Information on the available options for a CLI command can be obtained by ending a partial command line with a question mark (“?”). This will cause CLI to print out the available options for the remainder of the command line.
A CLI command line with only a question mark will result in a list of all CLI commands available to the user.
Commands
This section describes the syntax and usage of each CLI command. The commands are listed in alphabetical order.
backup
The backup command configures automatic backups of the Island configuration and statistics to a remote file server.
Command Scheduler
Certain commands (e.g., backup interval) cause an action to occur at regular intervals. In most cases, the start time is not specified by the user, but is calculated by the system. In those cases, the actual clock times for command execution are calculated based on midnight (local system time) on the day the command was issued. For intervals of one week or greater, the times are calculated based on midnight (00:00) Wednesday.
Examples:
Interval
Actual Execution Times
4 hours
00:00, 04:00, 08:00, 12:00, 16:00, and 20:00 each day
18 hours
00:00 and 18:00 on the first day and 12:00 on the second day
auto-update time
Set the time of day to perform automatic updates of the system firmware
Syntax
Syntax Description
backup interval
Sets how often an automatic system backup is performed.
Syntax
Syntax Description
backup url
Enables the automatic backup function and specifies the destination of the backup file.
Syntax
Syntax Description
clear pin
Deletes the PIN used to access Island from the app.
Syntax
Syntax Description
This command has no arguments.
compact
Compacts the internal database to reclaim unusable space.
Syntax
Syntax Description
This command has no arguments.
clear vpn-keys
Regenerates the public/private key pair used for VPNs.
Syntax
Syntax Description
This command has no arguments.
exit
Exit interface context or disconnect the CLI session.
Syntax
exit
clear dhcp-client
Force a renewal of all IP addresses learned from DHCP.
Syntax
Syntax Description
This command has no arguments.
configure known-hosts
Edits the list of known SSH keys for remote hosts.
Syntax
Syntax Description
This command has no arguments
36 hours
00:00 on the first day and 12:00 on the second day
9 days
Every 9 days starting at 00:00 on Wednesday
ip (interface context)
The following "ip" commands are used to configure network parameters on an interface. They are valid only in interface context as set with the interface command.
auto-update
The auto-update command controls whether the Island will automatically update its firmware to the latest available version, and when the updates will occur.
ip (global context)
The following "ip" commands are used to configure network parameters that are not specific to a single interface.
Keyword
Description
hh
The hour of the day (local system time) in the range 0 to 23.
mm
The minute with the hour (local system time) in the range 0 to 59.
Defaults
Updates will be performed at 3:00 AM local time on any day of the week by default.
Usage Guidelines
This command specifies the time of day at which the Island will automatically update to the latest firmware.
(Optional) Returns the backup interval to its default value.
seconds
The interval at which the backup file should be written, in seconds.
Defaults
The interval defaults to 3600 seconds (1 hour).
Usage Guidelines
This command determines how often automatic system backups will be performed.
The system aligns the start time for the backup process relative to midnight on the day the command is issued or the system reloaded. For example, if the interval is set to 8 hours, backups will occur daily at 12 AM, 8 AM, and 4 PM every day. If the interval is set to 18 hours, backups will occur at 12 AM and 6 PM on the first day, and 12 PM and 6 AM on the second day, then repeat.
The backup URL can refer to either a remote file or remote directory. If the URL ends in any character other than a slash (“/”), it is assumed to refer to a file name. The backup is written to that file, overwriting it if it already exists.
If the URL ends in a slash, the system assumes it is pointing to a directory. In this case, the system will create a new file with the following format: hostname-YYYYMMDD-HHMMSS.backup.
If the URL contains a password, it is encrypted so that it is not readable in the configuration file.
Refer to the URL Format page for more information on the syntax of the url parameter.
The space used by deleted records within the internal database is not always immediately reuseable due to the nature of the database. Over time, the database can accumulate a significant amount of unuseable space, resulting in decreased performance and additional disk space usage.
This command reclaims the unuseable space within the database by rebuilding it.
Examples
Related Commands
Defaults
Usage Guidelines
This command is used to delete and regenerate the local Island’s public/private key pair used to establish secure connections with VPN peers.
Note that this will stop all communications with existing VPN peers until the new public key is provided to them. It will also prevent the mobile app from establishing a remote connection to the Island until it obtains the new public key, either by connecting via a LAN or by pasting the new public key in Tours. It will not affect the mobile app’s ability to connect directly via a local LAN.
This command deletes all existing connections (i.e., firewall state table entries). It is primarily for testing, and should be used with care since it will immediately terminate all active Internet connections through the Island.
Examples
Related Commands
configure terminal
Enters configuration mode
Syntax
Syntax Description
This command has no arguments
Defaults
Usage Guidelines
Because configuration commands can be entered at any time, this command is unnecessary, but is provided for those familiar with other systems that require its use.
Examples
Related Commands
clear everything
Returns an Island to factory-default condition.
Syntax
Syntax Description
This command has no arguments.
Defaults
Usage Guidelines
This command returns an Island to a factory-fresh condition. All configuration, logs, statistics, and security keys will be deleted. The current firmware version will be retained, but all rollback checkpoints will be deleted.
The user will be prompted for confirmation before the command is executed.
When this command completes, the system will power off automatically. Power must be removed and re-applied in order to restart the system.
Examples
Related Commands
clear network
Resets all network interface options and places the interfaces into automatic configuration mode.
Syntax
Syntax Description
This command has no arguments.
Defaults
Usage Guidelines
This command deletes all configuration information, both learned and manually-configured, from all network interfaces and sets the to full.
The user will be prompted before the command is executed unless command confirmation has been disabled with .
Examples
Related Commands
help
Displays a summary of available commands, or help for a specific command.
Syntax
Syntax Description
Keyword
Description
Defaults
Usage Guidelines
With no parameters, this command displays a simple list of available commands. If a command is specified, the syntax for that command is displayed.
For more detailed help on command syntax, use the question mark (“?”) for .
Examples
Related Commands
clear log
Clears the internal system log.
Syntax
Syntax Description
This command has no arguments.
Defaults
Usage Guidelines
This command clears the internal system log buffer in memory. It does not affect the log entries written to disk.
Examples
Related Commands
clear ssh host-keys
Regenerates the local ssh host keys.
Syntax
Syntax Description
ip dhcp6-client
Enables or disables the DHCPv6 client on an interface.
Syntax
Syntax Description
duplex
Sets the duplex mode of an Ethernet interface.
Syntax
Syntax Description
history utc
Causes history file names and the timestamps contained within to be in UTC.
Syntax
Syntax Description
history interval
Enables the generation of history files, and sets how often a new history file is created.
Syntax
Syntax Description
history empty
Controls whether empty history files are to be created.
Syntax
Syntax Description
ip arp-spoof
Enables or disables ARP spoofing on an interface.
