Veritas Access Administrator's Guide
- Section I. Introducing Veritas Access
- Section II. Configuring Veritas Access
- Adding users or roles
- Configuring the network
- Configuring authentication services
- Section III. Managing Veritas Access storage
- Configuring storage
- Configuring data integrity with I/O fencing
- Configuring ISCSI
- Veritas Access as an iSCSI target
- Configuring storage
- Section IV. Managing Veritas Access file access services
- Configuring your NFS server
- Setting up Kerberos authentication for NFS clients
- Using Veritas Access as a CIFS server
- About Active Directory (AD)
- About configuring CIFS for Active Directory (AD) domain mode
- About setting trusted domains
- About managing home directories
- About CIFS clustering modes
- About migrating CIFS shares and home directories
- About managing local users and groups
- Configuring Veritas Access to work with Oracle Direct NFS
- Configuring an FTP server
- Configuring your NFS server
- Section V. Managing the Veritas Access Object Store server
- Section VI. Monitoring and troubleshooting
- Section VII. Provisioning and managing Veritas Access file systems
- Creating and maintaining file systems
- Considerations for creating a file system
- Modifying a file system
- Managing a file system
- Creating and maintaining file systems
- Section VIII. Configuring cloud storage
- Configuring the cloud gateway
- Configuring cloud as a tier
- About policies for scale-out file systems
- Section IX. Provisioning and managing Veritas Access shares
- Creating shares for applications
- Creating and maintaining NFS shares
- Creating and maintaining CIFS shares
- Using Veritas Access with OpenStack
- Integrating Veritas Access with Data Insight
- Section X. Managing Veritas Access storage services
- Deduplicating data
- Compressing files
- About compressing files
- Compression tasks
- Configuring SmartTier
- Configuring SmartIO
- Configuring episodic replication
- Episodic replication job failover and failback
- Configuring continuous replication
- How Veritas Access continuous replication works
- Continuous replication failover and failback
- Using snapshots
- Using instant rollbacks
- Configuring Veritas Access with the NetBackup client
- Section XI. Reference
Changing the firewall settings
# firewall status
Displays whether the current firewall status is enabled or disabled.
Network> firewall status Firewall status : DISABLED Network>
# firewall enable
Enables the firewall setting to allow specific IPs to connect to the ports while blocking the other connections.
Network> firewall enable ACCESS net INFO V-288-0 Firewall successfully enabled Network>
# firewall disable
Disables the firewall setting and allow connections on any port from any IP. The applied rules do not work when the firewall setting is disabled.
Network> firewall disable It is not advisable to disable firewall. Do you want you continue (y/n): y ACCESS net INFO V-288-0 Firewall successfully disabled Network>
# firewall rule list
Displays the list the firewall rules set on the cluster nodes by the user.
Network> firewall rule list iptype filter interface client protocols sport dport match_state ======= ======= ========== ======= ========== ====== ====== ============ ipv4 INPUT pubeth0 ALL tcp 101 102 NEW ipv6 INPUT pubeth0 ALL tcp 101 102 NEW ipv4 INPUT pubeth0 ALL udp 101 102 NEW ipv6 INPUT pubeth0 ALL udp 101 102 NEW ipv4 INPUT pubeth1 ALL tcp 101 102 NEW ipv6 INPUT pubeth1 ALL tcp 101 102 NEW ipv4 INPUT pubeth1 ALL udp 101 102 NEW ipv6 INPUT pubeth1 ALL udp 101 102 NEW ipv4 INPUT pubeth2 ALL tcp 101 102 NEW ipv6 INPUT pubeth2 ALL tcp 101 102 NEW ipv4 INPUT pubeth2 ALL udp 101 102 NEW ipv6 INPUT pubeth2 ALL udp 101 102 NEW ipv4 INPUT pubeth3 ALL tcp 101 102 NEW ipv6 INPUT pubeth3 ALL tcp 101 102 NEW ipv4 INPUT pubeth3 ALL udp 101 102 NEW ipv6 INPUT pubeth3 ALL udp 101 102 NEW access7310.Network>
# firewall rule add
Adds the iptable rule in the current iptable configuration.
# firewall rule add
iptype: Network IP type ipv4 or ipv6. Allowed values are ipv4/ ipv6/ ipv4,ipv6.
Filter: Specifies the iptable chain filter type. Allowed values are INPUT or OUTPUT.
Interface: Name of the network interface by which the packet is received. If you enter "ALL", an iptable entry is added for all public interfaces which are in control of the product.
Client: Source IP from which the packet is received. ALL should be entered to apply the rule to all sources.
Protocols: Allowed values are tcp, udp, icmp and tcp,udp. When (tcp,udp) is given, two separate rules will be added, one for each protocol.
Sport: Port through which the packet leaves the machine. The ALL option applies the rule to all the ports. NONE option is used to unspecify a port or enter specific port number.
Note:
sport and dport both cannot have NONE value at the same time.
Dport: Port through which the packet is received. The ALL option applies the rule to all the ports. NONE option is used to unspecify a port or enter specific port number.
Note:
sport and dport both cannot have NONE value at the same time.
match_state: Match state for the connection. Enter NONE if you do not want to specify any state. Match state can be NEW/ ESTABLISHED/ RELATED.
# firewall rule remove
Removes the rule from the current iptable configuration.
# firewall rule remove