TELNET PORT=250
TELNET PORT=250 TELNET PORT=251 TELNET PORT=252 TELNET PORT=253or as a single entry:
TELNET PORT=250-253 TELNET PORT=250,252-255
The listen "rules" are configured in the PLIP.CTRL CONFIG item and take on the format:
TELNET LISTEN=*:23 207.215.231.10 255.255.255.255 250-251 00:20:00 3 LOGOFF=YESYou can specify multiple listen rules. When processing inbound TELNET connections, the rules table is scanned from the beginning and the first rule that matches the connection is used to control the connection.
The complete format of a TELNET LISTEN rule is divided into a number of fields seperated by spaces.
TELNET LISTEN=ip_addr:tcp_port remote_addr remote_net_mask pick_ports timeout break_char optionsip_addr:tcp_port - The IP address and TCP port number that is opened for incoming connections. It is acceptible to have more than one rule for a single IP address and TCP port combination. You can use the * character to specify the first configured IP address.
remote_addr remote_net_mask - These parameters specify whether this rule will apply for a particular connection. If the actual remote IP address "ANDed" with the remote_net_mask equals the remote_addr, then this rule is processed. If the actual remote IP address "ANDed" with the remote_net_mask does not equal the remote_addr, then this rule is skipped and the next rule is examined for a match. More information on IP address matching is included later in this document.
pick_ports - This is a list of Pick ports that are to be used for this connection. You can specify either a single port, or multiple ports as a combination of single ports or port ranges. In either case, the list will be processed in order until an available port is found. If no ports are available, then the user will receive an error message and the connection will be terminated.
timeout - This is the amount of time (in hh:mm:ss format) that an inactive connection will be maintained. An inactive connection is defined as one that has no inbound or outbound traffic. If you specify 00:00:00, then the connectin will not timeout. The maximum timeout length is 8 hours.
break_char - This is the decimal ascii value of a control character that will break the Pick port. The inbound TELNET services in PicLan-IP will respond to the TELNET "interrupt" command, but this control allows you to set a break key for use with TELNET terminal emulators that do not generate an interrupt command. If you specify 0, then a break character will not be set.
options - Options are used to specify how the ports will be logged on and off when a connection is established or broken. The two available options are:
RECONNECT - Normally, if a port is currently in use, another connection will be refused for that port. If you specify the RECONNECT option, then the new connection will take presidence. This is designed for use with TELNET terminal servers. You should only specify the RECONNECT option for TELNET LISTEN lines that specify a single Pick port.
In understanding whether a particular remote address matches the TELNET LISTEN rule's remote_address remote_net_mask pair, you need to understand how IP addresses and network sub-net masks are manipulated.
Because of how IP addresses are assigned and how IP network traffic is routed, an IP address is usually considered as a network address and a local address. The network address is the left-part of the IP address and the local address is the right-part of the IP address. It is the sub-net mask that defines the division between the network address and the local address.
Class A - A class A network uses one byte to specify the network address and three bytes to specify the local address. Class A networks can have at most 16777216 IP addresses.
Class B - A class B network uses two bytes to specify the network address and two bytes to specify the local address. Class B networks can have at most 65536 IP addresses.
Class C - A class C network uses three bytes to specify the network address and two bytes to specify the local address. Class C networks can have at most 256 IP addresses.
The manner that a network address is specified is through the use of the sub-net mask. This is a number that is formatted in the same manner as an IP address. By using the sub-net mask, a computer system can determine which part of an IP address is the network address and which part is the local address. Because a class A network uses the left byte of the IP address as the network address and the right three bytes as the local address, the sub-net mask is 255.0.0.0. Class B networks have sub-net masks of 255.255.0.0 and class C networks have sub-net masks of 255.255.255.0.
Similarily, class B networks use a sub-net mask of 255.255.0.0 and class C networks use a sub-net mask of 255.255.255.0.
The PicLan-IP TELNET server allows you to control who makes connections, and to which ports, based on the remote user's IP address. If you are concerned about security, you should consider the following steps:
Also, you should keep in mind that TELNET is an "in the clear", non-encrypted protocol and any users with packet-sniffing equipment and access to the network path can watch everything that a user types (you should note that this typically must be done by an ISP [or by someone who has hacked into an ISPs system]).
This string of characters will be send to TELNET clients upon connection to setup elements such as echo, line mode, and other required options. You should consult RFC 854 (and subsequent revisions) for more information.TELNET OPT STR=
If you have difficult with specific TELNET client applications, setting up additional option strings can help. If you are unfamiliar with TELNET operation and programming, you can contact Modular Software technical support for additional help.
{INCLUDE _GEN_FTR.HTM}