Syntax
Syntax Description
ip ident6
Enables or disables fingerprinting of IPv6 devices on an interface.
Syntax
Syntax Description
clear ssh client-keys
Regenerates local SSH client keys.
Syntax
Syntax Description
ip nat6
Enables or disables IPv6 Network Address Translation (NAT) on an interface.
Syntax
Syntax Description
auto-update days
Set the day(s) of the week to perform automatic updates of the system firmware
Syntax
Syntax Description
clear syslog
Deletes a system log file.
Syntax
Syntax Description
ethernet polling
Specify the number of CPU cores dedicated to Ethernet polling.
Syntax
Syntax Description
interface
Selects an interface and places the CLI into interface context, or deconfigures an interface.
Syntax
Syntax Description
ip nat4
Enables or disables IPv4 Network Address Translation (NAT) on an interface.
Syntax
Syntax Description
ip dhcp-server
Enables or disables the DHCP server on an interface.
Syntax
Syntax Description
ip dhcp-scope
Defines the range of IPv4 addresses available to DHCP clients.
Syntax
Syntax Description
clear ssh known-hosts
Delete the SSH host key for a remote host or for all remote hosts.
Syntax
Syntax Description
configure network
Restores the system from a backup file.
Syntax
Syntax Description
ip router-solicit
Enables or disables the sending of IPv6 Router Solicitation (RS) packets on an interface.
Syntax
Syntax Description
ip load-sharing
Select the algorithm used to balance traffic between equal-priority WAN interfaces.
Syntax
Syntax Description
ip firewall
Enable or disable Island's inbound Internet firewall.
Syntax
Syntax Description
hostname
Specifies a name for the Island.
Syntax
Syntax Description
parent
Specify the parent interface for a VLAN interface.
Syntax
Syntax Description
login support
Enables or disables remote access by Island Support personnel.
Syntax
Syntax Description
clear update
Stop and clean up from an incomplete update.
Syntax
Syntax Description
This command has no arguments.
clear package
Removes an installable package from the system.
Syntax
Syntax Description
led level
Set the brightness of the Island's LED.
Syntax
Syntax Description
show dumps
Display a list of system crash dump files.
Syntax
Syntax Description
This command has no arguments.
show config known-hosts
Display the list of known SSH hosts and their public keys.
If no options are specified, all SSH host key types are regenerated.
Usage Guidelines
This command is used to delete and regenerate the local SSH host keys.
The host keys are used by remote clients to authenticate connections to the local system.
Examples
Related Commands
Keyword
Description
no
(Optional) This is the same as ip dhcp6-client off.
off
Disables the DHCPv6 client on the interface.
on
Enables the DHCPv6 client on the interface.
Defaults
The DHCPv6 client is enabled by default on WAN interfaces and disabled on LAN interfaces.
Usage Guidelines
The DHCPv6 client is responsible for obtaining an IPv6 address and related options from a DHCPv6 server and assigning it to an interface.
If the DHCPv6 client is not enabled, or if a DHCPv6 server is not available, the IPv6 address is assigned based on the type of interface. On WAN interfaces, it will be assigned using Stateless Address Auto-Configuration (SLAAC). On LAN interfaces, Island will us either a delegated prefix selected from one of the WAN providers (if available) or will assign a Unique Local Address (ULA).
This command is valid only in interface context. Entering it will set the interface mode to manual.
(Optional) Returns the interface duplex to its default value.
auto
The interface duplex mode is set via auto-negotiation.
half
The interface is placed into half-duplex mode.
full
The interface is placed into full-duplex mode.
Defaults
Interface duplex is set via auto-negotiation by default.
Usage Guidelines
This command can be used to force the duplex setting on an interface if autonegotiation is unavailable or undesirable.
If duplex is explicitly configured for an interface, the interface speed should also be explicitly configured. In other words, auto-negotiation should be enabled or disabled identically for both speed and duplex.
(Optional) Use the local time zone instead of UTC.
instance
The history instance to be modified. If the specified instance does not exist, it will be created unless the no keyword was also specified. Must be alphanumeric.
Defaults
The default is to use the local time zone for history file names and timestamps.
Usage Guidelines
This command causes UTC time to be used for history file names and for any dates and times in the history records.
Examples
Related Commands
Keyword
Description
no
(Optional) Removes the interval for the specified instance.
instance
The history instance to be modified. If the specified instance does not exist, it will be created unless the no keyword was also specified. Must be alphanumeric.
seconds
The interval at which a new history file should be created, in seconds. The interval must be specified in order to enable history logging. The minimum interval is 60 seconds.
Defaults
History files are not written by default.
Usage Guidelines
This command enables the generation of history files for the specified instance, and specifies how often, in seconds, the current history file will be closed and a new file started.
The actual interval between files may be longer than specified if there are no events to log immediately after closing the previous history file. This does not apply if the history empty command has been given.
If the no keyword is specified, the current history file will be closed and no new history files will be created for this instance. Existing unsent history files will be retained until they are successfully transferred.
Examples
Related Commands
Keyword
Description
no
(Optional) Empty history files will not be created.
instance
The history instance to be modified. If the specified instance does not exist, it will be created unless the no keyword was also specified. Must be alphanumeric.
Defaults
By default, the system will not create empty history files.
Usage Guidelines
Once a history instance has been defined, history files will be created peridically based on the setting of the history interval command. By default, no history file is created for an interval if there were no history records generated during that interval. This command specifies that history files should always be created for an interval, even if the file contains no records.
Examples
Related Commands
Keyword
Description
no
(Optional) This is the same as ip arp-spoof off.
off
Disables ARP spoofing.
on
Enables ARP spoofing.
Defaults
ARP spoofing is disabled by default.
Usage Guidelines
When ARP spoofing is enabled, Island will send “spoofed” ARP responses to all clients presenting itself as the owner of the default gateway’s IP address.
ARP spoofing allows Island to insert itself into a network with an existing default gateway using a single interface. It forces all Internet-bound traffic from LAN clients to be sent to itself. Island will apply all configured security filters and other features before forwarding the packet to the actual default gateway.
This mode essentially provides all features of the Island without replacing an exiting gateway. However, it can cause problems with some hosts and security devices, and should therefore be used with caution.
This command is valid only in interface context. Entering it will set the interface mode to manual.
Disables fingerprinting of IPv6 devices on the interface.
on
Enables fingerprinting of IPv6 devices on the interface.
Defaults
Devices fingerprinting is enabled on LAN interfaces and disabled on WAN interfaces by default.
Usage Guidelines
This command enables or disables "fingerprinting" of IPv6 devices on an interface. Fingerprinting uses protocols such as SSDP and mDNS to gather information about devices on the network to aid in the identification of new and unknown devices.
This command is valid only in interface context. Entering it will set the interface mode to manual.
If neither adminnor useris specified, the keys for both users are regenerated.
Usage Guidelines
This command is used to delete and regenerate the local SSH client keys.
