Montavista Linux For Mb86977 e

MB86977 Montavista-Linux
Manual
2004/07/23
FUJITSU LSI SOLUTION LIMITED

Table of Contents
１．Introduction.............................................................................. 3
２．Structure of the system ........................................................... 3
３．Outline of the system............................................................... 4
４．CM_LINUX............................................................................... 5
４．１． Network interfaces ............................................................. 5
４．２． Device node addition........................................................... 7
５．The Camelotd daemon ............................................................. 8

５．１．System activation ................................................................ 8
５．２．Internal information .......................................................... 11
５．３．User mode and Kernel mode ............................................... 18
６．Using the Camelot Router ..................................................... 19

６．１．NAT ................................................................................. 19
６．２．IP Forwarding ................................................................... 21
６．３．PPPOE ............................................................................. 22
６．４ The Filter ........................................................................... 23
６．５．The filter counter ............................................................... 25
６．６．The Filter log .................................................................... 26
６．７．ＤＭＺ............................................................................... 27
６．８．ＱＯＳ............................................................................... 29
７． Debugging............................................................................. 31
1. Introduction
This document describes a system based on MontaVista’s Linux for the MB86977
developed by MontaVista Software Inc.
2. Structure of the system

The development board features a CPU(ARM), SDRAM(8Mbyte), FLASH(8Mbyte),
MB86977(Camelot) and was developed by Elmic Systems. The system consists of a
daemon (“camelotd”) and a Linux system specially designed for MB86977
(“CM_LINUX”).
3. Outline of the system
The following diagram is a basic idea of the system which we shall call the “Camelot
router”. The CM_LINUX(in grey) operates as a router. Normally, routing will be
processed as shown by the blue arrows. Camelot is controlled by the camelotd (in pink)
in this CM_LINUX system. Camelotd receives information (such as connection
information) from the netfilter(sky blue) and netlink(yellow arrows) functions, and
registers/deletes connection information from Camelot as required (pink arrows). From
then on, packets that match the registered connection information will pass through
Camelot (the black arrows), hence resulting in a router that can route packets at high
speeds.
The above is an explanation of user-mode Camelot. There is also a kernel-mode Camelot
(red arrows) that can register/delete connections from camelot even faster. We shall look
into this later in Chapter 5.3.
CAMELOTD
User
Stack
NETFILTER
Kernel
Routing
Driver
CAMELOT
HardWare
Network
4. CM_LINUX
Normally a driver is developed for new hardware when adding it to the Linux kernel,
however for Camelot, we must revise the netfilter and also add netlink functionality, (of
which the details we shall not dwelve into here), and also alter other things which shall
be explained below.
4.1. Network interfaces

The names assigned to the network interfaces differ, as shown below. (comments are in
blue)
root@192.168.1.1:/usr# ifconfig -a
cm0 Link encap:Ethernet HWaddr 00:90:99:18:72:9C
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:25064 errors:0 dropped:0 overruns:0 frame:0
TX packets:17251 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:15248179 (14.5 Mb) TX bytes:2568011 (2.4 Mb)
The LAN interface.
cm1 Link encap:Ethernet HWaddr 00:90:99:18:72:9C
inet addr:192.168.2.1 Bcast:192.168.2.255 Mask:255.255.255.248
RX bytes:246371 (240.5 Kb) TX bytes:180680 (176.4 Kb)
The DMZ interfaces. This interface shall be displayed regardless of whether it is in use
or not.
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
ppp0 Link encap:Point-to-Point Protocol

inet addr:218.43.19.231 P-t-P:219.160.1.113 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1454
Metric:1
The PPP Interface. This will be displayed only when a PPPoE connection has been
established.
wan0 Link encap:Ethernet HWaddr 00:90:99:18:72:9C
The WAN Interface.
4.2. Device node addition
Camelot can keep track of when FIN, RST packets for a specific connection have been
received, and request to the CM_LINUX for deletion of the connection information.
CM_LINUX uses a special device node miscdevice to signal this to camelotd.
Please use the mknod command to create the device node.

