Cluster I/O Protocols (CIP) Configuration and Management Manual (H06.16+, J06.05+)
--log-uid
Log the userid of the process which generated the packet.
Example 1:
Both syslog and EMS display the message.
climiptables –A CIP_INPUT –j LOG --log-level info --log-prefix
“LOGDROP”
climiptables –A CIP_INPUT –j DROP
Example 2:
The message is only logged in the syslog not in EMS.
climiptables –A CIP_INPUT –j LOG --log-level debug --log-prefix
“LOGDROP”
climiptables –A CIP_INPUT –j DROP
reject
Used to send back an error packet in response to the matched packet: otherwise it is equivalent
to DROP so it is a terminating TARGET, ending rule traversal. The following option controls the
nature of the error packet returned:
--reject-with type
The type given for iptables can be
icmp-net-unreachable
icmp-host-unreachable
icmp-port-unreachable
icmp-proto-unreachable
icmp-net-prohibited
icmp-host-prohibited
icmp-admin-prohibited
ERROR MESSAGES
climconfig iptables requires options/commands. Try 'climconfig iptables -h' for more information.
climconfig iptables Error: File /etc/clim/climiptables/state does not exist.
climconfig iptables Error: Cannot open the file /etc/clim/climiptables/state: error-code
Error: invalid version string 'version', file ‘/etc/clim/climiptables/state’.
Error: version string major, minor is not compatible, file ‘/etc/clim/climiptables/state’.
climconfig iptables Error: Invalid climiptables state file.
climconfig iptables Error: max prefix length for '--log-prefix' is 25
climconfig iptables Error: Deleting/Appending/Renaming/Flushing a rule from/to the Linux built-in
chain 'xxx’ is not allowed.
climconfig iptables Error: Deleting/Appending/Renaming/Flushing a rule from/to the CIP policy
chain is not allowed.
CONSIDERATIONS
None.
EXAMPLES
> climcmd n1002583 climconfig iptables -S
-N ftp
-N telnet
-A CIP_INPUT -p tcp -m tcp --dport 20:21 -j ftp
345