Manualshelf

Ignite-UX Administration Guide for HP-UX 11i (B3921-90079, October 2013)

ManualsBrandsHP ManualsSoftwareHP Ignite-UX
919293949596979899100
# ports required for Ignite-UX
############################################################
pass in log quick proto icmp from any to any icmp-type 8 keep state
pass in log quick proto tcp from any to any port = 512
pass in log quick proto tcp from any to any port = 514
pass in log quick proto tcp/udp from any port = 2049 to any keep frags
pass in log quick proto tcp/udp from any to any port 49152 >< 65535
c. In the IPFilter Module of Bastille, change the following line to Yes if it is not already.
Should Bastille setup basic firewall rules with these properties?
d. Run Bastille.
# bastille -b -f your_configuration_file
6. If a Bastille baseline had been created for the system, update that baseline.
# bastille_drift --save_baseline baseline
Configuring Ignite to Replace TFTP with NFS
Beginning with Ignite-UX version C.7.9, it is possible to configure the Ignite-UX loadfile utility
to use NFS instead of TFTP for network access to the Ignite server. This allows users to avoid use
of TFTP except during direct network boot of the install kernel. The TFTP protocol can be avoided
entirely if the system being installed is booted from media (including vMedia) or via the bootsys
command.
Overview
In order to use this functionality, minor modifications to Ignite-UX configuration files might have be
made to the Ignite-UX server system. These modifications fall into the following categories:
Add a keyword to the appropriate configuration files instructing Ignite to use NFS instead of
TFTP.
Ensure config files are located in an acceptable directory that is NFS-mounted during the
installation. Make sure the INDEX file refers to the config files in their new (C.7.9 and later)
locations as outlined below.
Disable the TFTP daemon.
NOTE: Because of changes necessary to replace TFTP with NFS, beginning with C.7.9 the
locations of three Ignite product files have moved. Ignite automatically creates symbolic links from
the old file to the new file location. These files are:
Table 7 Ignite Product Files Moved in Version C.7.9 and Later
C.7.9 and Later LocationPre-C.7.9 Location
/opt/ignite/data/Version/opt/ignite/Version
/var/opt/ignite/data/INDEX/var/opt/ignite/INDEX
/var/opt/ignite/data/config.local/var/opt/ignite/config.local
Procedure
1. Add the _hp_loadfile_use_nfs keyword.
HP recommends placing this in the config section of the install file system. Use your
environment’s HP-UX version and install file system in the following commands.
First, change the working directory to the release-specific boot directory and grab the config
content:
# cd /opt/ignite/boot/Rel_B.11.31
# instl_adm -d > /tmp/ifs.cfg
92 Security