How to use the DSL-50X Command Line Interface (CLI)

This section will detail tips and traps for people who choose to use the CLI. The CLI has a number of advantages over the web interface: it is much more powerful and does not suffer from some of the limitations imposed by the web interface (eg the number of ports which can be forwarded is limited when using the web interafce, but not when using the CLI).

The web interface also hides multiple operations under a single form submission (mainly for users who do not want/need to know what is really happening behind the scenes :-). Beware that you do not assume that operations using the web interface are the same when using the CLI.

The CLI operates almost identically whether you are accessing it via the serial console port using your favourite terminal program set to 9600 baud, 8 bit data word, 1 stop bit, no parity and hardware (CTS/RTS) handshaking or via telnet. Some result messages are not displayed in telnet mode (they are still displayed, but to the serial console).

Saving the router configuration permanently

• Problem: It seems that config save from the console/telnet prompt does not save anything. So although you can change the router's settings, you cannot actually change anything permanently via the console/telnet.

• Solution: After issuing a config save, you also need to issue a flashfs update. [Verified with firmware versions T8 to T23]

• Explanation: config save simply saves the current NVRAM settings to the files in the 'isfs' file system. flashfs update copies the files from the 'isfs' file system to the 'flashfs' file system. This is important because when you reboot/restart/re-power the router, the first thing it does, after loading its boot image, is to COPY the files from the 'flashfs' file system to the 'isfs' file system, then load the settings from the files in the 'isfs' file system into NVRAM.

Adding port forwarding (NAT) rules

• Problem: How do I add port forwarding rules using the CLI?

• Syntax: [Only verified using firmware version T8]
   
  nat> inbound add ppp_device <WAN port>/<LAN port>/<protocol> <LAN IP> <Comment>
   
  <WAN port> = the WAN side UDP/TCP port number to be redirected to the destination LAN port number;
  <LAN port> = the LAN destination port (usually the same as the WAN port);
  <protocol> = IP protocol can be either tcp or udp;
  <LAN IP> = the private IP address of the destination LAN computer;
  <Comment> = your descriptive comment (no spaces allowed, use underscores).
   
• Example: This example redirects any incoming requests to your WAN port 80 to LAN port 80 of the computer with the private IP address of 192.168.0.4. This would make a webserver running on that computer accessible from the Internet.
   
  nat> inbound add ppp_device 80/80/tcp 192.168.0.4 Webserver

Adding routes to the routing table

• Problem: How do I route traffic to a particular IP address via a route other than the DSL-50X router's default route?

• Syntax: [Only verified using firmware version T8]
   
  ip> route add <Comment> <IP> <IP gateway> <Mask> [<Cost> [<TimeOut> [<Flag>]]]
   
  <Comment> = your descriptive comment (no spaces allowed, use underscores).
  <IP> = the IP address of the network being routed to (0.0.0.0 is used for a default route);
  <IP gateway> = the IP address of the next hop gateway to be used;
  <Mask> = the subnet mask of the network being routed to;
  <Cost> = optional number of hops to be counted as the cost of the route;
  <TimeOut> = optional number of seconds route will remain in routing table (0 = forever);
  <Flag> = optional flag which when set to 1 does not complain if interface does not yet exist.
   
• Example 1: This example routes a network of 8 addresses (203.51.188.152 - 203.51.188.159) to the LAN computer with the private IP address of 192.168.0.2 which will on-route it to wherever.
   
  ip> route add TelstraIPs 203.51.188.152 192.168.0.2 ff:ff:ff:f8 1 0 1
   
• Example 2: This example routes a single network address (139.130.250.4) to the LAN computer with the private IP address of 192.168.0.2 which will on-route it to wherever.
   
  ip> route add PubNewsSvr 139.130.250.4 192.168.0.2 ff:ff:ff:ff 1 0 1

Reading the event log

The post-T8 versions of the firmware for the DSL-500 and DSL-504 record various events to a log file. The log looks like this:

[FIREWALL]2003/02/19 22:50:33-Chrismas:TCP_CHRISMAS,source:216.239.51.119
[FIREWALL]2003/02/19 23:14:38-Chrismas:TCP_CHRISMAS,source:216.239.33.101
[FIREWALL]2003/02/19 23:35:22-Chrismas:TCP_CHRISMAS,source:128.148.185.4
[BUN]2003/02/20 00:31:33-Chrismas:TCP_CHRISMAS,source:128.148.185.4
[PPP]2003/02/20 00:31:35-Connect:PPP Stop
[BUN]2003/02/20 00:32:01-Link:ADSL Link Up
[PPP]2003/02/20 00:32:05-Connect:PPP LCP reaches open state
[PPP]2003/02/20 00:32:05-Auth:PPP Start CHAP authentication
[PPP]2003/02/20 00:32:07-Connect:PPP IPCP reaches open state

There are several ways to read the log:

1. Use the router's TFTP client to transfer the eventlog file from the router to your PC running a TFTP server;
2. Use the serial console: log > view or isfs > cat eventlog;
3. Use telnet: isfs > cat eventlog;
4. Use my DSL-50X utility to retrieve it for you every 1/3/6/12/24 hours or manually on demand.

Back to the Info Dump