
ip <subcommand>

     These commands are used for the Internet Protocol service.


    ip access <permit|deny|delete> <proto> <sourceaddr[/bits]|all>
         <destaddr[/bits]|all> <iface>  [loport | all [hiport]]

     Display or set ip access controls. Controls packet routing via
     <iface> and determines which source ip addresses <sourceaddr>
     can route to which destination ip addresses <destaddr>.
     Default is to permit all sources to access all destinations,
     until the first IP access command is entered, at which point all
     routes via <iface> are denied unless specifcally permitted by
     subsequent ip access commands.

     Execution of this subcommand will add or delete an access control
     entry in an internal table.  Entries are scanned for an <iface> match,
     and then in the order they were added, to determine if access will
     be granted.  Access will be granted only if an entry matching <destaddr>
     and <sourceaddr> is found with "permit" set before a match with "deny"
     set, or no match is found.  The optional /bits suffix to the ipaddr
     specifies how many leading bits in the ipaddr are to be considered
     significant in the routing comparisons.  If not specified, 32
     bits (i.e., full significance) is assumed. All addresses can be
     specified by "all".  Access can be made protocol dependent via the
     <proto> parameter. <proto> may be 'a' for any, 't' for TCP, 'u'
     for UDP, 'i' for ICMP, or the IP protocol number. For UDP and TCP
     protocols, loport and hiport specify the port or 
     range of TCP or UDP ports for which the access control command applies.
     If none or all is specified, all ports are assumed.

     "ip access" will display the table of current access control entrys.
     Access commands should be entered from the most specific to the
     least specific, since the first match (permit or deny) encountered
     for a given interface in the internal table is returned.

     #Example:
         #allow a specific AMPRnet host access to the internet	
         ip access permit any 44.76.1.199 all eth0
         #but deny all others except DNS/Ping (UDP) access
         ip access permit udp 44/24 all eth0 all 
         #permit only AMPRnet hosts access to RF port
         ip access permit any 44/24 44/24 2m
          

    ip address [<addr>]

     Display or set the default local IP  address.  This  command
     must  be  given before  an  'attach' command if it is to be used
     as the default IP address for the interface.


    ip encap [4 | 94]

     Display or set the packet ID code used for transmitted IP-IP
     encapsulated packets.  As of 1 March 1995, the default pid is 4.


    ip heard

     Display the ip-heard list. This shows the recently heard tcp/ip
     systems. See also the 'ip hport' command.


    ip hport [<iface>] [on | OFF]

     Display or set the ip-heard facility.  If no argument is given,
     show the interfaces on which ip-heard is currently active. If
     <iface> is given, shows the status of the ip-heard flag for the
     given interface. If <iface> <on|off> is given, it will set the
     flag on or off.   Default is off.
     
     If this flag is on, ip heard frames will be logged in a table.
     This table can be shown with the 'ip heard' command or with the
     nodeshell 'IHeard' command.  Ip-heard logging on ax.25 interfaces
     logs all ip stations heard on the port, even if the system wasn't
     directly involved in the ip activity.  For non-ax.25 interfaces,
     only ip frames that we were actively involved in (i.e. that we
     routed) are logged. (this difference is due to code internals)
     
          ip hport port1 on


    ip hsize [n]                                       Default: 8

     Display or  set the maximum size of  the Ip heard table. 0 means
     no limit.
     

    ip rtimer [<seconds>]                              Default: 30

     Display or set the IP reassembly time-out.
     

    ip status

     Display Internet Protocol (IP) statistics, such as total packet
     counts and error counters of various types.

    ip ttl [<hops>]

     (B)  Display or set the default time-to-live value placed in each
     outgoing IP datagram.  This limits the number of switch hops the
     datagram will be allowed to take.  The idea is to bound the
     lifetime of the packet should it become caught in a routing loop.
     You should make the value slightly larger than the number of hops
     across the network you expect to transit packets.  The default is
     set at compilation time to 255, the official recommended value
     for the Internet.


