1. Manuals
  2. Brands
  3. Black Box Manuals
  4. Server
  5. LES1101A-R2
  6. User manual

Black Box LES1101A-R2 User Manual page 146

1101 and 1102 secure device servers
Hide thumbs Also See for LES1101A-R2:
Table of Contents

Advertisement

1101 and 1102 Secure Device Servers
If the standard system firewall configuration is not adequate for your needs you can bypass it safely by creating a file at /etc/config/filter-custom
containing commands to build a specialized firewall. This firewall script will run whenever the LAN interface is brought up (including initially) and will
override any automated system firewall settings.
Below is a simple example of a custom script that creates a firewall using the iptables command. Only incoming connections from computers on a
C-class network 192.168.10.0 will be accepted when this script is installed at /etc/config/filter-custom. Note that when this script is called, any pre-
existing chains and rules have been flushed from iptables:
#/bin/sh
# Set default policies to drop any incoming or routable traffic
# and blindly accept anything from the 192.168.10.0 network.
iptables –-policy FORWARD DROP
iptables –-policy INPUT DROP
iptables –-policy OUTPUT ACCEPT
# Allow responses to outbound connections back in.
iptables –-append INPUT \
–-match state –-state ESTABLISHED,RELATED –-jump ACCEPT
# Explicitly accept any connections from computers on
# 192.168.10.0/24
iptables –-append INPUT –-source 192.168.10.0/24 –-jump ACCEPT
There's good documentation about using the iptables command at the Linux netfilter website
particular peruse the tutorials listed on the netfilter HOWTO page.
To add more than one SNMP server for alert traps, add the first SNMP server using the Management Console or the command line config tool.
Secondary and any further SNMP servers are added manually using config.
Log in to the console server's command line shell as root or an admin user. Refer back to the Management Console UI or user documentation for
descriptions of each field.
To set the Manager Protocol field:
config --set config.system.snmp.protocol2=UDP or
config --set config.system.snmp.protocol2=TCP
To set the Manager Address field:
config --set config.system.snmp.address2=w.x.y.z
.. replacing w.x.y.z with the IP address or DNS name.
To set the Manager Trap Port field:
config --set config.system.snmp.trapport2=162
.. replacing 162 with the TCP/UDP port number
To set the Version field:
config --set config.system.snmp.version2=1 or
config --set config.system.snmp.version2=2c or
config --set config.system.snmp.version2=3
To set the Community field (SNMP version 1 and 2c only):
config --set config.system.snmp.community2=yourcommunityname
.. replacing yourcommunityname with the community name
To set the Engine ID field (SNMP version 3 only):
config --set config.system.snmp.engineid2=800000020109840301
.. replacing 800000020109840301 with the engine ID
146
. There are also many high-quality tutorials and HOWTOs available via the netfilter website, in
724-746-5500 | blackbox.com

Advertisement

Table of Contents
loading

Related Manuals for Black Box LES1101A-R2

Related Products for Black Box LES1101A-R2

This manual is also suitable for:

Les1102a11011102

Table of Contents