root@192.168.1.1:/usr# mknod /dev/camelot_misc c 10 230
5. The Camelotd daemon
5.1. System activation
Camelotd is activated in the background, and can be killed by the kill command
(without a –9).
root@192.168.1.1:/usr# camelotd –c configuration_file –D0 &
The options for the camelotd daemon. (Comments are in blue)

"-h " Help.
"-c <file> " specify configuration file.
"-s " activate in background (cannot be used with –f)
"-d " increment the debug level
"-t " increment the trace level
"-D<level> " assign the debug level
"-T<level> " assign the trace level
"-l " add timestamp to log
"-r " the timestamp will be the real time
"-Z " enable DMZ mode
"-f <file> " Store debug log in <file> (cannot be used with –s)
"-m " Use kernel-mode. (the default is user-mode)
The configuration file is as follows (comments are in blue)
………
# Tag IPv WAN IP WAN DMZ IP DMZ TOS/TC Flow
# (4/6) Port Port Label
QOS 4 216.136.204.117 0 192.168.2.10 0 0 0
The machine you want to prioritize shall be addressed here. Comment out if not
necessary.
………
# Tag IEEE Addr Interface Dynamic WAN Comp DMZ Comp
# (colon-separated) (see above) (0/1) (0/1) (0/1)
L2 00:11:22:33:44:55 1 1 0 0
L2 99:AA:BB:CC:DD:EE 2 1 1 0
MAC Addresses can be registered statically. Comment out if not needed.
………
# Tag Timeout Period Poll Period
# (sec) (sec)
CT 50 20
The timeout and polling interval.
Debug levels. The default is 1.
DBG_PANIC = 0
DBG_WARN =1
DBG_INFO = 2
DBG_LOW =3
DBG_LOWER = 4
DBG_LOWEST= 5
Trace levels. The default is 1.

TRACE_ALL = 0
TRACE_HIGH = 1
TRACE_MED =2
TRACE_LOW =3
TRACE_LOWER= 4
Be sure to assign a debug log file when using any debug level other than 0. If the debug
level is larger than 2, allocate more memory for the socket receive buffer as shown
below.
echo 65535 > /proc/sys/net/core/rmem_default'

5.2. Internal information
The status of Camelot can be monitored via the network by telnet from a different
machine after the camelotd daemon is started.
LAN WAN
PC Camelot router
192.168.1.10 192.168.1.1
Prompt> telnet 192.168.1.1 12345

Trying 192.168.1.1...
Connected to 192.168.1.1.
Escape character is '^]'.
The above shows a successful telnet attempt (the prompt will not return). Commands
may be entered such as the following.
quit - exit shell

show - show tables
matches - show match table (since last match poll)
flush - flush tables & state
flush_ipf - flush IPF/NAT table
flush_l2 - flush L2 table
flush_filt_counts - flush (reset) filter counts
get - get kernel state & populate tables
dump - dump chip internal tables
We shall continue with an explanation of the most frequently used commands.

Most of the general status of Camelot (such as entry and filter information) can be
obtained by the dump command, as can be seen below (comments are in blue, entry and
filter information are in red). Details about what each value means can be found in the
MB86977 User’s Manual.
Chip table dump:

Direction Analyzing Table:
0: IPv4 a1 192.168.1.0 a2 0.0.0.0 m1 255.255.255.0 m2 0.0.0.0
1: IPv4 a1 192.168.2.1 a2 0.0.0.0 m1 255.255.255.255 m2 0.0.0.0
The direction of the WAN and LAN ports as seen from the DMZ in the direction table
when the DMZ has been enabled.
L2 Table:
Lkup Control Register: DMZ Mode Enabled, No Match Bits: 7
Entry 1: mac 00909918729c intf host STAT WAN DMZ
Entry 2: mac ffffffffffff intf host STAT WAN DMZ
Entry 3: mac 0002b3ecf0db intf LAN0 DYN
Entry 4: mac 0090991878b3 intf LAN1 DYN
The L2 MAC Address Table.
QOS:
0: DMZ ctl 0x000000c5 IPv4 sa 192.168.2.10 da 216.136.204.117 sp 0000 dp 0000 tos
0000 fl 0000
0: WAN ctl 0x000000c5 IPv4 sa 216.136.204.117 da 218.43.19.231 sp 0000 dp 0000 tos
0000 fl 0000
The QoS Table. This table will be advertized only after the machines stated in the
camelotd.cfg have started communication.
NAT/IPF:
0: i 192.168.1.30 e 216.136.204.117 n 218.43.19.231 ip 8017 ep 0050 np 8017
id 0001 ed 0010 ctrl 00311001
lma 0002b3ecf0db wma 00057454bc06
1: i 192.168.1.30 e 216.136.204.117 n 218.43.19.231 ip 8018 ep 0051 np 8018
id 0001 ed 0010 ctrl 00311001
lma 0002b3ecf0db wma 00057454bc06
2: i 192.168.2.10 e 216.136.204.117 n 218.43.19.231 ip 9000 ep 0052 np 9000
id 0008 ed 0020 ctrl 00312001
lma 0002b3e380aa wma 00057454bc06
There are three entries in the NAT table (Entry number 2 is in sync with the QoS table)
FILTER: filter mode/mask: 0x00000000 / 0x00000000
The Filter mode and the subnet mask.
filters in-ip
0: s 0.0.0.0 d 0.0.0.0 dp ffff:0000 sp ffff:0000
protocol value is 1245235 (0x130033)
TCP,L4_dont_care_dst,L4_dont_care_src,v4_dont_care_dst,v4_dont_care_src,ipv4,entry
_valid
log,pass,ack_fg_en_0,wan,
1: s 0.0.0.0 d 0.0.0.0 dp 0000:0000 sp 0000:0000
ICMP,L4_dont_care_dst,L4_dont_care_src,v4_dont_care_dst,v4_dont_care_src,icmp_do
nt_care,ipv4,entry_valid
log,pass,wan,
2: s 0.0.0.0 d 0.0.0.0 dp ffff:0000 sp 0035:0035
UDP,L4_src_range,L4_dont_care_dst,v4_dont_care_dst,v4_dont_care_src,ipv4,entry_va
lid
3: s 0.0.0.0 d 0.0.0.0 dp 0000:0000 sp 0000:0000
DONTCARE,L4_dont_care_dst,L4_dont_care_src,v4_dont_care_dst,v4_dont_care_src,ip
v4,entry_valid
log,drop,wan,
There are four entries in the L3/L4 in-side filter table.
filters in-protocol:
Nothing is registered in the protocol type in-side filter table.
filters out-ip:
Nothing is registered in the L3/L4 in-side filter table.
filters output-protocol:
Nothing is registered in the protocol type out-side filter table.
filter counts, in :
[0]=15860 [1]=3 [2]=332 [3]=679
The total number of packets that matched the in-side filter is displayed.
filter counts, out:
Since there are no entries in the out-side filter, nothing is displayed.
Filter log:
status 0000000e
This displays whether there is a log of the packet that has matched the filter. (This will
be displayed only once since the log will be read-cleared)
log input
#2: cause L3/4 filter, table_id 3, dest_if 16, pkt len 74,
The contents of the packet that has matched an in-side filter entry.
log output
Nothing is displayed since there are no entries in the out-side filter table.
PPPoE
0: sess id f22b code 00 type 1 version 1
The header information is displayed if a PPPoE connection has been established.
The show command is used to display the internal information of Camelotd and can be
seen in the following example (the information is in red, comments are in blue)
State dump:
Interfaces:
wan0 0.0.0.0/0.0.0.0 00:90:99:18:72:9c
pppoe 218.43.19.231/255.255.255.255
using PPPOE-WAN mode, sid 0000f22b
cm0 192.168.1.1/255.255.255.0 00:90:99:18:72:9c
cm1 192.168.2.1/255.255.255.248 00:90:99:18:72:9c
cm2 0.0.0.0/0.0.0.0 00:00:00:00:00:00
The names, addresses, subnet masks, and MAC address of each of Camelot router
network interface.
Neighbor table:
192.168.2.3 00:90:99:18:99:9c
192.168.2.4 00:90:99:18:8c:6e
192.168.2.2 00:e0:00:34:d9:20
192.168.1.20 00:90:99:18:78:b3
219.160.1.113 00:05:74:54:bc:06
192.168.1.30 00:02:b3:ec:f0:db
The MAC and IP Addresses of neighboring machines.
Internal QOS Table:
1: IPv4 211.129.14.134:0035 -> 192.168.2.2:0000 0 0 (0 refs)
The machine to be prioritized defined in camelotd.cfg
Connection track table:
protocol 17
orig: proto 17 192.168.2.2:1624 -> 192.168.2.1:53
reply: proto 17 192.168.2.1:53 -> 192.168.2.2:1624
protocol 17
orig: proto 17 192.168.2.2:1623 -> 192.168.2.1:53
reply: proto 17 192.168.2.1:53 -> 192.168.2.2:1623
protocol 17
orig: proto 17 192.168.2.2:1622 -> 192.168.2.1:53
reply: proto 17 192.168.2.1:53 -> 192.168.2.2:1622
protocol 17
orig: proto 17 192.168.2.2:1621 -> 192.168.2.1:53
reply: proto 17 192.168.2.1:53 -> 192.168.2.2:1621
protocol 17
orig: proto 17 192.168.2.2:1620 -> 192.168.2.1:53
reply: proto 17 192.168.2.1:53 -> 192.168.2.2:1620
protocol 17
orig: proto 17 192.168.2.2:1619 -> 192.168.2.1:53
reply: proto 17 192.168.2.1:53 -> 192.168.2.2:1619
The information of all managed connections. There are six such connections here. Each
entry shows the protocol type, the Source IP Address of the orig and reply address :
Source Port number -> Destination IP Address : Destination Port number.
Filter (ip_tables) table:
name 'nat'
This will be displayed only when the NAT function has been started by the iptables
command.
name 'filter'
This will be displayed only when the packet filter function has been started by the
iptables command.
Chip matches:
01
This shows whether there is a packet using a connection registered in Camelot’s tables.
The entry number such connection will be displayed.
Use the matches command when you want to display only the “Chip matches” of the
show command.
Chip matches:
01
5.3. User mode and Kernel mode
When the camelotd is in user-mode, the CM_LINUX will switch between user and
kernel context numerous times until the netfilter has completed establishing a
connection and registered it to Camelot. This occurs since camelotd and netlink
communicate information via netlink and this can become quite a burden on the system.
Under extreme conditions (such as when connections are continuously
registered/deleted from all 128 entries), the entries may not be registered/deleted fast
enough. In such cases, we recommend you to use kernel mode. This will eliminate
switching between the user and kernel contexts, and only information will be signaled
to Camelotd. This will unload the system from load considerably, and will allow it to
operate under extreme conditions.
Kernel mode can be started by the following command.

