HP-UX Secure Resource Partitions (SRP) A.02.01 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Containers (SRP)

IPFilter Port

Numbers

Specifies the local TCP port numbers for IPFilter rules that allow inbound

packets.

Variable Name: ipf_tcp_ports.

Valid Input: One or more TCP port numbers each in the range 1- 65535,

separated by commas.

Default: 80,443. These are the IANA registered port numbers for HTTP and

HTTPS (SSL).

7.1.2.2 Configuration Data

If the compartment address is an IPv4 address, SRP adds IPFilter rules to the

/etc/opt/ipf/ipf.conf file. If the compartment address is an IPv6 address, SRP adds IPFilter

rules to the /etc/opt/ipf/ipf6.conf file.

SRP configures rules that allow inbound packets from any remote IP address to the compartment IP

address with the specified destination TCP port numbers. SRP inserts these rules at the top of the

IPFilter rules file and uses the quick keyword. The IPFilter configuration file already contains rules

from the base template to allow all outbound TCP, UDP, and ICMP packets from the compartment IP

address, as described in

Configuration Data.

7.1.3 The provision Service

The provision service executes the script /opt/hpsrp/bin/util/apache_setup to provision

(deploy) an apache service in the SRP compartment.

7.1.3.1 Input Data

SRP prompts for the following data. You can also specify a variable name and value in the command

line, as described in 13.1 Creating an SRP Compartment or Adding Data to a Compartment

Apache Web

Server Suite

Version

The HP-UX Webserver Suite version of Apache to be used to configure the template

Variable Name: wss_version.

Default: 3.0.

Copy Apache

data from

path

The directory from which you want to copy Apache data. The provision service

creates a copy of this subtree and its contents and installs it in the specified

data_path for use by the SRP compartment. The input for this variable is typically

the newconfig subdirectory under the Apache product directory.

Variable Name: data_src.

Default: /opt/hpws22/apache/newconfig.

Apache data

path

The target directory for the copied Apache data.

Variable Name: data_path.

Default: /var/hpsrp/compartment_name/opt/hpws22/apache.

Apache user

name

Specifies the Unix user name under

which the Apache processes in this compartment

will run.

Variable Name: user.

Default: www.

Apache HTTP

port number

Specifies the TCP port number on which the compartment Apache server will receive

HTTP requests.

Variable Name:

http_port