Enable the Virtual I/O Server firewall
to control IP activity.
The
Virtual I/O Server firewall
is not enabled by default. To enable the
Virtual I/O Server firewall,
you must turn it on by using the
viosecure command with
the
-firewall option. When you enable it, the default setting
is activated, which allows access for the following IP services:
- ftp
- ftp-data
- ssh
- web
- https
- rmc
- cimom
Note: The firewall settings are contained in the file viosecure.ctl in
the /home/ios/security directory. If for some reason
the viosecure.ctl file does not exist when you run the command to enable the
firewall, you receive an error. You can use the -force option
to enable the standard firewall default ports.
You can use the
default setting or configure the firewall settings to meet the needs of your
environment by specifying which ports or port services to allow. You can also
turn off the firewall to deactivate the settings.
Use the following tasks at the Virtual I/O Server command
line to configure the Virtual I/O Server firewall
settings:
- Enable the Virtual I/O Server firewall
by running the following command:
viosecure -firewall on
- Specify the ports to allow or deny, by using the following command:
viosecure -firwall allow | deny -port number
- View the current firewall settings by running the following command:
viosecure -firewall view
- If you want to disable the firewall configuration, run the following
command:
viosecure -firewall off
Subscribe to this information