User's Manual
Table Of Contents
- Table of contents
- FCC Regulatory Notice
- Industry Canada Regulatory Notice
- Antenna installation and operation information
- I. Getting Started
- II.Hardware description
- III.Installation procedure
- IV. Device configuration instructions
- V. Link Configuring
- VI. Services, features and tools
- VII.GUI “InfiNet Wireless Router Manager”
- VIII.Recommendations
- IX. Supplementary information
InfiNet Wireless R5000 Technical User Manual
Copyright © 2004-2006 by InfiNet Wireless Limited.
42
VI. Services, features and tools
This chapter describes router’s built-in services, features and tools which were
not described in previous parts of the document. Descriptions provided in this
chapter are shortened. Full description is available in the OS WANFlex User
Guide.
1. Network services
MAC filter
The MAC filter (macf command) performs static mapping of IP-addresses to
MAC addresses in an Ethernet network. It may be useful for service providers
when they connect to their network a group of clients (such as individual users in
an apartment block) via one common access unit. In this case, clients may be
tempted to change their IP address to that of a neighbor, thus deceiving
provider's accounting system. Although it is almost impossible to definitely
resolve this issue, you can make however your life easier by directly mapping the
client's assigned IP-address to his/her MAC-address, because surreptitiously
modifying a MAC address is much more difficult for an average user.
NAT
NAT - network address translation according to rfc1631
NAT (nat command) allows solving to the certain extent the problem IPv4
address space exhausting. It means that several computers in the given LAN
may connect to Internet via the same public IP address. NAT-module receives
outgoing IP-packets, modifies sender's IP address to the public IP address and
forwards it to Internet. Sender's IP address is modified in such a way that it is
possible to identify the sender when IP packet received on the LAN incoming
interface and to forward the IP packet to the initial sender. NAT-module is similar
to natd and libalias from FreeBSD. Original manuals can help understand the
subject better.
Full support of H.323 protocol.
IP firewall
IP Firewall (ipfw command) is a mechanism of filtering packets crossing an IP
network node, according to different criteria. System administrator may define a
set of incoming filters (addincoming) and a set of outgoing filters
(addoutgoing). The incoming filters determine which packets may be accepted
by the node. The outgoing filters determine which packets may be forwarded by
the node as a result of routing.
Each filter describes a class of packets and defines how these packets should be
processed (reject and log, accept, accept and log).
Packets can be filtered based on the following properties:
• Protocol (IP, TCP, UDP, ICMP);
• Source address and/or destination address (and port numbers for TCP
and UDP);
• The network interface it arrived on;
• Whether the packet is a TCP/IP connection request (a packet attempting
to initiate a TCP/IP session) or not;
• Whether the packet is a head, tail or intermediate IP fragment;
• Whether the packet has certain IP options defined or not;