SSH client keys can be used for public key authentication with the ssh command as well as commands that use the scp protocol (e.g., write net scp://…).
IPv6 Network Address Transnation is disabled on all interfaces by default.
Usage Guidelines
When Network Address Translation (NAT) is enabled on an interface, the source IP address of transmitted packets is changed to the Island's IP address assigned to the interface. Depending on the protocol involved, the source port number, as well as address information embeded in the payload, may be modified as well.
Island maintains a list of active NAT translations so that received packets can be routed back to the proper internal client.
NAT is typically used to map private IP addresses on a LAN to a public IP address on the WAN.
This command is valid only in interface context. Entering it will set the interface mode to manual.
Specifies that updates may occur on any day of the week. Mutually exclusive with none and <day>.
none
Disables automatic updates. Mutually exclusuve with all and <day>.
day
Specifies that updates may occur only on the specified day(s) of the week. Must be one of monday, tuesday, wednesday, thursday, friday, saturday, or sunday. Multiple days may be specified separated by spaces. Mutually exclusive with all and none.
Defaults
Updates will be performed at 3:00 AM local time on any day of the week by default.
Usage Guidelines
The Island periodically checks to see if newer firmware is available. This command sets the day(s) of the week on which new firmware is allowed to be automatically installed.
If automatic updates are disabled using the command auto-update days none, the Island will still periodically check for firmware updates, and the app will indicate that newer firmware is available, but it will not be installed automatically. In this case, the user can install the update using the update command or the Island app.
Firmware updates may or may not interrupt packet routing, depending on the nature and extent of the update. Some updates will not interrupt routing at all, some may cause a short (5-10 second) interuption, and some may require a full reboot of the router.
(Optional) Returns the number cores for polling to its default value.
auto
The number of cores is selected automatically.
n
Use the specified number of cores for Ethernet polling. The allowed range is from 1 to the total number of CPU cores minus 1.
Defaults
The number of cores is selected automatically by default.
Usage Guidelines
Normally, the system automatically determines the number of CPU cores to dedicate to Ethernet polling. This command is provided for diagnostic purposes, and should be used only as directed by Island support.
Examples
Related Commands
Keyword
Description
no
(Optional) Causes the specified interface to be deconfigured.
string
The name of the interface to be configured.
Defaults
The CLI is in global context by default.
Usage Guidelines
This command must be given before issuing any commands that modify an interface. The specified interface remains the “selected” interface until another interface command or the end command is issued.
The “no” form of this command deletes all configuration information, both learned and manually-configured, from the specified interface. For physical interfaces (e.g., Ethernet), the interface is placed into automatic configuration mode. For virtual interfaces, the interface is deleted from the system.
IPv4 Network Address Transnation is enabled on WAN interfaces and disabled on LAN interfaces by default.
Usage Guidelines
When Network Address Translation (NAT) is enabled on an interface, the source IP address of transmitted packets is changed to the Island's IP address assigned to the interface. Depending on the protocol involved, the source port number, as well as address information embeded in the payload, may be modified as well.
Island maintains a list of active NAT translations so that received packets can be routed back to the proper internal client.
NAT is typically used to map private IP addresses on a LAN to a public IP address on the WAN.
This command is valid only in interface context. Entering it will set the interface mode to manual.
The decimal value of the host portion of the first IP address in the scope.
high
The decimal value of the host portion of the last IP address in the scope.
Defaults
In the abscence of this command, the default DHCP scope is "50-". Otherwise, the defaul low value is 1 and the default high value is the last available host address on the network.
Usage Guidelines
This command defines the range of IPv4 addresses assignable to DHCP clients. The low value is the host portion of the first assigneable address in the scope. If omitted, the default low value is 1.
The high value is the host portion of the last assignable address in the scope. If omitted, the default high value is the host portion of the last assignable address in the interface's network range. Note that the highest address in a network is reserved for broadcasts, and will never be assigned by the DHCP server.
Since these values are the decimal value of the host portion (only) of the IP address, the high value may exceed 254 for networks larger than /24. For example, the highest assignable value for a /22 IPv4 network (i.e., 10 bits of host address) would be 1022.
This command is valid only in interface context. Entering it does not change the configuration mode of the interface.
(Optional) This is the same as ip router-solicit off.
off
Disables the sending of IPv6 RS packets.
on
Enables the sending of IPv6 RS packets.
Defaults
When autoconfiguration is enabled on an interface, the Island will determine the proper setting based on whether the the interface is determined to be a WAN or a LAN connection. Otherwise, the initial setting for newly-created interfaces is off.
Usage Guidelines
This command determines whether IPv6 Router Solicitation (RS) packets are sent on an interface.
This command is valid only in interface context. Entering it will disable autoconfig on the interface.
(Optional) Returns the load sharing algorithm to its default value
dst-ip
Consider the destination IP address when choosing an outbound WAN interface
random
Randomly select the outbound WAN interface for every connection
src-dst-ip
Consider the source and destination IP addresses when choosing an outbound WAN interface
Defaults
The outbound WAN interface is selected randomly for each connection by default.
Usage Guidelines
Island supports multiple WAN interfaces. Outbound connections are routed to the highest priority active WAN interface as set by the ip priority command. When more than one active WAN interface is at the highest priority, Island will balance the outbound connections between them. This command selects the algorithm Island uses to determine which WAN interface is selected for each outbound connection in that case. The availble algorithms are as follows:
Algorithm
Description
dst-ip
All connections to a given destination IP address will use the same interface.
random
The outbound interface is selected at random for each connection. This is the default.
src-dst-ip
All connections from a given source IP address to a given destination IP address will use the same interface.
(Optional) Returns the Internet firewall to its default state.
off
Disables the Internet firewall
on
Enables the Internet firewall
Defaults
The inbound Internet firewall is on by default.
Usage Guidelines
This command disables the firewall function that blocks incoming traffic on a WAN interface. It takes effect only when there is a single physical port active on the Island.
This command should be used with extreme care and is intended only for very specific use cases such as using Island as a dedicated VPN concentrator, where firewall functionality is undesirable or handled by an external firewall. Note that all other Island functionality, including content filtering, is still active even when the firewall is disabled.
Examples
Related Commands
Keyword
Description
no
(Optional) Deletes the existing hostname.
string
An alphanumeric string of up to 63 characters, beginning with a letter.
Defaults
The system host name is empty by default.
Usage Guidelines
An Island may be given a unique and descriptive name to distinguish it from other Islands. The hostname will be used as the CLI prompt. It is also used to when auto-generating file names for some commands (e.g., backup url).
Examples
Related Commands
Keyword
Description
interface
The name of the parent interface.
Defaults
This command has no default. The parent interface must be specified.
Usage Guidelines
This command is required for VLAN interfaces. It defines the physical interface on which the VLAN is carried. It is valid only in interface context, and only for VLAN interfaces.
