List management commands EcoNAT Documentation / URL Filtering functionality (DPI) / List management commands
List management commands
To remove lists or files that are used when setting up the URL filtering, use the dpierase <list number or file name> command.
To view the uploaded URL lists and DPI configuration files use dpilist command.
MyEcoNAT:1:> dpilist
0 Thu Feb 11 13:57:50 2016 list0.dpi
36 Mon Jan 25 10:41:37 2016 list1.dpi
15 Tue Jan 12 15:42:28 2016 list16.dpi
83 Thu Nov 5 10:45:39 2015 list2.dpi
37 Thu Oct 29 14:28:31 2015 list4.dpi
4 Thu Oct 29 13:58:27 2015 list7.dpi
31 Thu Oct 29 13:01:43 2015 list8.dpi
31 Thu Oct 29 12:38:15 2015 list9.dpi
10 Mon Feb 1 14:24:22 2016 request.xml
3.0K Tue Dec 15 14:39:08 2015 request.xml.sig
Use show dpirecords and dpiview commands in the EcoNAT interface to view the URL filtering lists content.
Show dpirecords
The command displays entries from the URL list.
Syntax of the command: show dpirecords <list number> | [filters].
Filters, similar to the other show commands are available for this command.
| Filter | Description |
|---|---|
| b STRING | begin STRING | Drops out a string until it reaches a line containing the specified substring |
| count | It counts the number of rows |
| e STRING | exclude STRING | Prints only lines not containing the specified substring |
| drop NUM | Пропускает указанное количество строк |
| i STRING | include STRING | Prints only lines containing the specified string (If substring contains spaces or special characters such as ')', then you can use the quotation marks) |
| more | Outputs with a stop after each page |
| r STRING | regexp STRING | Displays only the lines that match the specified regular expression |
| take NUM | Output the specified number of strings |
Command output example:
MyEcoNAT:2:# show dpirecords 1
https://issuu.com
http://www.ya.ru
http://www.lenta.ru
http://www.rg.ru
MyEcoNAT:2:# show dpirecords 1 | include ya
http://www.ya.ru
Dpiview
The command displays the records of URL filtering list or the contents of files that are used to configure URL filtering. Command syntax: dpiview <list number or filename>.
For this command, there is no possibility of filtration, batch output or interruption of output. As a command parameter, you may specify not only the number of a specific list, but the following files:
- cert – display the contents of the certificate file,
- dump – display the contents of a file of the Roskomnadzor registry,
- request – show the contents of the certificate request file,
- sign – to show a signed certificate request file,
and other files (e.g., shortlist, exceptions), if they exist.
Command output example:
MyEcoNAT:3:# dpiview request
<?xml version="1.0" encoding="windows-1251"?>
<request>
<requestTime>2015-12-09T13:35:52+03:00</requestTime>
<operatorName>ABC.COM</operatorName>
<inn>1111111111</inn>
<ogrn>1111111111111</ogrn>
<email>mail@domen.ru</email>
</request>
Show dpistate
This command displays diagnostic information on the URL filtering functionality.
Output example:
EcoSGE:# show dpistate
IPv4 firewall table rules 326812/1048576 used/max
IPv6 firewall table rules 13/1048576 used/max
IPv6 firewall range table rules 0/1048576 used/max
Dump partition: 154746880/159825920/314572800 used/free/total
DPI rules size: 31733149/35679961 url/all
Summary dump size:73804291
URL base rebuild at: 2019-10-11T10:37:00+03:00
Last dump download: 2019-10-11T07:29:00+03:00
Actual Date for delta: 2019-10-11T11:25:00+03:00
DPI host buffers used/total: 7/65535 (0.0%)
DPI path buffers used/total: 7/65535 (0.0%)
DPI state buffers used/total: 161/16777215 (0.0%)
The output strings are described in the table below.
| Строка | Описание |
|---|---|
IPv4 firewall table rules | Current/maximum number of IPv4 rules in the ACL |
IPv6 firewall table rules | Current/maximum number of single IPv6 addresses in the ACL |
IPv6 firewall range table rules | Current/maximum number IPv6 addresses bands in the ACL |
Dump partition | Using the volume of the disk partition allocated for storing the downloaded list of the local regulations, its differential updates, as well as temporary files generated during its processing |
DPI rules size | Memory size used by URL filtering structures without ACL/total (in bytes) |
Summary dump size | The total size of the downloaded list of of the local regulations and its differential updates (in bytes) |
| URL base rebuild at | |
Last dump download | Date and time of the last successful download of the local regulations list or its differential update in the format YYYY-MM-DD T HH: MM: SS time_offset |
| Actual Date for delta | |
DPI host buffers used/total | The domain name information filling buffer counter (current/maximum) |
DPI path buffers used/total | The information from the URL after the '?' symbol filling buffer counter (current/maximum) |
DPI state buffers used/total | Session filling buffer counter (current/maximum) |
Exceptions setup
If necessary, you can configure the exceptions for lists.
To add an exception, you have to create a text file with a list of exception addresses, in the same way as described in section "URL Filtering functionality (DPI)". Then the file is uploaded manually with the dpiload exception <URL> command, where the address is in http://<server address>/<file name>.<file extension> format. Next, you need to include an exception for a specific sites list to which they will apply, setting exceptions on value of list parameter. Addresses from the list of exceptions will be prohibited if the exceptions applied to the white list, or allowed, if exceptions apply to the black list.
In a URL entry in the exception list, the * character can be used to specify any character set, for example, to filter multiple mirror sites. If you want to filter both HTTP and HTTPS, then * is placed at the beginning of the URL, if only one of the protocols, then * is prefixed before *.
Example of list parameters configuration:
MyEcoNAT:1:system.dpi.dpilist1# show
enable
whitelist_mode off
log_matches on
exceptions on
behaviour ignore
redirect_use_interval off
redirect_interval 600
redirect_interval_url 2592000
redirect_url "http://redirect.domen.ru/"
color_direction both
color_tos_byte 32
download_url ""
update_schedule never
no_ip ( )
ip ( 0.0.0.0/0 )