Manualshelf

Virtual TapeServer 6.04.03 for NonStop Servers Supplemental Installation Guide

ManualsBrandsHP ManualsServerHP NonStop G-Series
21222324252627282930
22 | Enabling Instant DR and AutoCopy
-A INPUT -p tcp -m state --state RELATED -j ACCEPT
Allows connections that are of a related state only. A related connection is a new
connection that is associated with an existing connection.
-A INPUT -p icmp -j ACCEPT
Allows ICMP traffic (ping and traceroute). This is not required but is helpful when
troubleshooting network issues.
-A INPUT -i eth1 -j REJECT --reject-with icmp-port-unreachable
Rejects all traffic with the exception of the preceding rules.
-A INPUT -p tcp -m state --state INVALID -j REJECT
--reject-with icmp-port-unreachable
Sends a rejected notification to the invalid sender. You can change REJECT to DROP
to drop the traffic without a rejection notification. Note that this should be entered on
one line.
COMMIT
Causes the preceding commands to take effect.
3. Save and close the file.
4. Enter the following commands:
chkconfig iptables on
service iptables restart
At this point, all TCP/IP traffic is blocked except for SSH, RSH, and ICMP (ping and
traceroute) traffic.
5. Repeat these steps on each source VTS server.
Now, complete the configuration steps described in the Virtual TapeServer Operations and
Administration Guide.