This command establishes a VPN to Island Support to allow support personnel to remotely access the Island for troubleshooting and diagnostic purposes.
Examples
Related Commands
Defaults
Usage Guidelines
Under rare circumstances, an update may fail to complete, and will show indefinitely as pending or running. This command will stop the pending or running update.
An integer representing the LED brightness in percent (0-100).
Defaults
The default LED level is 100.
Usage Guidelines
The command sets the brightness of the Island's LED display. The value must be an integer from 0 (off) to 100 (full brightness).
Examples
Related Commands
Defaults
Usage Guidelines
This command lists any dump files created when a software module terminates unexpectedly. They may be analyzed by Island support to determine the cause of a failure.
The ping command is used to reboot the Island router.
A warning will be issued if the running configuration does not match the startup configuration. The user will be given the opportunity to save or discard the pending configuration changes. The reload command may be aborted using Control-C at this prompt.
Examples
Related Commands
Keyword
Description
no
(Optional) Disables remote access.
Defaults
Remote access is disabled by default.
Usage Guidelines
Island implements secure remote access from the Island app on Apple and Android devices. Remote access is disabled by default, but can be enabled with this command.
Examples
Related Commands
clear connections
config terminal
clear everything
clear network
help
clear log
clear ssh host-key [ed25519|rsa]
clear ssh host-key
clear ssh host-key ed25519
[no] ip dhcp6-client off|on
ip dhcp6-client on
[no] duplex auto|half|full
duplex full
[no] history <instance> utc
history myhist3 utc
[no] history <instance> interval <seconds>
history myhist2 interval 3600
[no] history <instance> empty
history myhist2 empty
[no] ip arp-spoof off|on
ip arp-spoof on
[no] ip ident6 off|on
ip ident6 off
clear ssh client-keys [admin|user]
clear ssh client-keys admin
[no] ip nat6 off|on
ip nat6 on
auto-update days all|none|<day> [<day> [...]]
auto-update days thursday friday
clear syslog [<directory>] <file>
clear syslog backup.log
clear syslog slog 20240514-151755
[no] ethernet polling auto|<n>
ethernet polling 2
ethernet polling auto
[no] interface <string>
interface en0
no interface vlan14
[no] ip nat4 off|on
ip nat4 on
[no] ip dhcp-server off|on
ip dhcp-server on
[no] ip dhcp-scope [<low>]-[<high>]
ip dhcp-scope 100-
ip dhcp-scope 100-510
clear ssh known-hosts <host>|all
clear ssh known-hosts server17.example.com
clear ssh known-hosts all
When autoconfig is set to full on an interface (the default), the Island will determine if the interface is connected to a local area network (LAN) or to the Internet (WAN), and will set all other interface parameters as appropriate for the type of connection detected. This mode works well in most cases, and is useful for initial installation. Once installation is complete, it is generally recommended to select one of the other modes as appropriate for each interface.
When set to manual, automatic configuration is disabled, and the current interface configuration is written to the running configuration. Individual may then be modified as needed. This configuration is the most flexible but requires that each interface configuration option be set appropriately. It can be used for unusual situations where the predefined interface modes (described below) are not sufficient.
When using manualmode, users may find it convenient to first set the interface mode to one of the modes listed below first, before switching to manual mode, to provide a convenient starting point for all interface settings. Note that the interface must be active (up) in order for the current interface settings to be retained when the mode is switched to manual.
The remainder of the modes are used to set the interface configuration appropriate for the most common network scenarios. The available modes are as follows:
lan: This mode is for a typical LAN where Island should be the DHCP server. Island's DHCP server is enabled, the DHCP client is disabled, and the DHCP monitor is enabled.
lan-no-dhcp: This mode is the same as lan except Island's DHCP server and DHCP monitor is disabled, and the DHCP client is enabled. This mode is used when another DHCP server is used for the network.
Note that issuing most will cause the interface mode to be set to manual. When this happens, the remaining interface configuration options with their current values will be written to the running configuration, and can be modified as needed. Refer to the documentation for a specific command to determine if that command will force the interface mode to manual.
This command is valid only in interface context.
Examples
Related Commands
history
Manage a history file instance.
Syntax
Syntax Description
Keyword
Description
Defaults
Usage Guidelines
This command is used to create, modify, or delete a history file instance.
Island maintans a record of all device-related activity such as Internet access and session data counters, online and offline events, etc. These “history” events are stored internally in a compact binary format, and can be displayed with the show history command.
History data can formatted and saved in files to be transferred to a remote file server on a periodic basis. A history “instance” refers to a set of named history configuration commands that control the creation, format, transfer, and other characteristics of the associated history files.
The creation of history files is enabled with the command. Therefore when creating a new history instance, it is usually preferrable to issue all other desired history commands such as and before issuing the history interval command, otherwise the system may create one or more initial history files with improper characteristics.
History files are automatically deleted upon successful transfer to the remote system. To see the list of history files waiting to be transferred, use the command.
An entire history instance can be deleted by entering this command with the no prefix. This will delete all unsent history files and all configuration commands associated with the instance.
Examples
Related Commands
ip dhcp6-server
Enables or disables the DHCPv6 server on an interface.
Syntax
Syntax Description
Keyword
Description
Defaults
The DHCPv6 server is enabled on LAN interfaces and disabled on WAN interfaces by default.
Usage Guidelines
This command enables the DHCPv6 server on the interface. Island does not assign IPv6 addresses via DHCP; instead, hosts will use (SLAAC) to obtain their IPv6 address. Island's DHCPv6 server provides DNS and other requested information to IPv6 clients.
This command is valid only in interface context. Entering it will set the to manual.
Examples
Related Commands
history rename
Rename an existing history instance.
Syntax
Syntax Description
Keyword
Description
Defaults
None; all parameters must be specified.
Usage Guidelines
This command allows an existing history instance to be given a new instance name. Once renamed, all references to the history instance must be done using the new instance name.
Renameing a history instance will cause the current history file (if any) to be closed and a new one started.
Examples
Related Commands
ip priority
Defines the priority of a WAN connection relative to other WAN connections.
Syntax
Syntax Description
Keyword
Description
Defaults
The default interface priority is 1.
Usage Guidelines
Island supports multiple WAN connections. The interface priority determines which WAN connection(s) outgoing traffic will use when multiple WAN connections are present and active.
Outbound connections will normally use the highest priority active WAN interface. If multiple active WAN interfaces have the same priority, outbound connections will be distributed between them.
This command is valid only in interface context. Entering it does not change the of the interface.
Examples
Related Commands
history url
Specifies a remote directory to which history files will be written.
Syntax
Syntax Description
Keyword
Description
Defaults
The default is to not write history files to a remote system
Usage Guidelines
This command specifies the destination for files produced for this history instance.
The URL must point to a remote directory. Each history file will be writton to a unique file in that directory. The file name format is:
history.YYYYMMDDHHMMSSmmm‐nnnnnnnnnn
where “YYYYMMDDHHMMSSmmm” is the date and time including milliseconds and “nnnnnnnnnn” is the number of records in the file.
