20 gprs data volume - #gdatavol – Rainbow Electronics GM862-QUAD-PY User Manual

Page 360

Advertising

AT Commands Reference Guide

80000ST10025a Rev. 5 - 09/07/08

page 360 of 434

#FRWL - Firewall Setup

SELINT 2

has no meaning in this case.

<ip_addr> - remote address to be added into the ACCEPT chain; string

type, it can be any valid IP address in the format:
xxx.xxx.xxx.xxx

<net_mask> - mask to be applied on the <ip_addr>; string type, it can be

any valid IP address mask in the format: xxx.xxx.xxx.xxx

Command returns OK result code if successful.

Note: the firewall applies for incoming (listening) connections only.

Firewall general policy is DROP, therefore all packets that are not included
into an ACCEPT chain rule will be silently discarded.

When a packet comes from the IP address incoming_IP, the firewall chain
rules will be scanned for matching with the following criteria:

incoming_IP & <net_mask> = <ip_addr> & <net_mask>

If criteria is matched, then the packet is accepted and the rule scan is
finished; if criteria is not matched for any chain the packet is silently
dropped.

AT#FRWL?

Read command reports the list of all ACCEPT chain rules registered in the
Firewall settings in the format:

#FRWL: <ip_addr>,<net_mask>
#FRWL: <ip_addr>,<net_mask>
….
OK

AT#FRWL=?

Test command returns the allowed values for parameter <action>.

Example

Let assume we want to accept connections only from our
devices which are on the IP addresses ranging from
197.158.1.1 to 197.158.255.255

We need to add the following chain to the firewall:
AT#FRWL=1,"197.158.1.1","255.255.0.0"

Note

For outgoing connections made with #SKTOP and #SKTD the remote host
is dynamically inserted into the ACCEPT chain for all the connection
duration. Therefore the #FRWL command shall be used only for defining
the #SKTL behaviour, deciding which hosts are allowed to connect to the
local device.

Rules are not saved in NVM, at startup the rules list will be empty.

3.5.7.5.20 GPRS Data Volume - #GDATAVOL

Advertising