root@192.168.1.1:/usr# camelotd –c configuration_file –D0 –m &
User mode can be started by eliminating the –m.
root@192.168.1.1:/usr# camelotd –c configuration_file –D0 &
6. Using the Camelot Router
6.1. NAT
Start camelotd under user-mode, and set CM_LINUX to the NAT mode.
For TCP connections, after a syn packet has been forwarded, and the corresponding ack
packet has been received, the netfilter will acknowledge that the connection has been
established. This is signaled to camelotd, and camelotd will gather the necessary
information (such as MAC Addresses) and issue a ioctl system call to register the
connection to the Camelot device driver. The Device driver will register the information
to Camelot’s hardware, and any following packets that match this entry will be routed
by Camelot (1).
For UDP connections, a connection will be considered to be established when packets
with matching port number fields have been received from opposite directions ( of
course the source and destination port fields will be reversed for packets in opposite
directions). The rest is the same as how a TCP connection is handled.
When a packet indicating the closing of a connection (such as FIN or RST) has been
received, an interrupt will be asserted by Camelot and signaled to the CM_LINUX. The
CM_LINUX will acknowledge this interrupt and signal a connection closing to camelotd,
and camelotd will issue a connection deletion command to the Camelot device driver via
an ioctl system call. The device driver will delete the corresponding entry from
Camelot’s table. (2)
In the case that an entry cannot be deleted by the normal procedure described above
(such as when the sequence of a TCP connection has corrupted, or for UDP connections),
the camelotd daemon has a timeout function that will periodically monitor the
connections. There are no restrictions to the timeout period, and can be set in the
Camelotd.cfg file.
The following is a Camelot router setup example.

