objects in the configuration.

2.1.12. set

Set property values.

Reject all changes in the configuration. Recursively reject changes. Category that groups object types. The property that identifies the configuration object. May not be applicable

depending on the specified <Type>. Type of configuration object to perform operation on.

Note

Requires Administrator privilege.

Description

Set property values of configuration objects. Specify the type of object you want to modify and the identifier, if the type has one. Set the proper-

ties of the object by writing the propertyname equals (=) and then the value. An optional category can be specified for some object types when using tab completion.

If a mandatory property hasn't been specified or if a property has an error a list of errors will be shown after the specified properties have been set. If an invalid property or value type is specified the command will fail and not modify the object.

2.1.13. show Chapter 2. Command Reference

2.1.13. show

Disable object. This option is not available if the object is already disabled.

Enable object. This option is not available if the object is already enabled.

Category that groups object types. The property that identifies the configuration object. May not be applic-

able depending on the specified <Type>. One or more property-value pairs, i.e. <property name>=<value> or

<property name>="<value>". Type of configuration object to perform operation on.

Note

Requires Administrator privilege.

Show objects.

Description

Show objects. Show the properties of a specified object. There are a number of flags that can be specified to show

otherwise hidden properties. To show a list of object types and categories available in the current context, just type show. Show a table of all objects of a type by specifying a type or a category. Use

2.1.13. show Chapter 2. Command Reference

the -errors or -changes flags to show what objects have been changed or have errors in the configuration.

When showing a table of all objects of a certain type, the status of each object since the last time the configuration was committed is indicated by a flag. The flags used are:

The object is deleted.

The object is disabled.

The object has errors.

The object is newly created.

The object is modified.

Unchanged objects are not indicated by a flag. When listing categories and object types, categories are indicated by [] and types where objects may

be contexts by /.

Example 2.6. Show objects

Show the properties of an individual object:

gw-world:/> show Address IP4Address example_ip gw-world:/main> show Route 1 gw-world:/> show Client DynDnsClientDyndnsOrg

Show a table of all objects of a type and a selection of their properties as well as their status:

gw-world:/> show Address IP4Address gw-world:/> show IP4Address

Show a table of all objects for each type in a category:

gw-world:/> show Address

Show objects with changes and errors:

gw-world:/> show -changes gw-world:/> show -errors

Show what objects use (refer to) a certain object:

gw-world:/> show Address IP4Address example_ip -references

Usage

show

Show the types and categories available in the current context.

show [<Category>] [<Type> [<Identifier>]] [-disabled] [-references]

Show an object or list a type or category.

show -errors [-verbose]

Show all errors.

show -changes

Show all changes.

2.1.14. undelete Chapter 2. Command Reference

Options

-changes

-disabled

-errors

-references

-verbose <Category> <Identifier>

<Type>

2.1.14. undelete

Restore previously deleted objects.

Description

Restore a previously deleted object.

Show all changes in the current configuration. Show disabled properties. Show all errors in the current configuration. Show all references to this object from other objects. Show error details. Category that groups object types. The property that identifies the configuration object. May not be applicable

depending on the specified <Type>. Type of configuration object to perform operation on.

This is possible as long as the activate command has not been called. See also: delete

Example 2.7. Undelete an object

Undelete an unreferenced object:

gw-world:/> delete Address IP4Address example_ip gw-world:/> undelete Address IP4Address example_ip

Undelete a referenced object: (will remove the error in examplerule)

gw-world:/> set IPRule examplerule SourceNetwork=examplenet gw-world:/> delete Address IP4Address examplenet -force gw-world:/> undelete Address IP4Address examplenet

Usage

undelete [<Category>] <Type> [<Identifier>]

Options

Category that groups object types.

2.1.14. undelete Chapter 2. Command Reference

<Type>

The property that identifies the configuration object. May not be applicable depending on the specified <Type>.

Type of configuration object to perform operation on.

Note

Requires Administrator privilege.

2.2. Runtime Chapter 2. Command Reference

2.2. Runtime

2.2.1. about

Show copyright/build information.

Description

Show copyright and build information.

Usage

about [-verbose]

Options

-verbose

2.2.2. arp

Show ARP entries for given interface.

Description

List the ARP cache entries of specified interfaces. If no interface is given the ARP cache entries of all interfaces will be presented. The presented list can be filtered using the ip and hw options.

Usage

arp

Show all ARP entries.

arp -show [<Interface>] [-ip=<pattern>] [-hw=<pattern>] [-num=<n>]

Verbose.

Show ARP entries.

arp -hashinfo [<Interface>]

Show information on hash table health.

arp -flush [<Interface>]

Flush ARP cache of all specified interfaces.

+ 130 hidden pages

D-link DFL-2500, DFL-260, DFL-800, DFL-1600, DFL-860 User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual

CLI Reference Guide

Table of Contents

Preface

Chapter 1. Introduction

1.1. Running a command

1.2. Help

1.2.1. Help for commands

1.2.2. Help for object types

1.3. Function keys

1.4. Command line history

1.5. Tab completion

1.5.1. Inline help

1.5.2. Autocompleting current value and default value

1.5.3. Configuration object type categories

1.6. User roles

Chapter 2. Command Reference

2.1. Configuration

2.1.1. activate

2.1.2. add

2.1.3. cancel

2.1.4. cc

2.1.5. cd

2.1.6. commit

2.1.7. copy

2.1.8. delete

2.1.9. enter

2.1.10. pskgen

2.1.11. reject

2.1.12. set

2.1.13. show

2.1.14. undelete

2.2. Runtime

2.2.1. about

2.2.2. arp