Raritan Computer SX16 사용자 설명서
48 D
OMINION
SX
I
NSTALLATION AND
O
PERATIONS
M
ANUAL
aclcfg move <pos1> <pos2>
Move the ipacl rule at <pos1> to <pos2>.
aclcfg delete <pos1> [pos2]
Delete can have one or two parameters, if there is one parameter, then this command will delete the rule at
<pos1>. If there are two parameters, then this command will delete the entire range of rules between and
inclusive of <pos1> and <pos2>.
aclcfg add <startingIP> <endingIP> <denyflag> <logFlag>
For the range of IP's specified between <startingIP> and <endingIP> this will either deny, if <denyflag > is
1, or allow, if <denyflag> is 0, access to the DominionSX. If <logFlag> is 1, it will also log any connection
attempt that this IPACL rule catches to the Syslog facility.
If you wish to allow or deny a specific IP address, just set the starting and ending IP to that particular
address.
USAGE EXAMPLE:
admin:Command>aclcfg add 1.2.3.4 1.2.3.4 0 0
(add a rule allowing IP 1.2.3.4 to connect, do not log connections)
admin:Command>aclcfg add 1.2.3.11.2.3.255 1 1
(add a rule denying and logging any connection attempt from the IP range 1.2.3.1 to 1.2.3.255)
admin:Command>aclcfg del 0
(delete the rule at position 0)
admin:Command>aclcfg del 2 7
(delete rules 2 through 7)
admin:Command>aclcfg move 2 4
(move the rule from position 2 to position 4 in the list)
(add a rule allowing IP 1.2.3.4 to connect, do not log connections)
admin:Command>aclcfg add 1.2.3.11.2.3.255 1 1
(add a rule denying and logging any connection attempt from the IP range 1.2.3.1 to 1.2.3.255)
admin:Command>aclcfg del 0
(delete the rule at position 0)
admin:Command>aclcfg del 2 7
(delete rules 2 through 7)
admin:Command>aclcfg move 2 4
(move the rule from position 2 to position 4 in the list)
NOTE:
To enable syslogging of these ipacl messages, the kernel syslog messages must be configured using the
following:
1) "cfglog kernel <parameters>" see the cfglog section for parameter values
following:
1) "cfglog kernel <parameters>" see the cfglog section for parameter values
2) "log start kernel" will start the syslog messages
3) "log status kernel" will display the kernel's sylog configuration