Manualshelf

Virtual TapeServer 6.03.41 Installation Guide

ManualsBrandsHP ManualsServerHP NonStop G-Series
919293949596979899100
Enabling Instant DR and AutoCopy | 81
iptables -A INPUT -p tcp -m state --state RELATED -j ACCEPT
Only allows connections that are of a related state. A related connection is a new
connection that is associated with an existing connection.
iptables -A INPUT -p icmp -j ACCEPT
Allows ICMP traffic through (ping and traceroute). This is not required but is helpful
when troubleshooting network issues.
iptables -A INPUT -i eth1 -j REJECT
Rejects all traffic with the exception of the preceding rules.
iptables -A INPUT -p tcp -m state --state INVALID -j REJECT
Sends a rejected notification to the invalid sender. You can change REJECT to DROP
to drop the traffic without a rejection notification.
3. Save and close the file.
4. Open the /etc/rc.d/rc.local file for editing.
5. Insert the following line:
sh /etc/iptables_script &
6. Save and close the file.
7. Reboot the server. When you reboot, all TCP/IP traffic is blocked except SSH, RSH, and
ICMP (ping and traceroute).
8. Repeat these steps on each VTS server.
Now, complete the configuration steps described in the Virtual TapeServer Operations and
Administration Guide.