-
Notifications
You must be signed in to change notification settings - Fork 8
/
Copy pathngcli.1
379 lines (379 loc) · 9.66 KB
/
ngcli.1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
.TH NGCLI "1" "September 2014" "NgAdmin 0.1" "User Commands"
.SH NAME
ngcli \- command line interface tool for GS10[58]E administration
.
.SH SYNOPSIS
ngcli [\fIOPTIONS\fR]
.
.SH DESCRIPTION
.
.PP
This is a cli tool intended for administration of Netgear switches that use
NSDP. Currently, only the GS105E and GS108E are concerned.
.br
It uses the readline library (if enabled at compilation) to read command lines
and supports command auto-completion with the TAB key.
.
.SH OPTIONS
.
.TP
.B "\-a, \-\-batch"
By default, NgCli uses readline to provide an interactive command line
interface. You can disable this and use basic text input, which can be useful
for scripting purposes. You can also see \fB\-m\fR, \fB\-p\fR and \fB\-r\fR
options.
.br
If readline is disabled at compilation time, it is the default and only choice.
.
.TP
.B "\-b, \-\-keep\-broadcasting"
Keep broadcasting even when talking with a particular switch.
By default, once you login on a switch, NgAdmin talks with it using unicast.
This prevents the password from being sent to all your network. The switch
still replies using broadcast, but the password is not included in the replies.
.br
This option allows you to disable this feature and do like the official Windows
application that always use broadcast packets. This also allows to configure a
switch which is not on your network range without forcing the interface.
.br
When you enable this option, you must be aware that on every modification
you make, your password is broadcasted to all your network.
.
.TP
.B "\-f, \-\-force\-interface"
Force traffic to go through the specified interface. This can be useful when
you have multiple interfaces or the switch is not on your network range.
.br
Requires root privileges.
.
.TP
.B "\-h, \-\-help"
Show basic help instructions.
.
.TP
\fB\-i, \-\-interface\fI iface
Set the interface to use to \fIiface\fR. Defaults to eth0 when not specified.
However, this does not force the traffic to go through this interface.
If you have multiple interfaces, you can use \fB\-l\fR or \fB\-f\fR options.
.
.TP
.B "\-l, \-\-local\-broadcast"
By default, NgCli uses the global broadcast address (255.255.255.255) to send
data to all the network. With this option, the interface broadcast address will
be used instead (for example 192.168.1.255). This can be useful to force
traffic to go through the specified interface without forcing the interface.
.br
However, some switches seem to ignore packets sent to this type of addresses.
.
.TP
\fB\-m, \-\-mac\fI mac
Enable automatic login. NgCli will automatically scan the network and try to
login on the switch with the MAC address \fImac\fR. \fImac\fR must be specified
as six hexadecimal bytes separated by a colon.
.
.TP
\fB\-p, \-\-password\fI password
Set the password to use with automatic login to \fIpassword\fR. Be aware that
the password will be part of the command line, which means everybody on the
machine can do a "ps" to see it.
.
.TP
\fB\-r, \-\-retries\fI count
Set the maximum scan and login attempts in automatic login mode to \fIcount\fR.
Defaults to 3 when not specified and 0 means unlimited attempts.
.
.TP
\fB\-t, \-\-timeout\fI value
Define the maximum to wait for switch replies in \fIvalue\fR milliseconds.
Defaults to 4 seconds when not specified.
.
.
.SH COMMANDS
.
.TP
\fBbitrate set\fR [ all [ inout \fIspeed\fR ] [ in \fIspeed\fR ] \
[ out \fIspeed\fR ] ] [ \fIport\fR [ inout \fIspeed\fR ] [ in \fIspeed\fR ] \
[ out \fIspeed\fR ] ] [...]
Set the bitrate limit on several several \fIport\fR. Setting the first port to
"all" assigns the same value to all the ports.
.br
Acceptable \fIspeed\fR values are:
nl (no limit), 512K, 1M, 2M, 4M, 8M, 16M, 32M, 64M, 128M, 256M, 512M
.
.TP
\fBbitrate show
Show bitrate limitation configuration.
.
.TP
\fBcabletest\fI port\fR [...]
Perform a cable test on one or several \fIport\fR.
.
.TP
\fBdefaults
Reset the switch to the defaults parameters. Automatically delogs from the
current switch.
.
.TP
\fBfirmware show
Show the current firmware version.
.
.TP
\fBfirmware upgrade\fI file
Upgrade the firmware contained in the \fIfile\fR.
.
.TP
\fBhelp
Display all the commands.
.
.TP
\fBigmp set \fIenable vlan validate block
Set IGMP filtering related options. \fIenable\fR, \fIvalidate\fR and
\fIblock\fR must set either to 0 to disable or 1 to enable. \fIvlan\fR must be
a VLAN number.
.br
\fIenable\fR : enable or disable IGMP filtering
.br
\fIvlan\fR : VLAN number on which the filtering is performed
.br
\fIvalidate\fR : enable or disable IGMPv3 header validation
.br
\fIblock\fR : enable or disable blocking of unknown addresses
.
.TP
\fBigmp show
Show IGMP filtering configuration.
.
.TP
\fBlist
List the detected switches on the network.
.
.TP
\fBlogin \fIid
Login on switch with ID \fIid\fR. The \fBlist\fR command shows IDs of detected
switches. This command delogs from the current switch, whether the login
attempt is successful or not.
.
.TP
\fBloop disable
Disable loop detection.
.
.TP
\fBloop enable
Enable loop detection.
.
.TP
\fBloop show
Show loop detection configuration.
.
.TP
\fBmirror disable
Disable port mirroring.
.
