• PC104-ETHER (legacy option, included only for compatibility with older ACE objects) - use Card Address and IRQ of an Ethernet card, not MTU/MRU settings.
• Ethernet (use MTU/MRU settings, below)

(Network Card Address included only for compatibility with older ACE objects)

When "Ethernet" option is selected for Network Card Type, set the Maximum Transmission Unit (MTU). Default is 1500 (ignored if less than 256).

(Network Card IRQ included only for compatibility with older ACE objects)

When "Ethernet" option is selected for Network Card Type, set the Maximum Receive Unit (MRU). Default is 1500 (ignored if less than 256).

Enter the Linux interface name of the Ethernet port on which to run the DHCP server. 

Select whether or not to make this DHCP Server "authoritative."

Setting this to "No" means that if a client requests an address that the server knows nothing about and the address is incorrect for that network segment, the server will not send a DHCPNAK (which tells the client it should stop using the address.) Setting this to "Yes" will send a DHCPNAK in this case, to force the client to stop using the incorrect address on the network and immediately request a new address.

Select baud rate for the Async Port speed.

For the Serial MMI port, typically use 115,200. Otherwise, set the serial properties according to the communication requirements of the external devices. 

Enter the receive buffer size in bytes. 

The receive buffer holds incoming data while waiting for processing by the application. 

Enter the transmit buffer size in bytes. 

The transmit buffer holds outgoing data while waiting for the serial port hardware to deliver the data.

For the Serial MMI port, use at least 2048, to allow the MMI to transmit large blocks of diagnostic data. 

Enter value for warm up time.

This is the amount of time to wait before sending data after the RTS handshaking lead has been asserted. 

Enter value for warm down time. 

This is the amount of time to wait after the entire message packet has been shifted out to keep the RTS handshaking lead asserted. 

There are three modes of operation based on the Warm-up and Warm-down settings:

No Handshaking – Set both the Warm-up and Warm-down to a value of -1. RTS will not be activated, CD is not required.

Hardware Handshaking – Set both the Warm-up and Warm-down to a value of -1. RTS will not be activated, CD is not required.

Timed Handshaking – Set either the Warm-up or Warm-down or both to positive numbers. RTS will be asserted for the configured Warm-up time, then data will be sent regardless of the condition of CTS. After data has been sent, RTS will be asserted for the configured Warm-down time, and then lowered. 

When using the Async Port with an RS-485 device, modem, or external HART device, typically requires the Warm-up and Warm-down to be set to 0 or a fixed positive integer for hardware flow control.

When configuring Virtual Port definitions, all fields in the Async Port object are unused, and are simply included for compatibility with other physical Async Port objects.

Select the physical communication port to be used for PPP. This should be an internal port to which the cell modem is physical connected.

This should typically be COM8 for RG-100 and RG-400.

Do not configure the same COM port as an AsyncPort or other type of port in addition to the CellModem configuration. If there are AsyncPort or PPP objects defined for the same physical COM port, neither will work properly. 

Select baud rate for the cell modem port. 

Note: Maximum baud rate for RediGate 100 series is 230.4K. The RediGate 400 series can use 460.8K.

Select the parity for the cell modem port (None, Odd, Even).

Parity options supported are None, Odd and Even. Typically, this should be None.

Enter value for warm up time.

This is the amount of time to wait before sending data after the RTS handshaking lead has been asserted. The default entry of 0 should be used, denoting that RTS/CTS hardware handshaking will be used. 

Enter value for warm down time.

This is the amount of time to wait after the entire message packet has been shifted out to keep the RTS handshaking lead asserted. 

The default entry of 0 should be used, denoting that RTS/CTS hardware handshaking will be used. 

Enter the domain name.

Name used by certain tasks internally to identify different IP adapters. This is case-sensitive. However, in most cases, this is a legacy option that isn't actually used.

Enter the PPP IP address.

This is the address at which other network devices will see this device when trying to make a connection via PPP.
If connecting to a cell modem network that automatically assigns an IP address, this parameter should be configured as 0.0.0.0 for DHCP. 

Enter the subnet mask.

Should always be 255.255.255.255 for PPP.

If a static IP is used and a Default Gateway is required to make outbound connections beyond the local subnet, the Routes object must also be configured (see the section 2-System and Networking Objects#Route). 

Number of seconds to operate a PPP session before killing the connection.

