Tripp Lite 93-2879 User Manual

Page 174

Advertising
background image

_____________________________________________________________________

B096-016 B096-048 and B092-016 User Manual

Page 174

To override the standard modem initialization string, either use the Management Console
(refer to Chapter 5) or the command line config tool (refer to Dial-In Configuration Chapter
14).

Enabling Boot Messages on the Console

If you are not using a modem on the DB9 console port and instead wish to connect to it
directly via a Null Modem cable, you may want to enable verbose mode, allowing you to see
the standard linux start-up messages. This can be achieved with the following commands:

# /bin/config --set=config.console.debug=on # /bin/config --run=console # reboot

If at some point in the future you chose to connect a modem for dial-in out-of-band access,
the procedure can be reversed with the following commands.

# /bin/config --del=config.console.debug # /bin/config --run=console # reboot


15.4 IP- Filtering

Standard IP-Filter configuration:

The system uses the iptables utility to provide a stateful firewall of LAN traffic. By default, rules
are automatically inserted to allow access to enabled services, and serial port access via
enabled protocols. The commands which add these rules are contained in configuration files.

/etc/config/ipfilter

This is an executable shell script which is run whenever the LAN interface is brought up and
whenever modifications are made to the iptables configuration as a result of CGI actions or the
config command line tool.

The basic steps performed are as follows:

a) The current iptables configuration is erased.

b) If a customized IP-Filter script exists, it is executed and no other actions are performed.

c) Standard policies are inserted which will drop all traffic not explicitly allowed to and

through the system.

d) Rules are added which explicitly allow network traffic to access enabled services e.g.

HTTP, SNMP etc.

e) Rules are added which explicitly allow traffic network traffic access to serial ports over

enabled protocols e.g. Telnet, SSH and raw TCP.

Advertising
Popular Brands
Popular manuals