root@192.168.1.1:/usr# camelotd –c camelotd.cfg –D0 & (3)
root@192.168.1.1:/usr# echo -n "1" >/proc/sys/net/ipv4/ip_forward
root@192.168.1.1:/usr# ifconfig wan0 1.1.1.1 netmask 255.255.255.0
root@192.168.1.1:/usr# ifconfig cm0 192.168.1.1 netmask 255.255.255.0
root@192.168.1.1:/usr# iptables -t filter -F INPUT
root@192.168.1.1:/usr# iptables -t filter -F OUTPUT
root@192.168.1.1:/usr# iptables -t filter -F FORWARD
root@192.168.1.1:/usr# iptables -t nat -F PREROUTING
root@192.168.1.1:/usr# iptables -t nat -F OUTPUT
root@192.168.1.1:/usr# iptables -t nat -F POSTROUTING
root@192.168.1.1:/usr# iptables -t nat -A POSTROUTING -o wan0 -j MASQUERADE
Next we shall explain the difference between kernel mode and user mode. The
differences are the in the texts in green above(1,2,3), and is as following.
(1) For TCP connections, when a syn packet has been forwarded, and the corresponding
ack packet has been received, the netfilter will acknowledge that the connection has
been established. Netfilter will gather the necessary information (such as MAC
Addresses) and execute the device driver so it will register the information to Camelot’s
hardware, causing any following packets that match this entry to be routed by Camelot.
(2) When a packet indicating the closing of a connection (such as FIN or RST) has been
received, an interrupt will be asserted by Camelot and signaled to the CM_LINUX. The
CM_LINUX will acknowledge this and cause the Camelot device driver to delete the
corresponding entry from Camelot’s table. Then camelotd is informed that the
connection has been deleted.
(3) root@192.168.1.1:/usr# camelotd –c camelotd.cfg –D0 –m &
The only differences between kernel and user mode have been explained above.
Therefore, from here on we shall describe only user mode.
6.2. IP Forwarding
Camelotd is started, and CM_LINUX is set to IP Forwarding mode. The basic operation
is the same as NAT except for the fact that the port number will be “don’t care”. Stated
differently, since IP forwarding is based solely on the Addresses, once the entry has been
registered, packets will be forwarded regardless of their port number. There are no
packet monitoring functions that will delete connections. In principle, connections can
only be deleted by timeout functions.
The following is an example of a Camelot router setup.

root@192.168.1.1:/usr# camelotd –c camelotd.cfg –D0 &
6.3. PPPOE
Put CM_LINUX into NAT (IP Forwarding) mode and start the camelotd, pppd, and
pppoe daemons. The pppoe connection will be treated similarly to the NAT (IP
Forwarding) connection as described above.
The following is an example of a Camelot NAT setup. (Here we are using ppp-2.4.1, and
kernel mode rp-pppoe-3.5 by Roaring Penguin Software)
root@192.168.1.1:/usr# iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
root@192.168.1.1:/usr# iptables -A FORWARD -o ppp0 -p tcp --tcp-flags SYN,RST SYN -j
TCPMSS --clamp-mss-to-pmtu
(may be -set-mss 1412 instead of --clamp-mss-to-pmtu)
root@192.168.1.1:/usr# iptables -A FORWARD -i ppp0 -p tcp --tcp-flags SYN,RST SYN -j
TCPMSS --clamp-mss-to-pmtu
root@192.168.1.1:/usr# adsl-start
….connected!
6.4. The Filter
The filters are set by iptables. iptables may be used as it is normally used, and the
values will be set to both CM_LINUX and Camelot. However, since Camelot can not
support all settings by iptables, here we shall explain the differences between Camelot
and Linux’s filter.
The INPUT in iptables will be mapped to the “in-side” as defined by Camelot, and
FORWARD and OUTPUT will be mapped to the “out-side”.
Camelot supports only one subnet mask for all entries.
Camelot has 64 in-side and out-side entries.
The following are four examples of how the filter is set and how the results are shown by
the dump command. (comments are in blue)
root@192.168.1.1:/usr# iptables -A FORWARD -p tcp --tcp-flags ACK ACK -i ppp0 -j