The path portion of the URL is ignored for the "tcp://" or "udp://" real-time streaming schemes.
Refer to the section of this document for more information on the syntax of the url parameter.
Examples
Related Commands
ip dhcp-reserve
Assigns a dedicated IP address to a device.
Syntax
Syntax Description
Keyword
Description
Defaults
There are no DHCP reservations by default.
Usage Guidelines
This command reserves an IP address for a client. The DHCP server will not assign a reserved IP address to any other client. When the client makes a DHCP request to the Island, the DHCP server will assign the specified address to the client, if able.
If the server is unable to assign the address (perhaps because the address is already in use by another client), it will assign another address from the DHCP scope. When the client renews its DHCP lease, the DHCP server will again try to assign the reserved address.
The reserved IP address must be a valid address on one of the interfaces on the Island. However, it does not need to be within the DHCP scope assigned to the interface.
Only one DHCP reservation is allowed for a given device.
Examples
Related Commands
ip dhcp-client
Enables or disables the DHCP client on an interface.
Syntax
Syntax Description
Keyword
Description
Defaults
The DHCP client is enabled on WAN interfaces and disabled on LAN interfaces by default.
Usage Guidelines
This command enables the DHCP client on an interface, allowing Island to obtain the IPv4 address and other options from an external DHCP server.
This command is valid only in interface context. Entering it will set the to manual.
Examples
Related Commands
ip arp-scan
Enables or disables periodic ARP scanning an interface.
Syntax
Syntax Description
Keyword
Description
Defaults
ARP scanning is enabled on LAN interfaces but disabled on WAN interfaces by default.
Usage Guidelines
When ARP scanning is enabled on an Interface, Island will periodically send ARP requests to every valid IP address on the interface network. This allows Island to discover all devices on the network, even those that are not otherwise sending any traffic through the Island.
This command is valid only in interface context. Entering it will set the to manual.
Examples
Related Commands
login console
Sets whether a username and password is required to access the CLI through the serial port.
Syntax
Syntax Description
Keyword
Description
Defaults
A username and password is not required on the serial port by default.
Usage Guidelines
Some Island models have a serial port which provides direct access to the CLI. By default, no credentials are required to access the CLI through the serial port, and full access is granted. When the command is specified, the user will be prompted for a username ("admin" or "user") and password before access is granted.
Examples
Related Commands
package
Define a configuration parameter for an installed package.
Syntax
Syntax Description
Keyword
Description
Defaults
There are no defaults for this command. All parameters must be specified.
Usage Guidelines
Island supports installable software package to add features not included in the base firmware. Installable packages are installed with the command.
Some packages require user-specified configuration information, or "parameters". These parameters are set using this command.
Parameter names and values are specific to each package. Refer to the associated package documentation for supported parameters and values.
Examples
Related Commands
ip autovlan
Enables or disables automatic VLAN provisioning for an interface.
Syntax
Syntax Description
Keyword
Description
Defaults
Automatic VLAN provisioning is enabled by default.
Usage Guidelines
When automatic VLAN provisioning is enabled, Island will create a new VLAN interface whenever a packet is received with an 802.1Q VLAN Identifier that does not match an existing VLAN interface.
This command is valid only in interface context. Entering it will set the to manual.
Examples
Related Commands
password
Set, change, or remove a password.
Syntax
Syntax Description
Keyword
Description
Defaults
There is no password on the admin or user accounts by default.
Usage Guidelines
This command sets the password for the specified user for access to the CLI. Users without a password may not log in to the CLI via ssh.
If the new password is not specified on the command line, the system will prompt for it.
Examples
Related Commands
show config authorized-keys
Display the authorized SSH public keys for a user.
Syntax
Syntax Description
Keyword
Description
Defaults
The keys for the administrative user are shown by default.
Usage Guidelines
This commands displays the contents of the authorized SSH public keys file for the specified user.
Examples
Related Commands
ip dns local-only
Determines whether the DNS server intercepts all recursive DNS requests or only those directed at the Island.
Syntax
Syntax Description
Keyword
Description
Defaults
All recursive DNS requests passing through the Island are intercepted by default.
Usage Guidelines
By default, Island intercepts all recursive DNS requests it sees and resolves them locally, even if the request was sent to a different DNS server. This improves DNS lookup speed and allows Island to perform filtering at the DNS level.
In some circumstances, it may not be desirable to intercept DNS requests directed at another DNS server. Enabling the local-only option causes Island to pass these requests on to the targeted server.
Note that Island will never intercept and respond to DNS over HTTPS (DoH) requests targeted to another server. Users wishing to force all DNS reqeusts to be handled by Island may wish to block access to external DoH servers using Island's filtering capabilities. Refer to the Island Router app documentation for more information.
Examples
Related Commands
rollback
Restore the system firmware and configuration to a previously stored checkpoint.
Syntax
Syntax Description
This command has no arguments.
Defaults
Usage Guidelines
This command provides a way to return the system firmware and configuration to a previous state created with the command.
The command automatically saves a copy of the current firmware and system configuration as a checkpoint. The five most recent checkpoints are retained.
When the command is issued, the user may choose from a list of these checkpoints, and the system will be restored to the saved state.
Each checkpoint includes all changes made to the operating code on the system. In some cases, the checkpoint may include additional items. For example, if an update will use a new, incompatible version of a database or configuration, then the affected items are also included in the checkpoint.
Examples
Related Commands
ping
Send an ICMP Echo Request to a host and waits for a reply.
Syntax
Syntax Description
Keyword
Description
Defaults
If neither ip no ipv6 is specified, the protocol is chosen automatically.
Usage Guidelines
The ping command is used to test the reachability of another system and measure the round-trip time (RTT) to the system using ICMP Echo Request packets. Once the command is issued, it will continue until stopped by pressing Control-C.
Examples
Related Commands
ip ipv6
Globally enable or disable IPv6.
Syntax
Syntax Description
Keyword
Description
Defaults
IPv6 is enabled by default.
Usage Guidelines
IPv6 is fully supported by Island, and is enabled on all interfaces by default. Island will attempt to obtain an IPv6 address and a delegated prefix on each WAN port, and will assigne IPv6 addresses to each LAN port.
While IPv6 can be disabled on individual interfaces using , this command can be used to disable IPv6 on all interfaces.
Examples
Related Commands
ip mtu
Sets the maximum transmission unit (MTU) on an interface.
Syntax
Syntax Description
Keyword
Description
Defaults
The default MTU is 1,500 bytes for Ethernet interfaces and 1,408 bytes for WireGuard VPN interfaces.
Usage Guidelines
This command sets the maximum transmission unit (MTU) for an interface.
This command is valid only in interface context. Entering it does not change the of the interface.
Examples
Related Commands
ip ddns ipv6
Determines whether IPv6 AAAA records are generated for DDNS.