This time is absolute, based on the time at which the session was initiated. The PPP connection will be closed regardless if data is still being transferred when the TimeToDie timer expires. This may be used to force a dial connection to hang up to limit cell phone connection charges.

Disable the TimeToDie by setting it to -1 if the connection should never be closed automatically. 

Select the type of modem being configured. This will depend on the hardware physically available on this device. The model number of the RediGate denotes the type of modem installed. For instance, typically the RG-100C-40-00 or RG-400C-40-00 indicates the Quectel BG96 modem.

Options are:

• uBlox SARA-R4 (Verizon LTE/CAT-M1)
• Quectel BG96 (AT&T/international LTE/CAT-M1)
• HE910 (GSM/HSPA+) - legacy modem
• DE910-DUAL (CDMA/EVDO, Verizon) - legacy modem

Enter one or more optional text entries for AT commands to be sent to the modem upon initialization. Text strings are limited to 80 characters. The AT Init Strings and all built-in modem initialization commands and responses are logged in a file /tmp/modemlog.txt.

Consult modem manual for initialization parameters or other AT commands available.

NOTES:
For the DE910-DUAL EVDO modem, if using mobile IP (MIP) on a Verizon network, it is recommended to add the following initialization string to force the modem to use MIP rather than permitting fallback to Simple IP (SIP):   AT$QCMIP=2
If using uBlox SARA-R4 modem with GPS (RG-400), you must include this command to turn on the GPS hardware:   AT+UGPS=1,0,3

Enter the modem connect string. This is the AT command telling the modem to enter an IP data session and depends on the modem model.

For Quectel BG96 CAT-M1 modem, select:   ATD*99#

For the SARA-R4 CAT-M1 or GSM/HSPA+ modem (HE910), select:  ATD*99***1# 

For EVDO modem (DE910-DUAL), select:   ATDT#777

Select whether to use a serial multiplexer to the modem. This should typically be set to 'Enabled'.

The serial multiplexer allows the data PPP session and other diagnostics to occur simultaneously to the modem. See the sections 2-System and Networking Objects#Modem Ports 73/75/77 and 2-System and Networking Objects#AT Commands for other options that can be used 

Enter the number of minutes of inactivity to be allowed, before the modem and PPP session will be restarted. 

This option is not currently supported.

Enter the APN (Access Point Name), which is the network gateway through which the cell modem will connect. This is typically dependent on the cellular carrier that the modem is activated on, and may be a public or private APN depending on the cellular account settings.

Used for CAT-M1 or GSM/HSPA networks only; leave blank for EVDO networks. 

Select the type of PPP Authentication required by the cellular network. This setting and the Auth User Name and Password will depend on the cellular account activation.

Authentication types are:

Disabled
PAP Authentication
CHAP Authentication 

Enter the user name required by the cellular network for PAP or CHAP authentication.

User Name is case sensitive and limited to 32 characters. 

Enter the password required by the cellular network for PAP or CHAP authentication.

Password is case sensitive and limited to 32 characters.

n/a (only use for AT command access)

Select the AT command or GPS option for this port:

• AT commands (disable GPS – HE910) – Only use the port for AT commands on the HE910 or DE910 modem. If used with HE910, disable power to the GPS receiver in the modem.
• AT commands (power GPS – HE910) – Only use the port for AT commands on the HE910 or DE910 modem. If used with HE910, enable power to the GPS receiver. For instance, this might be used to query GPS location using AT commands. 

The following selections enable the GPS receiver to automatically output location data in NMEA format once/second (Port 75 only supports GPS on the HE910 modem). NOTE: a GPS antenna connection is only available on the RediGate 400, not the RediGate 100 series. For a description of the NMEA data messages, see theTelit MT GNSS Software User Guide.

• GPS (HE910) - All GPS Sentences/Clock–Output all NMEA commands listed below, can be used to set the system's real-time clock.
• GPS - GGA Only (Lat,Long,Sats,Alt,DOP)–Output only 'GGA' message (14 comma-separated values).
• GPS - GLL Only (Lat,Long)–Output only 'GLL' message (6 comma-delimited values).
• GPS - GSA Only (Sats,DOP)–Output only 'GSA' message (17 comma-separated values).
• GPS - GSV Only (Sats, 1-4 sentences)–Output only 'GSV' messages (19 comma-separated values per message, up to 4 messages depending on number of satellites in view).
• GPS - RMC only/Clock (Lat,Long,Speed)–Output only 'RMC' message, can be used to set the system's real-time clock (12 comma-separated values).
• GPS - VTG Only (True Tracking,Speed)–Output only 'VTG' message (9 comma-separated values).
• GPS - RMC and VTG/Clock–Output only 'RMC' and 'VTG' messages, can be used to set the system's real-time clock.
• GPS - GGA, RMC, and VTG/Clock–Output only 'GGA', 'RMC', and 'VTG' messages, can be used to set the system's real-time clock.