.TP
\fBmirror set\fI outport\fR clone\fI port\fR [...]
Enable port mirroring, copy data from one or several \fIport\fR and output
data on \fIoutport\fR. Obviously, \fIoutport\fR must not be in the source ports
list.
.
.TP
\fBmirror show
Show port mirroring configuration.
.
.TP
\fBname clear
Clear the switch name.
.
.TP
\fBname set\fI name
Set the switch name to \fIname\fR.
.
.TP
\fBname show
Show the switch name.
.
.TP
\fBnetconf show
Show the network configuration.
.
.TP
\fBnetconf set\fR [ dhcp yes|no ] [ ip \fIip\fR ] [ mask\fI mask\fR ] \
[ gw\fI gw\fR ]
Set various network related options. \fIip\fR, \fImask\fR and \fIgw\fR must be
IPv4 addresses in dotted quad form.
.br
dhcp : enable or disable DHCP client on the switch
.br
ip : set the switch IP to \fIip\fR
.br
mask : set the switch netmask to \fImask\fR
.br
gw : set the switch gateway to \fIgw\fR
.
.TP
\fBpassword change\fR [ \fIpassword\fR ]
Change the switch password to \fIpassword\fR. If not specified, it is asked
from user (with terminal echo disabled).
.
.TP
\fBpassword set\fR [ \fIpassword\fR ]
Set the password used to connect to \fIpassword\fR. If not specified, it is
asked from user (with terminal echo disabled).
.
.TP
\fBports state
Show the ports state and speed.
.
.TP
\fBports statistics reset
Reset the ports statistics.
.
.TP
\fBports statistics show
Show the ports statistics.
.
.TP
\fBqos mode\fR port|802.1p
Set QoS mode to either port based or 802.1p based.
.
.TP
\fBqos set\fR all\fI prio
In port based mode, set all ports priority to \fIprio\fR.
.br
Acceptable values for \fIprio\fR are high, medium, normal and low.
.
.TP
\fBqos set \fIport prio\fR [...]
In port based mode, set priority of several couples of \fIport\fR to \fIprio\fR.
\fIprio\fR is the same format as in the above command.
.
.TP
\fBqos show
Show QoS configuration.
.
.TP
\fBquit
Exit NgCli.
.
.TP
\fBrestart
Restart the switch.
.
.TP
\fBscan
Scan the network for switches.
.
.TP
\fBstormfilter enable
Enable storm filtering.
.
.TP
\fBstormfilter disable
Disable storm filtering.
.
.TP
\fBstormfilter set\fR all\fI speed
Set the storm filter bitrate of all ports to \fIspeed\fR. \fIspeed\fR is the
same format as in the \fBbitrate set\fR command.
.
.TP
\fBstormfilter set\fI port speed\fR [...]
Set the storm filter bitrate of several couples of \fIport\fR to \fIspeed\fR.
\fIspeed\fR is the same format as in the \fBbitrate set\fR command.
.
.TP
\fBstormfilter show
Show storm filtering configuration.
.
.TP
\fBtree
Display all the commands and their subcommands.
.
.TP
\fBvlan 802.1q del\fI vlan
Delete 802.1Q VLAN \fIvlan\fR.
.
.TP
\fBvlan 802.1q set\fI vlan\fR [ all unspec|no|untagged|tagged ] \
[ \fIport\fR unspec|no|untagged|tagged ] [...]
In 802.1Q based mode, set a particular VLAN membership of several \fIport\fR.
\fIvlan\fR is a VLAN number between 1 and 4093 inclusive.
Setting the port of the first couple to "all" assigns the same value to all the
ports.
.br
Also do not forget to set the PVID configuration as well with the
\fBvlan pvid set\fR command.
.br
When creating a new VLAN, no port must be in an unspecified state or the VLAN
creation will fail.
.br
Acceptable membership values are:
.br
unspec : unspecified (default), the configuration of this port is left unchanged
.br
no : the port is not member of this VLAN
.br
untagged : the port is member of this VLAN as untagged
.br
tagged : the port is member of this VLAN as tagged
.
.TP
\fBvlan 802.1q show
Show 8021Q based VLAN configuration.
.
.TP
\fBvlan mode set\fI mode
Set VLAN mode to \fImode\fR, acceptable values are:
.br
0 - disabled
.br
1 - basic port based
.br
2 - advanced port based
.br
3 - basic 802.1Q
.br
4 - advanced 802.1Q
.
.TP
\fBvlan mode show
Show VLAN mode.
.
.TP
\fBvlan port set\fR [ all\fI vlan\fR ] [ \fIport vlan\fR ] [...]
In port based mode, set the VLAN membership of several couples of \fIport\fR to
\fIvlan\fR. Setting the port of the first couple to "all" assigns the same VLAN
to all the ports.
.br
\fIvlan\fR is a VLAN number between 1 and 9 inclusive.
.
.TP
\fBvlan port show
Show port based VLAN configuration.
.
.TP
\fBvlan pvid set\fI port vlan
Set \fIport\fR PVID to \fIvlan\fR.
.
.TP
\fBvlan pvid show
Show VLAN PVID configuration.
.
.SH BUGS
.
.PP
Firmware upgrade is not implemented, because it would require some work in the
library and a TFTP client.
.br
And overvall, it could be dangerous, as it is not sure that the switch checks
whatever you send to it, which could lead to a bricked device.
.
.PP
Cabletest is not totally reversed, only raw values are shown.
.br
Also, you must manually increase timeout to be able to receive results.
.
.PP
Saving and loading whole configuration into/from a file is not implemented.
.
.SH AUTHOR
Written by Hervé Boisse ([email protected]).