D-Link NetDefendOS User Manual page 51

Sometimes a command property may need multiple values. For example, some commands use
the property AccountingServers and more than one value can be specified for this property. When
specifying multiple values, they should be separated by a comma "," character. For example, if
three servers server1, server2, server3 need to be specified then the property assignment in the
command would be:
AccountingServers=server1,server2,server3
Inserting into Rule Lists
Rule lists such as the IP rule set have an ordering which is important. When adding using the CLI
add command, the default is to add a new rule to the end of a list. When placement at a
particular position is crucial, the add command can include the Index= parameter as an option.
Inserting at the first position in a list is specified with the parameter Index=1 in an add command,
the second position with the parameter Index=2 and so on.
Referencing by Name
The naming of some objects is optional and is done with the Name= parameter in an add
command. An object, such as a threshold rule, will always have an Index value which indicates its
position in the rule list but can optionally be allocated a name as well. Subsequent manipulation
of such a rule can be done either by referring to it by its index, that is to say its list position, or by
alternatively using the name assigned to it.
The CLI Reference Guide lists the parameter options available for each NetDefendOS object,
including the Name= and Index= options.
Using Unique Names
For convenience and clarity, it is recommended that a name is assigned to all objects so that it
can be used for reference if required. Reference by name is particularly useful when writing CLI
scripts. For more on scripts see Section 2.1.6, "CLI Scripts".
The CLI will enforce unique naming within an object type. For reasons of backward compatibility
to earlier NetDefendOS releases, an exception exists with IP rules which can have duplicate
names, however it is strongly recommended to avoid this. If a duplicate IP rule name is used in
two IP rules then only the Index value can uniquely identify each IP rule in subsequent CLI
commands. Referencing an IP rule with a duplicated name will fail and result in an error message.
Using Hostnames in the CLI
For certain CLI commands, IP addresses can optionally be specified as a textual hostname instead
an IP4Address object or raw IP address such as 192.168.1.10. When this is done, the hostname
must be prefixed with the letters dns: to indicate that a DNS lookup must be done to resolve the
hostname to an IP address. For example, the hostname host.example.com would be specified as
dns:host.example.com in the CLI.
The parameters where this might be used with the CLI are:
• The Remote Endpoint for IPsec, L2TP and PPTP tunnels.
• The Host for LDAP servers.
When DNS lookup needs to be done, at least one public DNS server must be configured in
NetDefendOS for hostnames to be translated to IP addresses.
Chapter 2: Management and Maintenance
51