Syntax
Syntax Description
Keyword
Description
Defaults
An AAAA record is created in DDNS by default.
Usage Guidelines
The Island DDNS service creates both A (IPv4) and AAAA (IPv6) DNS records by default. This can cause delayed or broken connectivity when using a port-forward to direct incoming traffic to a device that does not support IPv6.
This command can be used to disable the generation of AAAA DNS records so that clients will attempt to connect using IPv4 only.
This command has no effect unless a DDNS name is defined in the app or using the command.
Examples
Related Commands
description
Sets optional description text for an interface.
Syntax
Syntax Description
Keyword
Description
Defaults
Interfaces have no description by default.
Usage Guidelines
This command allows the user to set an optional description for an interface.
This command is valid only in interface context.
Examples
Related Commands
ip dhcp-monitor
Enables or disables the DHCP monitor service on an interface.
Syntax
Syntax Description
Keyword
Description
Defaults
The DHCP monitor is enabled on LAN interfaces and disabled on WAN interfaces by default.
Usage Guidelines
The DHCP monitor service watches for rogue DHCP servers on an interface and issues a warning if one is found.
If both DHCP monitor and are enabled on the same interface, DHCP client has precedence and DHCP monitor will be not run.
This command is valid only in interface context. Entering it will set the to manual.
Examples
Related Commands
ip router-advertise
Enables or disables the sending of IPv6 Router Advertisement (RA) packets on an interface.
Syntax
Syntax Description
Keyword
Description
Defaults
When autoconfiguration is enabled on an interface, the Island will determine the proper setting based on whether the the interface is determined to be a WAN or a LAN connection. Otherwise, the initial setting for newly-created interfaces is off.
Usage Guidelines
This command determines whether IPv6 Router Advertisement (RA) packets are sent on an interface.
This command is valid only in interface context. Entering it will disable on the interface.
Examples
Related Commands
login confirm
Enables or disables CLI confirmation prompots.
Syntax
Syntax Description
Keyword
Description
Defaults
CLI confirmation prompts are enabled by default.
Usage Guidelines
To prevent the loss of important data, certain CLI commands (e.g., , , etc.) normally prompt the user for confirmation before executing. This can be inconvenient when executing batch CLI commands. The no login confirm command disables these confirmation prompts. The prompts can be re-enabled using the login confirm command.
Examples
Related Commands
ip ddns name
Establishes a dynamic DDNS host name for the Island.
Syntax
Syntax Description
Keyword
Description
Defaults
No DDNS name is assigned by default.
Usage Guidelines
Island provides a DDNS service that assigns names with the "myisland.info" domain. The user may assign a simple host name using this command. For example, if "bobs-island" is specified, the resulting fully-qualified domain name (FQDN) will be "bobs-island.myisland.info".
There is no registration or authentication required for this service. Names are available on a first-come, first-served basis. Once a name is assigned to a specific Island, that name may not be assigned to another Island until a grace period has expired or the name is manually deleted using the "no" form of this command from the original Island with an active Internet connection.
The A and AAAA records for the FQDN will be updated automatically by the Island based on the public IPv4 and IPv6 addresses on the WAN port. If multiple WAN primary ports are in use (or multiple secondary WAN ports if no primary port is available), the A and AAAA records will be assigned arbitrarily to the IP address on one of the active ports.
Examples
Related Commands
ip port-forward
Create a permanent Destination Network Address Translation (DNAT) entry.
Syntax
Syntax Description
Keyword
Description
Defaults
By default, port-forwarded connections will be accepted on any of the Island's interface IP addreses, and the destination port number will not be modified.
Usage Guidelines
Island normally blocks all inbound connection attempts from the Internet (i.e., on WAN ports) or on other internal networks (LANs) to internal devices. This command provides a method to allow inbound connections to specific internal devices (or to the Island itself) on specific TCP and UCP ports. In essence, it opens a "hole" in the internal stateful firewall for specific internal services.
If the public IP address is not specified, connections will be accepted an any of Island's interface addresses on the specified TCP or UDP port. Use care when doing this on ports used for internal management (e.g., TCP ports 22, 443, and 4443) or incoming VPN connections (UDP port 51820 or as defined by the command, and UDP port 3006) as the port-forward will make those services unavailable on those ports.
If the public IP address is specified, connections will be accepted only on that address.
The maximum number of port-forward commands is 1024.
Examples
Related Commands
mac output-format
Specify the format for displaying MAC addresses.
Syntax
Syntax Description
Keyword
Description
Defaults
The default MAC address output format is "XX:XX:XX:XX:XX:XX".
Usage Guidelines
This command is used to specify the output format for MAC addresses as used in the CLI and in system logs.
The format must contain 12 upper or lower case X’s as placeholders for each of the 12 hexadecimal digits in a MAC address. The case of a placeholder indicates the case of the corresponding output MAC character. All other characters in the format string are printed literally.
Examples
Related Commands
ip address
Assigns an IP address to an interface.
Syntax
Syntax Description
Keyword
Description
Defaults
By default, Island will either obtain an IP address for an interface using DHCP (if the DHCP client is enabled on the interface) or will assign an arbitrary /24 private network (RFC1918) network address.
Usage Guidelines
This command assigns an IPv4 or IPv6 address to an interface. Only one IPv4 and one IPv6 address may be assigned to a given interface.
This command does not automatically set the to manual or disable the on the interface. However, if the DHCP client is enabled, the specified IP address will be overwritten if an address is later obtained from a DHCP server. To ensure a manually-configured IP address is not changed, set the to lan, or set it to manual and disable the .
This command is valid only in interface context.
Examples
Related Commands
ip route
Create a static route within the Island.
Syntax
Syntax Description
Keyword
Description
Defaults
No static routes exist by default.
Usage Guidelines
The command allows manually-configured (i.e., "static") routes to be inserted into Island's routing table.
Both IPv4 and IPv6 routes are supported. The target address and the gateway must both be the same protocol (IPv4 or IPv6).
The word "default" may be used to represent the default route (0.0.0.0/0 or ::0/0). The protocol of the default route (IPv4 or IPv6) will be determined by the the protocol of the specified gateway.
Examples
Related Commands
ip ident4
Enables or disables fingerprinting of IPv4 devices on an interface.
Syntax
Syntax Description
Keyword
Description
Defaults
Devices fingerprinting is enabled on LAN interfaces and disabled on WAN interfaces by default.
Usage Guidelines
This command enables or disables "fingerprinting" of IPv4 devices on an interface. Fingerprinting uses protocols such as SSDP and mDNS to gather information about devices on the network to aid in the identification of new and unknown devices.
This command is valid only in interface context. Entering it will set the to manual.
Examples
Related Commands
ip dhcp-lease
Sets the DHCP lease time on an interface.
Syntax
Syntax Description
Keyword
Description
Defaults
The default lease time is 1800 seconds (30 minutes).
