Cyclades AlterPath BladeManager Manuál s instrukcemi Strana 67
- Strana / 240
- Tabulka s obsahem
- KNIHY
Hodnocené. / 5. Na základě hodnocení zákazníků
Chapter 4: Administration Introduction 53
Firewall/Packet Filtering on the MergePoint 5224/5240 SP
Manager
Packet filtering on the SP manager is controlled by chains and rules that are configured in iptables.
For more details about predefined chains and rules, see Chains on page 53 and Rules on page 54.
Both the Web Manager and the cli utility provide a way for the administrator to add rules and to
edit or delete any added rules:
• Because the SP manager filters packets like a firewall, the Web Manager menu option under
Network is titled Firewall.
• The cli utility provides the iptables command to perform the same tasks, because when rules
are added, edited or deleted, the corresponding iptables are updated.
By default, the SP manager does not forward any traffic between private and public networks. The
administrator might want to add rules to allow some limited communications between specific
target devices on the private network and the public network.
CAUTION: It is possible for an administrator to create rules that circumvent the access controls on a
target device.
Chains
A chain is a kind of named profile that includes one or more rules that define the following:
• A set of characteristics to look for in a packet
• What to do with any packet with all the defined characteristics
The SP manager comes with a number of built
-in chains with hidden rules that are preconfigured to
control communications between target devices that are connected to the private Ethernet ports and
devices on the public side of the SP manager. The default chains are defined in filter and nat
iptables. The mangle table is not used.
The built
-in chains are named according to the type of packets they handle, as shown in the
following lists. The first three chains are in the iptables filter table: INPUT, OUTPUT
and FORWARD.
The three chains in the nat table are: PREROUTING, POSTROUTING and OUTPUT. These
chains implement NAT (network address translation) including the redirecting of packets
addressed to a virtual IP to the target device’s real IP address and the hiding of the target device’s
real IP address when the target device sends packets to the authorized user.
- MergePoint™ 1
- 5224/5240 1
- USA Notification 2
- Canadian Notification 2
- MergePoint™ 5224/5240 3
- Service Processor Manager 3
- Table of Contents 5
- Table of Contents v 7
- List of Figures 11
- List of Tables 13
- Installation Introduction 15
- MERGEPOINT 16
- Modem Types and Options 18
- Power Management Unit Options 18
- -tilt bar 19
- Basic Installation Procedures 21
- Connecting Devices 24
- Advanced Installation Topics 31
- Telephone 32
- Administration Introduction 35
- SP Manager 38
- User and Group Configuration 39
- Security Profiles 39
- Services 41
- Telnet service configuration 42
- Telnet client configuration 42
- DHCP client 42
- DHCP server 43
- IPSec VPN connections 48
- PPTP VPN connections 50
- Manager 52
- Syslog servers 53
- Private Ethernet ports 53
- Public Ethernet ports 53
- Failover 53
- Ethernet media configuration 54
- Dial-in and Callback Access 55
- Power Management Options 57
- Target Device Configuration 59
- 5224/5240 SP Manager 64
- -in chains 69
- Using the Web Manager 71
- Dialogs in the Web Manager 73
- Web Manager Wizard 74
- Configuring routes 76
- Configuring failover 76
- Upgrading IPDU Software 82
- Configuring the AUX Port 83
- - AUX Port menu option 84
- Configuring PC Cards 86
- -down menu on the PCMCIA 88
- -down menu on the 88
- - Date/time menu option 88
- Local boot options 89
- Network boot options 90
- Configuring Outbound Email 91
- # gunzip 92
- Configuring Target Devices 93
- Configuring Users and Groups 95
- Configuring Device Groups 97
- - Authentication menu option 100
- -down menu 100
- 5240 SP Manager 104
- Configuring Notifications 104
- - Notifications menu option 105
- -down menu. If the 105
- Configuring Sensor Alarms 107
- Configuring SNMP 110
- - SNMP menu option 113
- - Host settings menu option 115
- Configuring Hosts 117
- Configuring Static Routes 118
- Configuring VPN Connections 118
- Viewing System Information 121
- - Product upgrades 123
- - Restart menu option 124
- Administration Tasks Not 125
- Performed in the Web Manager 125
- -mounted directory 128
- -t ext2 /dev/hdc1 /mnt/opie/) 128
- -in or Telnet connection: 131
- Configuring the DHCP Server 134
- -q priv0" 136
- -ins Using cli 136
- -flow type to both 137
- -flow both 137
- Configuring Routes With cli 141
- Saving Configuration Changes 142
- saveconf 143
- MergePoint5224 login: root 145
- Password: password 145
- -out] [retries] 150
- Using the cli Utility 157
- Interactive mode 158
- Batch mode 158
- Autocompletion 162
- Enter> 163
- Parameters that can be added 165
- -source <IPaddress>] 174
- Default: no setting 178
- Appendices 179
- Login failure 180
- Web manager stops responding 181
- Firmware image is corrupted 181
- Target device types 183
- Appendices 171 185
- Appendices 173 187
- Using the sptemplate utility 188
- Appendices 179 193
- Appendices 181 195
- Why define private subnets? 196
- Configuring a private subnet 197
- Appendices 189 203
- Appendices 191 205
- Appendices 193 207
- IP: 192.168.4.22 208
- Appendices 195 209
- Appendices 199 213
- Boot file location 214
- Changing the boot image 216
- <N> completed 219
- Appendix E: Technical Support 222
- Numerics 223
- Index 211 225
- Index 213 227
- Index 215 229
- Index 217 231
- Index 219 233
- Index 221 235
- Index 223 237
Související produkty a manuály pro Servery Cyclades AlterPath BladeManager
(202 stránky)© 2020, manymanuals.cz. Všechna práva vyhrazena. | 0.018 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentáře k této Příručce