Same as Port Settings for Port 75, except that it is only applicable to the DE910 modem and should not be used with the HE910.

Enter the timeout (in milliseconds) to wait for modem response to AT command. 

Enter the AT command string to send to the modem, or a single uppercase character 'C'. The AT string must be a command that is recognized by the modem model being used. 

If the command returns several different values to be parsed, the 'C' indicates a continuation row. This allows the response from a previous command to be skipped or parsed according to different rules, as described in the remaining properties, below. 

To use GPS data, the AT Command depends on which modem is being used:

• For the Quectel (CAT-M1) modem, include the command in the table:
  AT+QGPSGNMEA="RMC"    (use any of the GPS conversion options, store to REAL32 or REAL64 registers)
• For the SARA-R4 (CAT-M1) modem, include two commands in the table:
  AT+UGRMC?    (use GPS conversion, but not the Set Clock options, store to REAL32 registers)
  AT+CCLK?        (use STRING-32 conversion, with Count of 1, store to a String register)
• For the GSM or EVDO (HE910 or DE910-DUAL) modems, include the command:
  AT$GPSACP     (use any of the GPS conversion options, store to REAL32 registers)

To read a list of available cellular carriers, use the AT Command:  AT+COPS=?
This command may take over 30 seconds and return a long list of information.  The output Conversion should be STRING-256. If the Count is 1, the output will be put into a single register (up to 255 characters). If the Count is greater than 1, each set of carrier (tower) information will be stored into that many RTDB string registers, such as:

2,"AT&T","AT&T","310410",8

where 2 indicates the active carrier, followed by short and long text strings, then the MCC/MNC in one string, and the ACT last.

Select the type of conversion to use when parsing the command response from the modem.

• SINT16 – Store value(s) as 16-bit signed integer
• SINT32 – Store value(s) as 32-bit signed integer
• SINT64 – Store value(s) as 64-bit signed integer
• REAL32 – Store value(s) as 32-bit floating point, or 64-bit floating point depending on RTDB type
• STRING-32 – Store parsed parameter(s) as a 32-character string. The Count refers to the number of comma-separated strings.
• STRING-256 – Store the entire remainder of the AT command response into a STRING-256 register. The Count field is ignored.
• SKIP – Discard one or more comma-separated parameters from the AT command response, based on Count. 

Use the following GPS conversion options, which return GPS data from the modem in the formats described below (the Count column is ignored):

• GPS REAL32 – Store each comma-delimited parameter of the GPS command into thirteen REAL32 registers verbatim, with the register designations as listed in the following section.
• GPS Set Clock – Use the time and date returned in the GPS command to set the real-time clock of the RediGate. (Not recommended to use for SARA-R4 CAT-M1 modem - use additional AT command "AT+CCLK?" instead, as described above.)
• GPS DDMM.mm to De.gree – Store each comma-delimited parameter of the GPS command into thirteen REAL32 registers (ignore Count). The latitude/longitude values are converted from their normal degree.minute(DDMM.mm) format into degrees. Values are the same as above, except Latitude and Longitude:

Latitude stored as ±dddd.dddd (positive=north, negative=south)
Longitude stored as ±dddd.dddd (positive=east, negative=west)

• GPS Set Clock, to De.gree – This option combines the previous two options: convert degree/minute/second to degrees and set the real-time clock. (Not recommended to use for SARA-R4 CAT-M1 modem - use additional AT command "AT+CCLK?" instead, as described above.)

