Raritan Computer SX48 用户手册

48 D

OMINION 

SX

 

I

NSTALLATION AND 

O

PERATIONS 

M

ANUAL

 

 
aclcfg move <pos1> <pos2> 
  

Move the ipacl rule at <pos1> to <pos2>. 

 
aclcfg delete <pos1> [pos2] 
 Delete can have one or two parameters, if there is one parameter, then this command will delete the rule at 
<pos1>. If there are two parameters, then this command will delete the entire range of rules between and 
inclusive of <pos1> and <pos2>. 
 
aclcfg add <startingIP> <endingIP> <denyflag> <logFlag> 
 
 For the range of IP's specified between <startingIP> and <endingIP> this will either deny, if <denyflag > is 
1, or allow, if <denyflag> is 0, access to the DominionSX. If <logFlag> is 1, it will also log any connection 
attempt that this IPACL rule catches to the Syslog facility. 
  
If you wish to allow or deny a specific IP address, just set the starting and ending IP to that particular 
address.  

admin:Command>aclcfg add 1.2.3.4 1.2.3.4 0 0 
(add a rule allowing IP 1.2.3.4 to connect, do not log connections) 
 
admin:Command>aclcfg add 1.2.3.11.2.3.255 1 1 
(add a rule denying and logging any connection attempt from the IP range 1.2.3.1 to 1.2.3.255) 
 
admin:Command>aclcfg del 0 
(delete the rule at position 0) 
 
admin:Command>aclcfg del 2 7 
(delete rules 2 through 7) 
 
admin:Command>aclcfg move 2 4 
(move the rule from position 2 to position 4 in the list) 
 

 To enable syslogging of these ipacl messages, the kernel syslog messages must be configured using the 
following: 
1) "cfglog kernel <parameters>" see the cfglog section for parameter values  

 

2) "log start kernel" will start the syslog messages 

 

3) "log status kernel" will display the kernel's sylog configuration