Users Guide
Configuring and Using the DRAC 5 Command LIne Console 61
Table 3-8 lists the user-defined parameters.
Enabling IP Blocking
The following example prevents a client IP address from establishing a session for five minutes if that
client has failed its five login attempts in a one-minute period of time.
racadm config -g cfgRacTuning -o cfgRacTuneIpRangeEnable 1
racadm config -g cfgRacTuning -o cfgRacTuneIpBlkFailCount 5
racadm config -g cfgRacTuning -o cfgRacTuneIpBlkFailWindows 60
racadm config -g cfgRacTuning -o cfgRacTuneIpBlkPenaltyTime 300
The following example prevents more than three failed attempts within one minute, and prevents
additional login attempts for an hour.
racadm config -g cfgRacTuning -o cfgRacTuneIpBlkEnable 1
racadm config -g cfgRacTuning -o cfgRacTuneIpBlkFailCount 3
racadm config -g cfgRacTuning -o cfgRacTuneIpBlkFailWindows 60
racadm config -g cfgRacTuning -o cfgRacTuneIpBlkPenaltyTime 3600
Connecting to the Managed System Through the Local Serial Port
or Telnet Management Station (Client System)
The managed system provides access between the DRAC 5 and the serial port on your system to enable
you to power on, power off, or reset the managed system, and access logs.
Table 3-8. Login Retry Restriction Properties
Property Definition
cfgRacTuneIpBlkEnable Enables the IP blocking feature.
When consecutive failures (cfgRacTuneIpBlkFailCount) from a
single IP address are encountered within a specific amount of time
(cfgRacTuneIpBlkFailWindow), all further attempts to establish a
session from that address are rejected for a certain timespan
(cfgRacTuneIpBlkPenaltyTime).
cfgRacTuneIpBlkFailCount Sets the number of login failures from an IP address before the login
attempts are rejected.
cfgRacTuneIpBlkFailWindow The timeframe in seconds when the failure attempts are counted.
When the failures exceed this limit, they are dropped from the
counter.
crgRacTuneIpBlkPenaltyTime Defines the timespan in seconds when all login attempts from an IP
address with excessive failures are rejected.