INPUT Policy

OUPUT Policy

FORWARD Policy

Select an INPUT packet policy from one of the following options:

Accept All Input/Output/Forwarding Packets

Drop All Input/Output/Forwarding Packets

The first actions in the firewall.sh script flush the existing contents of 'iptables' chains, using the commands:

iptables -F INPUT
iptables -F OUTPUT
iptables -F FORWARD
iptables -t nat -F

Then the INPUT Policy, OUTPUT Policy, and FORWARD Policy rules configure the default rules for packets not explicitly defined in the remainder of the configuration. These define commands such as:

iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP 

All the remainder of the properties include optional tables that may include 0 or more rows with 'iptables' rules to be added to the firewall.sh script

Accept All INPUT

Enter Linux interface name(s) for which to accept all INPUT packets. This setting overrides a global Drop or Reject rule in the INPUT Policy, and defines commands such as:

iptables -A INPUT -i eth0 -j ACCEPT

The following rules are included by default:
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT 

The Port Management property allows individual ports to be accepted, dropped, or rejected (with ICMP error), regardless of the above settings. Ports can be specified using the INPUT or OUTPUT chain, protocol (TCP, UDP, or ICMP), Linux interface name, and port number. Some examples of commands are:

iptables -A INPUT -p tcp -i eth0 --dport 22 -j ACCEPT
iptables -A OUTPUT -p udp -o eth0 --dport 500 -j ACCEPT 

Drop All INPUT

Select the version of TLS or SSL protocol to use.

TLS protocol versions are more secure than SSL. Select "all" to allow the client and server to negotiate the protocol. 

Selet the type of data compression to use.

Select 'none', 'zlib', or 'rle'. 

Select whether (and how) to use certificate verification for authentication to an TLS/SSL server. A security certificate is optional for a client but required on a server.

The number after the option indicates the "verify=" stunnel value:

• NO certificate verification
• ALWAYS require peer cert (2)
• Request and ignore peer cert (0)
• Validate only if cert is present (1)
• Verify peer with locally installed cert (3)
• Ignore CA chain & only verify peer cert (4) 

If the Verify Certificate option has been selected to employ certificate authentication, identify the location on the Linux file system containing the certificate chain PEM file. If used, this property must begin with "cert = ".

NOTE: If no certificate is to be used, this field must be disabled, either by adding a semicolon at the beginning ("; cert = ") or by clearing the property value entirely. Otherwise, the TLS/SSL connection will fail.

The certificate file must be obtained from an appropriate certificate authority containing credentials for this device, which are also known by the TLS/SSL server. The certificate file must be put on the device in the specified location, and must be in PEM format. 

If the Verify Certificate option has been selected to employ certificate authentication, identify the location on the Linux file system containing the private key assocated with the certificate. If used, this property must begin with "key = ".

NOTE: If no certificate is to be used, this field must be disabled, either by adding a semicolon at the beginning ("; key = ") or by clearing the property value entirely. Otherwise, the TLS/SSL connection will fail.

The key file is typically created along with the certificate and must be put on the device in the specified location, and must be in PEM format. 

If the TLS/SSL server's certificate must be validated with a Certificate Authority before connecting to it, a file identifying the CA must be stored on the Linux file system. If used, this property must begin with "CAfile = " (case-sensitive).

The CA file must be in PEM format. 

If using a Certificate Revocation List file(s) to confirm the validity of the server's certificate, this property is used to identify the directory on the Linux file system where the CRL file(s) will be stored.

Only two options are available:

• none
• /etc/stunnel/crls
  If using CRL files, they must be stored in the above directory in PEM format. 

Select the amount of time to wait for a TLS/SSL connection to be established.

Default selection is 10 seconds. 

Select the amount of time to keep an idle connection open when there is no data transmitted.

Default selection is 1 hour. 

Select the amount of time to wait for expected data in case of a busy network.

Default selection is 5 minutes. 

Select whether to use FIPS 140-2 encryption mode.

Default is no. (FIPS mode is not currently supported.)

Enter a list of encryption ciphers to allow for the TLS/SSL connection. This property must begin with "ciphers = " and must contain some criteria for the list of ciphers to include or exclude. Use a colon (:) to separate cipher names or criteria. (This property is not required and may be disabled by adding a semicolon before "ciphers" or by clearing the property entirely.)

Example: ciphers = !SSLv3:DH+AES:ECDH:-AES128

In Linux, the ciphers available in the system may be listed using the command: openssl ciphers -v
or (for example): openssl ciphers -v '!SSLv3:DH+AES:ECDH:-AES128'

The openssl command lists ciphers of various strengths, including those used by SSL or TLS protocol versions. In order to ensure more robust encryption, the list may be filtered to allow only more secure ciphers.

In the above example, "!SSLv3" excludes all ciphers used with the older SSLv3. "DH+AES" includes ciphers that use DH or AES, but excludes those using RSA. "ECDH" includes protocols that use ECDH. "-AES128" filters the list of whatever ciphers may have been included in the previous list by excluding those which use AES with 128-bit encryption, but allows those with 256-bit or better.