Usage Guidelines
The default lease time for addresses assigned by Island's DHCP server is 30 minutes. This allows devices to respond reasonably quickly to network address changes.
Although rare, some devices cannot handle such a short lease time. This command can be used to change the DHCP lease time to a different value.
This command is valid only in interface context. Entering it does not change the of the interface.
Examples
Related Commands
ntp
Specify NTP servers.
Syntax
Syntax Description
Keyword
Description
Defaults
Island uses the pool at ntp.islandrouter.com by default.
Usage Guidelines
This command specifies one or more NTP servers to be used to synchronize Island's internal clock. The command will accept multiple servers on one line, and the command may be specified multiple times.
Examples
Related Commands
packet level
Set the minimum severity level of messages logged by the low-level packet handler.
Syntax
Syntax Description
Keyword
Description
Defaults
The default minimum severity level is 5.
Usage Guidelines
This command sets the minimum severity level of messages logged by the low-level packet handling subsystem in Island. Logging less severe messages can be useful when diagnosing network issues, but will also increase the amount of information logged.
The highest severity level is 0 and the lowest is 7, as follows:
Level
Description
Examples
Related Commands
show clock
Display the current system date and time.
Syntax
Syntax Description
This command has no arguments.
Defaults
Usage Guidelines
This command displays the current system date, time, and time zone.
Examples
Related Commands
ip dns mode
Sets the method Island uses to resolve DNS requests.
Syntax
Syntax Description
ip autoconfig disabled|full|lan|lan-no-dhcp|manual|static-wan|wan
[no] history <instance> [<command>]
[no] ip dhcp6-server off|on
history <instance> rename <newname>
[no] ip priority <n>
[no] history <instance> url [<url>]
[no] ip dhcp-reserve <ip> <mac>
[no] ip dhcp-client off|on
[no] ip arp-scan off|on
[no] login console
[no] package <name> <parameter> <value>
[no] ip autovlan off|on
[no] password admin|user [<password>]
show config authorized-keys [admin|user]
[no] ip dns local-only off|on
rollback
ping [ip|ipv6] <host>
[no] ip ipv6 off|on
ip mtu <n>
[no] ip ddns ipv6 off|on
[no] description <string>
[no] ip dhcp-monitor off|on
[no] ip router-advertise off|on
[no] login confirm
[no] ip ddns name <string>
ip port-forward tcp|udp [<public-ip>:]<public-port> <mac>|island [<dest-port>]
[no] mac output-format <template>
[no] ip address <address>/<bits>
ip route <address>/<bits> <gateway>
ip route default <gateway>
[no] ip ident4 off|on
[no] ip dhcp-lease <seconds>
[no] ntp <server> [<server> [...]]
[no] packet level <n>
show clock
URL Format
Some commands (e.g., write network) require a URL argument to identify a remote file or directory. The format for a URL argument is:
scheme://[username[:password]@]host[:port]/[path]
Supported schemes for most commands are http, https, ftp, ftps, sftp, scp, smb, and tftp.
The host parameter may be an IP address or a domain name.
The optional port parameter is not supported on all protocols.
wan: This mode is for a typical WAN connection where Island obtains its IP address from the provider using DHCP.
static-wan: This mode is for a WAN connection where Island is assigned a static IP address.
disabled
Disable the interface.
full
Automatically set the interface configuration.
lan
Configure the interface for a typical LAN where Island is the DHCP server.
lan-no-dhcp
Configure the interface for a LAN where the Island is not the DHCP server.
manual
Disable automatic configuration on the interface. This mode will be enabled automatically if certain ip interface commands are issued.
static-wan
Configure the interface for a WAN with a static address.
wan
Configure the interface for a WAN with a dynamic (i.e., DHCP) address.
(Optional) Deletes the specified history instance.
instance
The history instance to be created or modified. If the specified instance does not exist, it will be created unless the no keyword was also specified. Must be alphanumeric.
command
One of “empty”, “filter”, “interval”, “output-format”, “rename”, “url”, or “utc”. The command is required unless the no parameter is specified.
The history instance to be modified. If the specified instance does not exist, it will be created unless the no keyword was also specified. Must be alphanumeric.
url
This URL to which history files are to be written. Required unless the no parameter is specified.
The desired DDNS host name. This must be a simple host name, not a domain name. It may consist of between 1 and 63 alphanumeric characters or a minus sign ("-"). The first character must be a letter or number.
(Optional) Specifies the IP address on which to accept incoming connections to be port-forwarded. If omitted, connections will be accepted on any of the Island's interface addresses.
public-port
The TCP or UDP port number on which to accept incoming connections.
mac
The MAC address of the device to which incoming connections are to be forwarded.
island
Specifies that incoming connections are to be forwarded to the Island itself.
dest-port
(Optional) The TCP or UDP port number on the target system. If omittied, the original destination port number is unmodified.
Specify the URL of an arbitrary DoH server to use for DoH resolution.
resursive
Use recursive DNS.
Defaults
Island uses Cloudflare's DNS over HTTPS service by default.
Usage Guidelines
This command specifies how DNS lookups are performed by Island.
By default, Island uses DNS over HTTPS (DoH) services provided by Cloudflare to resolve DNS requests. The https option can be used to change the DoH provider to Google or to an arbitrary DoH server.
Island can also be configured to use standard recusive DNS resolution. Both the recursive and the dnssec options enable recursive DNS mode, the difference is that dnssec also enables DNSSEC validation.
If Island is unable to access the specified DoH provider, it will revert to recursive DNS.
Note that the default format includes fields which are not used in the current product.
Usage Guidelines
The output format template consists of arbitrary text containing field substitutions. These substitutions begin with a percent sign ("%"). The list of valid substitutions is shown in the table below.
The percent sign may optionally be followed by a decimal minimum field width. The field value will be left-justified within the specified width.
A substitution, along with any surrounding text, may optionally be enclosed in question mark characters. This will cause all text between the question marks to be suppressed if no substitution is made.
The contextual help for this command may include subsitutions for fields that are not used in the current product. Only the currently supported subsitutions are included in this table.
Subsitution
Description
Predefined formats:
Examples
Related Commands
show hardware
Display a summary of the system hardware configuration.
Syntax
Syntax Description
This command has no arguments.
Defaults
Usage Guidelines
This command displays a summary of the hardware configuration for the Island, including the platform type, CPU type, memory size, power supply status, and interface compliment.
Examples
Related Commands
history filter
Restricts the types of activities logged to history files.
Syntax
Syntax Description
configure authorized-keys
Edits the list of authorized public keys for authentication of incoming SSH connections.
Syntax
Syntax Description
clear dump
Deletes a crash dump file, or all crash dump files.
Syntax
Syntax Description
end
Exits interface context and returns to global context.
Syntax
end
Overview
This is the Command Line Interface (CLI) reference guide for Island Router firmware version 2.3.2.
