Rainbow Electronics GM862-QUAD-PY User Manual

Page 359

Advertising
background image




AT Commands Reference Guide

80000ST10025a Rev. 5 - 09/07/08

Reproduction forbidden without Telit Communications S.p.A. written authorization - All Rights Reserved

page 359 of 434

#FRWL - Firewall Setup

SELINT 0 / 1


Note: the firewall applies for incoming (listening) connections only.

Firewall general policy is DROP, therefore all packets that are not included
into an ACCEPT chain rule will be silently discarded.

When a packet comes from the IP address incoming_IP, the firewall chain
rules will be scanned for matching with the following criteria:

incoming_IP & <net_mask> = <ip_addr> & <net_mask>

If criteria is matched, then the packet is accepted and the rule scan is
finished; if criteria is not matched for any chain the packet is silently
dropped.

Note: If all parameters are omitted the command reports the list of all
ACCEPT chain rules registered in the Firewall settings in the format:
#FRWL: <ip_addr>,<net_mask>
#FRWL: <ip_addr>,<net_mask>
….
OK

AT#FRWL?

Read command has the same effect as Execution command when
parameters are omitted.

AT#FRWL=?

Test command returns the allowed values for parameter <action>.

Example

Let assume we want to accept connections only from our
devices which are on the IP addresses ranging from
197.158.1.1 to 197.158.255.255


We need to add the following chain to the firewall:
AT#FRWL=1,"197.158.1.1","255.255.0.0"
OK

Note

For outgoing connections made with #SKTOP and #SKTD the remote host
is dynamically inserted into the ACCEPT chain for all the connection
duration. Therefore the #FRWL command shall be used only for defining
either the #SKTL or the @SKTL behaviour, deciding which hosts are
allowed to connect to the local device.

Rules are not saved in NVM, at startup the rules list will be empty.


#FRWL - Firewall Setup

SELINT 2

AT#FRWL=
[<action>,
<ip_address>,
<net mask>]

Execution command controls the internal firewall settings.

Parameters:
<action> - command action
0 - remove selected chain
1 - add an ACCEPT chain
2 - remove all chains (DROP everything); <ip_addr> and <net_mask>

Advertising
Popular Brands
Popular manuals