Consult 'openssl' documentation for further information. 

Select the debugging level for TLS/SSL diagnostics.

The default level is 5 (notice). Use level 7 for a greater quantity of diagnostic messages in the Log File to troubleshoot connection problems. 

This property is hard-coded and indicates where the TLS/SSL debug messages may be found.

Only option is /var/log/messages 

Sets TCP socket options for the connection. This is an optional field, but if used for socket options it must begin with "socket = ". See stunnel documentation for further information.

Default value is "socket = l:TCP_NODELAY=1" 

Sets TCP socket options for the connection. This is an optional field, but if used for socket options it must begin with "socket = ". See stunnel documentation for further information.

Default value is "socket = r:TCP_NODELAY=1"

Param 1
Param 2
Param 3

Additional (optional) stunnel parameters.

If used, these fields must be formatted as proper 'stunnel' configuration options and will be placed verbatim in the stunnel.conf Linux configuration file.

 Enter a string that defines the port which will receive the connection, and an optional IP address. Some examples of port or "IP:port" are given below:

• 443
• 127.0.0.2:1883
• 192.168.1.2:3040 

Enter a string that defines the address and IP port to which a connection will be made after receiving a socket on the "Accept Connection" port. The address being connected to must be accessible using the system's DNS and routing rules. Some examples are:

• 10.1.2.1:443
• xyz.com:20000
• 127.0.0.3:3040

Select which network condition to monitor. For most conditions, the actual measured value is checked against VALUE property, using the comparison type specified in Criteria. A resulting action will be triggered if the Criteria is satisfied.

• No Criteria – Always trigger on MONITOR Interval (timed action).
• PING FAIL – Send one ping at a time (to one or more network addresses) and check the failure count. Trigger only occurs if pings to ALL addresses fail a number of sequential times as compared with VALUE. If "Interface or Register" property is set to a Linux interface (such as "eth0" or "ppp0"), that interface will be enforced for pings. Otherwise, leave Interface blank to send ping according to network routing rules.
• PING GOOD – Send one ping (to one or more network addresses) and check success counter. Trigger occurs if pings to ANY address succeeds a number of sequential times as compared with VALUE. If "Interface or Register" property is set to a Linux interface (such as "eth0" or "ppp0"), that interface will be enforced for pings. Otherwise, leave Interface blank to send ping according to network routing rules.
• READ REGISTER value – Read the value specified in Channel/RTU and compare with VALUE. The "Interface or Register" property must be set to the RTDB numeric register (e.g. 40001) or the register's Tag name.
• RX PACKET COUNT on Interface – Compare VALUE with the Linux network specified in the "Interface or Register" property (such as "eth0", "ppp0", etc.) for the total "RX packets" count in 'ifconfig'.
• RX PACKET ERROR on Interface – Compare VALUE with the Linux network specified in the "Interface or Register" property (such as "eth0", "ppp0", etc.) for the total RX packets "error" count in 'ifconfig'.
• # of STATIC ROUTES on Interface or all – Compare VALUE with the number of 'route' entries. If the "Interface or Register property specifies a Linux interface (such as "eth0", "ppp0", etc.), only count those. If Interface is left blank, then count all route entries on all interfaces.
• # of ESTABLISHED port connections – Compare VALUE with the number of entries in 'netstat' which have "ESTABLISHED" TCP connections. Set the "Interface or Register" property to be a specific numeric port number to check for ESTABLISHED connections, or leave it blank to check for all ports.
• # of FAILED PASSWORD login attempts – Compare VALUE with the number of "Failed password" entries in /var/log/auth.log. Login count resets on reboot or if a large auth.log file is reset by the log file management.
• # of ACCEPTED PASSWORD logins – Compare VALUE with the number of "Accepted password" entries in /var/log/auth.log. Login count resets on reboot or if a large auth.log file is reset by the log file management.

Select the criteria to use for detecting a trigger condition that will result in an Action. The measured value obtained from the Condition, above, is compared with the VALUE property of this NetMon instance. Criteria may be:

• Trigger if the measured value is "Greater than or equal to" the VALUE property (or "Greater than", "Less than or equal to", "Less than", "Equal to", or "Not equal to" VALUE). VALUE must be an integer number.