ACCEPT
The dump command will display,
0: s 0.0.0.0 d 0.0.0.0 dp ffff:0000 sp ffff:0000
TCP,L4_dont_care_dst,L4_dont_care_src,v4_dont_care_dst,v4_dont_care_src,ipv4,entry
_valid
This entry indicates that a TCP packet with the ACK bit asserted has been received
from the ppp0 interface.
root@192.168.1.1:/usr# iptables -A FORWARD -p icmp -i ppp0 -j ACCEPT

The dump command will show
1: s 0.0.0.0 d 0.0.0.0 dp 0000:0000 sp 0000:0000
ICMP,L4_dont_care_dst,L4_dont_care_src,v4_dont_care_dst,v4_dont_care_src,icmp_do
nt_care,ipv4,entry_valid
log,pass,wan,
This entry indicated that an ICMP packet as been received from the ppp0 interface.
root@192.168.1.1:/usr# iptables -A FORWARD -p udp --sport 53 -i ppp0 -j ACCEPT
The dump command will exhibit
2: s 0.0.0.0 d 0.0.0.0 dp ffff:0000 sp 0035:0035
UDP,L4_src_range,L4_dont_care_dst,v4_dont_care_dst,v4_dont_care_src,ipv4,entry_va
lid
This entry indicates that a UDP packet with a source port number of 53 has been
received at the ppp0 interface.
root@192.168.1.1:/usr# iptables -A FORWARD -i ppp0 -j DROP
The dump command below;
3: s 0.0.0.0 d 0.0.0.0 dp 0000:0000 sp 0000:0000
DONTCARE,L4_dont_care_dst,L4_dont_care_src,v4_dont_care_dst,v4_dont_care_src,ip
v4,entry_valid
log,drop,wan,
This entry indicates that all packets received at the ppp0 interface will be dropped.
6.5. The filter counter
The filter counter will count up the packets that have matched camelot’s filter entries.
Since the counter can not be reset, the values will keep accumulating as long as
camelotd is being executed.
The following is an example of how the counters are used. Telnet to the Camelot router
from a monitoring PC.
[Camelot router]
[monitoring PC]
Prompt>telnet 192.168.1.1 12345
Trying 192.168.1.1...
dump
……
filter counts, in :
[0]=15860 [1]=3 [2]=332 [3]=679
……
This indicates that 15860, 332, 679 packets have matched entries 0, 1, 2, 3 respectively.
6.6. The Filter log
The log of the first four packets filtered by Camelot can be displayed
The following is an example of how the logs can be retreived. Telnet to the Camelot
router from a monitoring PC.
[Camelot router]
[Monitoring PC]
Prompt>telnet 192.168.1.1 12345
Trying 192.168.1.1...
dump
……
log input
……
Log 2 indicates that there is a packet that matched entry 3 of the L3/4 filter, and that
that packet was received from the WAN interface, and the packet length was 74 bytes.
The Logs 3 and 4 also indicate identical status.
6.7. DMZ
The LAN2 port can be placed in a different segment from the LAN0 and LAN1 ports,
and may be used as a DMZ port. The interface name of the DMZ port is cm1.
The following is an Camelot router setup example.
192.168.1.1 1.1.1.1
LAN WAN
LAN PC Camelot router WAN PC
192.168.1.10 1.1.1.10
DMZ
192.168.2.1
192.168.2.10
DMZ PC
root@192.168.1.1:/usr# camelotd –Z –c camelotd.cfg –D0 &

root@192.168.1.1:/usr# iptables -t nat -A POSTROUTING -o wan0 -j MASQUERADE
root@192.168.1.1:/usr# iptables -t nat -A POSTROUTING –s 192.168.1.0/24 -o cm1 -j
MASQUERADE
Add the following commands if you want to apply port forwarding.