The Command Line Interface (CLI) provides a low-level interface for the configuration and monitoring of the Island router. It is accessed via the SSH protocol on TCP port 22. On some Island models, the CLI can also be accessed through a serial port.
When logging in to the CLI, two different user names are available: “admin” and “user”. The admin account has full privileges and access to all CLI commands. The user account is a read-only account which cannot access any commands that change the system configuration.
Before the CLI can be accessed, the SSH password must be set via the Island app. This sets the password for the “admin” user. The password for the “user” login can be set by the admin user using the CLI command.
The CLI can also be accessed using SSH public key authentication. Authorized keys can be configured using the CLI command.
CLI command names and most keywords cay be abbreviated using the shortest unique prefix. For example, show interface summary
Password Encryption and Public Key Authentication
In general, clear text passwords such as in a URL argument are stored internally in an encrypted form so that they are unreadable when the system configuration is displayed. In some cases, an entire command parameter may be encrypted when there is special sensitivity involved. Encrypted strings begin with a tilde (“~”) character.
The system supports SSH public key authentication for all commands that use the SSH protocol, including the ssh command and any file transfer commands using the scp and sftp schemes. This eliminates the need to specify passwords inside a URL.
The command can be used to obtain the user’s public key from the local system so that it can be added to the list of authorized keys on the remote system.
[no] history <instance> output-format <template>
show hardware
can be abbreviated as
sh int sum
or even
sh in su
, but not as
s int sum
since the leading "s" is ambiguous.
Most CLI commands take effect immediately when issued, but are not saved to non-volatile storage until the write memory command is issued. In other words, the write memory command makes the current running configuration permanent by copying it to the startup configuration. Note, however, that any configuration changes made through the app cause the running configuration to be immediately saved to non-volatile storage, including any changes made using the CLI.
The history instance to be modified. If the specified instance does not exist, it will be created unless the no keyword was also specified. Must be alphanumeric.
template
The history output format template, described below.
%d[(format)]
Date and time formatted using strftime. The default format is "%Y/%m/%d %T".
%D
Date and time formatted as "yyyy-mm-ddThh:mm:ss.xxx(Z|+/-HH:MM)".
%f
Event flags
%h
Destination host name
%H
Island host name
%i
Source IP addres
all
All attributes in "tag=value" format
csv
All attributes in CSV format
syslog
Structured syslog
usyslog
Unstructured syslog
json
JSON
raw
Raw binary
Keyword
Description
admin
Edit authorized keys for the administrative user.
user
Edit authorized keys for the read-only user.
Defaults
If neither user is specified, the keys for the administrative user are edited.
Usage Guidelines
This command edits the list of authorized public keys for SSH authentication on inbound connections. The list contains one key per line in the OpenSSH authorized_keys file format.
Dump files are created when a software module terminates unexpectedly. They may be analyzed by Island support to determine the cause of a failure. This command is used to delete dump files that are no longer needed.
history output-format json
history output-format "%d type=%12t mac=%m? host=%60h?? category=%Mh?"
show hardware
configure authorized-keys [admin|user]
config authorized-keys admin
clear dump <file>|all
clear dump pkgeng.core
end
Keyword
Description
no
(Optional) Removes the history filter.
instance
The history instance to be modified. If the specified instance does not exist, it will be created unless the no keyword was also specified. Must be alphanumeric.
string
The filter string.
Defaults
All history events are logged by default.
Usage Guidelines
Using the history filter command, you can restrict the types of activties that are logged to the history files. The filter syntax is:
<field><op><value>[<cong>…]
Field
The field paramater specifies the field with the history records to test. Valid fields are listed below.
Note that the contextual help for this command may list additional field names that are reserved for diagnostic purposes or for future use.
Field names are case-insensitive.
Field
Description
time
The timestamp on the record. The timestamp format for string comparisons is "YYYY-MM-DDTHH:MM:SS.mmm" (e.g., "2024-06-01T19:23:47.316").
type
The record type; one of "associate", "disassociate", "access", "session", or "comment".
count
For "associate" and "disassociate" records, this is a reference count. For session records with the "fin" flag set, it is the session duration in nanoseconds.
flags
A bit field of flags associated with the record. Valid values for Island include "nonrender" (4), "secure" (16), "blocked" (32), "allowed" (64), and "fin" (128).
mac
The source MAC address of the packet or device associated with the record.
ip
The source IP address of the packet or device associated with the record.
Op
The comparison operator.
Operator
Description
=
Matches if the field value is exactly the same as the comparison value. This can be either a string or a numeric comparson depending on the field and the value.
!=
Matches if the field value is not exactly the same as the comparison value. This can be either a string or a numeric comparson depending on the field and the value.
<
Matches if the field value is numerically less than the comparison value.
<=
Matches if the field value is numerically less than or equal to the comparison value.
>
Matches if the field value is numerically greater than the comparison value.
>=
Matches if the field value is numerically greater than or equal to the comparison value.
Value
The value to compare against. This can be a string, a regular expression, or a numeric value. Strings must be enclosed in quotes if they contain special characters.
Regular expressions are delineated with a slash (e.g., mac=/^B4:AE:2B/). Regular expressions are valid only with the "=" and "!=" operators.
Cong
Joins multiple comparison expressions together.
Operator
Description
| (vertical bar)
Logical "or"
& (ampersand)
Logical "and"
, (comma)
Logical "and"
Examples
Related Commands
show free-space
Display information about internal storage space.
Syntax
Syntax Description
This command has no arguments.
Defaults
Usage Guidelines
This command shows information about the internal storage space, including total size, space used, and available space
Examples
Related Commands
ip max-clients
Sets the maximum number of IP addresses Island will recognize.
Syntax
Syntax Description
[no] history <instance> filter <string>
history myhist2 filter "type=associate&mac=00:00:5E:00:53:D2"
history blockedlist filter "flags=/blocked/"
show free-space
port
The source TCP/UDP port number of the packet or device associated with the record.
destIP
The destination IP address of the packet associated with the record.
destPort
The destination TCP/UDP port number of the packet associated with the record.
sourceName
The name of the interface (e.g., "en0") associated with the device on an "associate" or "disassociate" record.
cat
The numerical value of the website category associated with the record. The cat field is a bit mask, and is therefore usually best tested using the "&" operator.
comment
A text string containing miscellaneous information associate with some records.
country
A two-letter code (e.g., "US") representing the country in which the remote IP address is registered.
&
Performs a bitwise test.
Keyword
Description
n
The number of IP addresses.
Defaults
The default maximum IP addresses is specific to each Island model.
Usage Guidelines
This command specifies the maximum number of IP addresses (IPv4 and IPv6 combined) Island will support. Once this limit is reached, additional IP addresses will be ignored until older IP addresses go offline.
Caution: Changing this value causes a restart of the packet processing engine. This will cause a disruptime in routing for several seconds, and all active sessions through the Island will be deleted.