For the following options (Changed, Increased, Decreased), VALUE must be a positive integer (greater than zero). The current measured value is compared with the value obtained the last time the action was triggered, across multiple Monitor Intervals – except for the "NOT Increased" option, which is compared only with the previous Monitor Interval. On startup, the "last value" is set to current value the first time this NetMon instance runs.

• Changed ≥ Value – The action will occur whenever the measured value changes (increase or decrease) more than the amount specified in the VALUE property (must be positive integer). (NOTE that a number that wraps around positively or negatively will count as a change and cause a trigger.)
• Increased ≥ Value – The action will occur whenever the measured value increases more than the amount specified in the VALUE property (must be positive integer). A value that stays the same or decreases will NOT cause a trigger. (NOTE that a decreasing integer that wraps from 0 to a large maximum value will be counted as an increase. However, for an increasing integer that wraps around to a small number, the "last value" will be taken as 0 for comparison.)
• NOT Increased ≥ Value – The action will occur if the measured value does not increase more than the amount specified in the VALUE property (must be positive integer), as compared with the previous Monitor Interval. This can detect a value which should normally increase (such as network packet count or a PLC heartbeat) but stops incrementing for some reason. A value that stays the same or decreases will cause a trigger. (NOTE that a decreasing integer that wraps from 0 to a large value will be counted as an increase and not trigger. A large increasing integer that wraps to a small number will cause a trigger.)
• Decreased ≥ Value – The action will occur whenever the measured value decreases more than the amount specified in the VALUE property (must be positive integer). A value that stays the same or increases will NOT cause a trigger. (NOTE that an increasing integer that wraps from a large maximum value to 0 will be counted as a decrease. A decreasing integer that wraps from 0 to a large value will not be counted as a decrease.)

• For Condition options using a network interface (RX PACKET or ERROR count, STATIC ROUTES), this property should be set to the Linux interface name (such as "eth0" or "ppp0"). For STATIC ROUTES, leave it blank to count all route entries on all interfaces.
• For the READ REGISTER condition, this property should be set to the numeric register address in the RTDB (e.g. 40001) or the register's Tag name (up to 127 characters).
• For the ESTABLISHED Ports condition, this property can be set to a specific numeric TCP port, or leave it blank to check all ports.
• Otherwise, this field is ignored.

The Network Monitor may be used to control routing for installations including a Primary/Secondary network path that require static routes or default gateway to be changed dynamically.

For instance, a RediGate may have primary path on satellite and secondary path over cellular. The system might be set up with one NetMon instance sending a ping over satellite (only while on the primary path), which if it fails will switch routing to the cellular network. Another NetMon instance could run (only while on the secondary path) to send pings over the satellite to detect when the primary path becomes available again.

The Redundant Path property is used as an additional qualification to allow the Condition checking for this NetMon instance only when the network is on either the primary or secondary path.

• N/A – Set this to "N/A" if not using this NetMon instance for redundant path control.
• Action on Path 0 ONLY – Only check the Condition when the RediGate is on Path 0. The RediGate is assumed to be on Path 0 at startup and after running the Action "Switch to PATH 0".
• Action on Path 1 ONLY – Only check the Condition when the RediGate is on Path 1. The RediGate is assumed to be on Path 1 after running the Action "Switch to PATH 1".

If the NetMon instance verifies that a system or network Condition value meets the specified Criteria, an Action will be taken. Select an action from the following options:

• None – This option only results in the Monitor Register (below) being updated with the current system value used in the Condition checking, but otherwise no action is taken if the Criteria is satisfied.
• SEND PINGS – If Criteria is satisfied, send one or more pings to a network address. The number of pings to send is configured in the Ping Count property. The destination (IPv4 address or named server) must be configured in the Action Text property (which may be prefixed with ping options -I, -s, and/or -W).
• Switch to PATH 0 – Run the Linux command (or script) configured in the Action Text property, which will be considered as a change from Path 1 to Path 0. For instance, the command or script might add a static route, change default gateway, etc.
• Switch to PATH 1 – Run the Linux command (or script) configured in the Action Text property, which will be considered as a change from Path 0 to Path 1.
• Run SCRIPT – Run the Linux command (or script) configured in the Action Text property. This will not be considered to indicate a change between the redundant Path 0/Path 1 states.
• REGISTER WRITE – Write a value into an RTDB register location. The value to write is configured in the Action Text property (the value to write should be of an appropriate data type for the destination register type). The value is written to the database address specified by the NOTIFY Channel, NOTIFY Rtu, and Action Register properties.
• Restart ETHERNET Ports – Restart networking on all Ethernet ports with the Linux command: S40network restart
• Restart CELLULAR Ports – Reset cellular networking with the Linux command: S15cellmodem restart. This only applies when using an Elecsys internal modem.
• Restart CELL MODEM –  Power cycle and completely restart cellular modem networking with the Linux command: S11emux restart (on RediGate 100) or: S03emux restart (on RediGate 400). This only applies when using an Elecsys internal modem.
• RECONFIGURE – Issue 'reconfigure' command to restart RediGate operation and/or install newly loaded configuration. Reconfigure will be delayed 30 seconds after the Action is triggered.
• REBOOT Linux – Shutdown and restart the RediGate. Reboot will be delayed 30 seconds after the Action is triggered.

