Tripp Lite B093-004-2E4U-V Owner's Manual

Loading ...

244

15. Advanced Conﬁguration

15.4 IP Filtering

The console server uses the iptables utility to provide a stateful ﬁrewall of LAN trafﬁc. By default, rules are automatically

inserted to allow access to enabled services and serial port access via enabled protocols. The commands that add these rules

are contained in conﬁguration ﬁles:

/etc/conﬁg/fw.rules

This is an executable shell script that runs whenever the LAN interface is brought up. Modiﬁcations are made to the iptables

conﬁguration because of CGI actions or the conﬁg command line tool.

The basic steps are as follows:

• Running iptables conﬁguration is erased; per-interface and other standard system chains are installed.

• Fall through Block rules (default deny) are installed.

• Serial & Network: Services policies are installed in per-interface chains.

• Custom Serial & Network: Firewall rules are inserted at the top of the rule sets, taking priority over any other conﬁguration.

If you require further ﬁrewall customization, extra rules can be persisted by creating a ﬁle at /etc/conﬁg/scripts/ﬁrewall-post

containing iptables commands to amend the ﬁrewall policy.

Documentation about using the iptables command can be found at the Linux netﬁlter website http://netﬁlter.org/

documentation/index.html. Many tutorials are also available at the netﬁlter website, in particular, the tutorials listed on the

netﬁlter how-to page.

15.5 SNMP Status Reporting

All console servers contain an SNMP Service (snmpd) which provides on-demand status information. snmpd is an SNMP

agent that binds to a port and awaits requests from SNMP management software. Upon receiving a request, it processes the

request(s), collects the requested information and/or performs the requested operation(s) and returns the information to the

sender.

Note: Initially, only advanced console server models were equipped with an SNMP Service. With ﬁrmware version 3.0 (and later), this

support was extended to all console servers. Also, the MIBS were extended (and renamed for compliance) with this ﬁrmware release.

All console servers can also be conﬁgured to send SNMP traps/messages to multiple remote SNMP Network Managers on

deﬁned trigger events. Refer to 7. Alerts, Auto-Response and Logging for conﬁguration details

15.5.1 Retrieving Status Information using SNMP

Console servers can provide serial and device status information via SNMP. This includes:

• Serial port status

• Active users

• Remote Power Control (RPC) and Power Distribution Unit (PDU) status

• Environmental Monitoring Device (EMD) status

• Signal alert status

• Environmental alert status

• UPS alert status

The MIBs in your console server are located in /etc/snmp/mibs.

TL-STATUS-MIB.mib – This new MIB contains serial and connected device status information (for snmpstatusd &

snmpalertd).

TL-STATUSv2-MIB.mib – This new MIB contains extended status and alert.

TL-SMI-MIB.mib – Enterprise structure of management information.

TLTRAP-MIB.mib – SMIv1 traps from old MIBS (as smilint will not let SMIv1 structures coexist with SMIv2).

Loading ...

Tripp Lite B093-004-2E4U-V 4-Port Console Server with 4G LTE Cellular Gateway, Dual GbE NIC, 4Gb Flash and Dual SIM