root@192.168.1.1:/usr# iptables -t nat -A PREROUTING -p TCP -i wan0 -d 1.1.1.1
--dport 23 -j DNAT --to-destination 192.168.2.10
TCP packets received at the WAN0 port with destination addresses 1.1.1.1 and
destination ports 23 will be changed to addresses 192.168.2.10 and routed.
6.8. QOS
Packets from hosts attached to the WAN and DMZ ports can be prioritized by setting
their IP Addresses (and port numbers). This capability can be used concurrently with
NAT and IP Forwarding.
The following is an Camelot router IP Forwarding setup example. In this example, we

will prioritize packets transmitted between the host on the DMZ port at 192.168.2.10
and the host at the WAN port with IP Address 1.1.1.10.
192.168.1.1 1.1.1.1
LAN WAN
LAN PC Camelot router WAN PC
192.168.1.10 1.1.1.10
DMZ
192.168.2.1
192.168.2.10
DMZ PC
root@192.168.1.1:/usr# vi camelotd.cfg
……
# Tag IPv WAN IP WAN DMZ IP DMZ TOS/TC Flow
# (4/6) Port Port Label
QOS 4 1.1.1.10 0 192.168.2.10 0 0 0
……
:wq
root@192.168.1.1:/usr# camelotd –Z –c camelotd.cfg –D0 &
UDP Packets with source port number 10000, destination port number 20000 from the
host at the DMZ port and source port number 20000, destination port number 10000
from the host at the WAN port will be prioritized.
7. Debugging
The debug log will be stored in a file, and is not displayed on the serial window. (This is
due to the fact that the serial terminal can only display a limited amount of
information.) The debug level and trace level should be assigned when the Camelotd
daemon is started.
The following is an example of assigning debug level 3 and trace level 4.

root@192.168.1.1:/usr# echo 65535 > /proc/sys/net/core/rmem_default'
root@192.168.1.1:/usr# camelotd –c camelotd.cfg –D3 –f log.txt –T4&
Terminate camelotd when you want to see the logged results.
root@192.168.1.1:/usr# ps
PID TTY TIME CMD
108 ttyS0 00:00:00 bash
126 ttyS0 00:00:00 camelotd
128 ttyS0 00:00:00 ps
root@192.168.1.1:/usr# kill 126
root@192.168.1.1:/usr# cat log.txt

Montavista Linux For Mb86977 e

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Montavista Linux For Mb86977 e

Uploaded by

Copyright:

Available Formats

MB86977 Montavista-Linux

FUJITSU LSI SOLUTION LIMITED

２．Structure of the system ........................................................... 3

３．Outline of the system............................................................... 4

５．The Camelotd daemon ............................................................. 8

６．Using the Camelot Router ..................................................... 19

2. Structure of the system

4.1. Network interfaces

ppp0 Link encap:Point-to-Point Protocol

Please use the mknod command to create the device node.

The options for the camelotd daemon. (Comments are in blue)

Trace levels. The default is 1.

echo 65535 > /proc/sys/net/core/rmem_default'

Prompt> telnet 192.168.1.1 12345

quit - exit shell

We shall continue with an explanation of the most frequently used commands.

Chip table dump:

Kernel mode can be started by the following command.

The following is a Camelot router setup example.

(3) root@192.168.1.1:/usr# camelotd –c camelotd.cfg –D0 –m &

The following is an example of a Camelot router setup.

root@192.168.1.1:/usr# iptables -A FORWARD -p tcp --tcp-flags ACK ACK -i ppp0 -j

root@192.168.1.1:/usr# iptables -A FORWARD -p icmp -i ppp0 -j ACCEPT

The following is an Camelot router setup example.

root@192.168.1.1:/usr# camelotd –Z –c camelotd.cfg –D0 &

Add the following commands if you want to apply port forwarding.

The following is an Camelot router IP Forwarding setup example. In this example, we

The following is an example of assigning debug level 3 and trace level 4.

You might also like