Text field containing properties used for several Action types (up to 255 characters).

• For SEND PINGS action, this property must contain the IP address or named server to ping. When using named server addresses, make sure DNS is used to resolve network names. Destination address can be prefixed with one or more ping options before the address, including:

-I iface    (uppercase 'I') specify ping on Linux interface 'iface' (e.g., "eth0")
-s size     (lowercase 's') send 'size' data bytes in each packet (default 56)
-W sec      (uppercase 'W') timeout of 'sec' seconds to wait for ping response (default 10)

For instance, if the desired Action is to ping the address 'www.google.com' 5 times, specifically over interface eth0, with a ping timeout of 15 seconds, the Ping Count would be 5, and the Action Text would be:  -I eth0 -W 15 www.google.com

• For Run SCRIPT or Switch to PATH actions, this property must contain the Linux command line (script or command, with all parameters) to execute.
• For REGISTER WRITE action, this property must be set to the value to be written into an RTDB register (integer, floating point number, Boolean 1 or 0, or string).
• For all other actions, this property is ignored. 

RTDB register address (or Tag name, up to 100 characters) to store the value of a system Condition whenever it is checked by the NetMon process after each 'MONITOR Interval' (if the current path matches the Redundant Path setting). Values stored for each Condition are:

• No Criteria – Store '1'.
• PING FAIL – Store count of failed pings on any address (single counter, resets to 0 if any ping is successful).
• PING GOOD – Store the largest successful ping count on any address.
• READ REGISTER value – Store value obtained from source RTDB register.
• RX PACKET COUNT on Interface – Store RX packet count (should be UINT32).
• RX PACKET ERROR on Interface – Store RX error packet count (should be UINT32).
• # of STATIC ROUTES on Interface or all – Store number of static route entries.
• # of ESTABLISHED port connections – Store number of ESTABLISHED port connections.
• # of FAILED PASSWORD login attempts – Store number of failed logins.
• # of ACCEPTED PASSWORD logins – Store number of successful logins.

RTDB register address (or Tag name, up to 100 characters) to store the result of an Action whenever it occurs (no change is made unless the Action occurs). Values stored for each Action are:

• None – Nothing is stored.
• SEND PINGS – Store number of successful pings resulting from Action (Note, this is different from the pings sent by the 'ping' Condition checking options).
• Switch to PATH 0 – Store '0' ('0' is also stored in /tmp/director/NetMonPath).
• Switch to PATH 1 – Store '1' ('1' is also stored in /tmp/director/NetMonPath).
• Run SCRIPT – Store the number of times the 'Action' has triggered the script to run.
• REGISTER WRITE – Store the value in the Action Text property. Note that the Action Register should be defined in the RTDB as the correct type (Strings can't be stored into Integer registers, etc.).
• Restart ETHERNET Ports – Store the number of times the 'Action' has triggered an Ethernet restart.
• Restart CELLULAR Ports – Store the number of times the 'Action' has triggered a cellular reset.
• Restart CELL MODEM – Store the number of times the 'Action' has triggered a hard reboot of the modem.
• RECONFIGURE – Store '1'.
• REBOOT Linux – Store '1'.

Set the default Debug Level of this NetMon instance at RediGate startup. Options are the same as in RediGate debugging menu: 0=Fatal Errors only, through 4=Data Dump/verbose output.

The additional option 5=Engineering (extra verbose) output generates even more diagnostic information in RediGate diagnostics and at the command line and is not generally intended for customer use.

The Debug Level for NetMon processes cannot currently be set within the normal RediGate diagnostics menu. However, a command line process can be used to change the Debug Level during operation. Contact Elecsys for details.