Reference Manual



admin - perform administrative functions for hosts
admin [ enable | disable | open|close]|[ip [disable|[enable [time]]|name]
admina [on|off]
adminb [on|off]
adminh [on|off]
admini [ [ on | off ]]
adminc ip|name
admind [enable|disable] [bps] [pps]
adminl [on|off]
admint [input|output]
adminp name
adminpw [password]
adminr registry|htab
adminu ip|name
adminlf [file]
admingf [file]
adminbf [file]
adminurl [url]


The NAT32 Host Administration feature allows Internet access for hosts to be selectively enabled or disabled. The admin feature is turned on or off with the commands admin enable or admin disable. Once enabled, command admini is used to turn the feature on or off for each available network interface. Individual hosts can then be enabled for a specified time or traffic volume, and they can be bandwidth limited.

Details of each detected host are stored in a Host Table that can be viewed and modified via specific admin commands or via the Administration Dialog Box. The dialog box can be displayed or closed either by clicking the toolbar icon or with the admin open or admin close commands. Closing the dialog box does not disable administration, although opening the dialog box does enable it.

Command admin with an IP address argument allows the specified machine to be either disabled, or enabled (after authorization) for a specifed number of minutes (time), or be assigned a name.

If only the IP address of an existing host is specified, the following details for that host are printed:

(Name) IP Start_Date Stop_Date UpTime State
[Bytes] <Bytes> [Limit] <Limit> [bps] <bps> <bps_limit> <pps_limit>

Name is an optional machine name.
IP is the IP address of that machine.
Start Date and Stop Date are printed as UNIX-style date and time strings.
UpTime is printed in seconds.
State is either Disabled, Enabled, or Authorized.
Usage details are Bytes in and out followed by Limit, bps in and out followed by the output bps_limit and finally, a packets per second output limit pps_limit.
Input values are enclosed in [], output values are enclosed in <>.

If the specified IP address is not in the host table, it will be added, and its enable state will be set to the default enable state, which is enabled, unless a previous admind command set the default enable state to disabled. New hosts have no output limits per default. The default limits can be adjusted with the admind command.

A host can be named by specifiying the IP address and a name.

If both the IP Address and a disable argument are specified, the usage time will be printed and subsequently set to 0. That computer will remain disabled until enabled with the enable command or until a user authenticates.

Command admina turns authorization checking on or off. When on, all traffic from a disabled host is blocked, except DNS traffic. TCP connections to a web server on the Internet result in redirection to the NAT32 web server and the page login.htm is served. The user must then enter a valid name before Internet access is granted.

Command adminp can be used to enable a machine with the specified name. This command is normally invoked from the login.htm file in order to enable a disabled machine if the user provides the correct name.

Command adminpw prints or sets the password required to perform administrative functions.

Command admind sets the default admin state to enabled or disabled, or prints the setting of the default state if no argument is specifed.

Command adminc deletes an entry specified via its IP address or Name from the Registry and the Host Table.

Command adminl turns the log feature on or off. With no argument, adminl prints the current log setting value.

Command adminr deletes the Admin Registry Key if registry is specified, or clears the Host Table if htab is specified.

Command adminu prints usage details for the user specified by an IP address or a Name.

Command admint specifies whether traffic throttles are to apply to input traffic or to output traffic.

All Internet traffic is monitored if admin functionality is enabled, except if NAT32 is in routing-only mode, in which case only outgoing traffic can be monitored because Internet traffic to private machines does not pass through NAT32.

The NAT32 filter functionality can be used to discard or delay specific packets. If such packets are discarded, they will not be seen by the admin function. Delayed packets will be queued for later transmission.

If the authorization option is set, Internet traffic from disabled hosts is only allowed after the user has obtained permission from NAT32. Web traffic is redirected to the page login.htm fetched from the NAT32 Web Server. The default login page prompts the user for a name, and an adminp name command is issued. If the name is valid, the machine is enabled and the default admin settings are applied. File good.htm is then loaded. If the name is invalid, file bad.htm is loaded. File good.htm contains a link to file user.htm that displays usage statistics every minute. All of the above files can be customised to meet special needs. Commands adminlf, admingf and adminbf can be used to specify the names of the login, good and bad files respectively.

For an example of a simple captive portal, see the files: login1.htm, good1.htm and bad1.htm.

Internet Connectivity Test URLs:

Filter, Log viewer, Routing Mode, Ptrace, Trace, Traffic Management