Cyclades-TS Installation & Service Manual Cyclades Corporation
Cyclades-TS Installation & Service Manual Version 1.3.3 release 1 – July 2002 Copyright (C) Cyclades Corporation, 2001-2002 We believe the information in this manual is accurate and reliable. However, we assume no responsibility, financial or otherwise, for any consequences of the use of this product or Installation & Service Manual.
Table of Contents CHAPTER 1 HOW TO USE THIS MANUAL....................................................................................................... 8 CHAPTER 2 SAFETY INSTRUCTIONS ............................................................................................................. 9 USING YOUR CYCLADES-TS ......................................................................................................................... 9 WORKING INSIDE THE CYCLADES-TS ....................................
Centralized Management - Include File ........................................................................................................... 61 CHAPTER 7 UPGRADES AND TROUBLESHOOTING .................................................................................. 65 Upgrades ......................................................................................................................................................... 65 Troubleshooting ........................................................
The DHCP (Dynamic Host Configuration Protocol) Client .............................................................................. 85 Data Buffering .................................................................................................................................................. 87 Packet Filtering using ipchains ........................................................................................................................
APPENDIX F CONFIGURATION WIZARD.................................................................................................... 138 Using Wizard through CLI ............................................................................................................................. 138 Using Wizard through WEB ........................................................................................................................... 148 APPENDIX G GENERATING ALARM AND SYSLOG .............................
Reference ...................................................................................................................................................... 199 APPENDIX K TIMEZONE ................................................................................................................................
Cyclades-TS Installation & Service Manual CHAPTER 1 HOW TO USE THIS MANUAL This manual assumes that the reader understands networking basics and is familiar with the terms and concepts used in Local and Wide Area Networking. The Cyclades-TS is a Linux-based terminal server, which gives it great flexibility. It runs an embedded version of the Linux operating system and Unix and Linux users will find the configuration process very familiar.
Cyclades-TS Installation & Service Manual CHAPTER 2 SAFETY INSTRUCTIONS Use the following safety guidelines to protect yourself and your Cyclades-TS. USING YOUR CYCLADES-TS CAUTION: Do not operate your Cyclades-TS with the cover removed. · In order to avoid shorting out your Cyclades-TS when disconnecting the network cable, first unplug the cable from the equipment and then from the network jack.
Cyclades-TS Installation & Service Manual WORKING INSIDE THE CYCLADES-TS NOTICE: Do not attempt to service the Cyclades-TS yourself, except following instructions from Cyclades Technical Support personnel. If this is the case, first take the following precautions: · Turn the Cyclades-TS off. · Ground yourself by touching an unpainted metal surface on the back of the equipment before touching anything inside it. REPLACING THE BATTERY A coin-cell battery maintains date and time information.
Cyclades-TS Installation & Service Manual CHAPTER 3 WHAT IS IN THE BOX The Cyclades-TS is a line of console access and terminal servers. There are several models with differing numbers of serial ports. The following figures show the main units and accessories included in each package and how cables should be connected. The loop-back connector is provided for convenience in case hardware tests are necessary.
Cyclades-TS Installation & Service Manual Cyclades-TS2000 Back View 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 90-240VAC Ethernet 10/100Base-T 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 Console 16 On/Off Switch Cross Cable (Same as Console Cable) Connect to a DTE Device Wall Outlet Power Cable Console Cable Modem Cable Connect to a COM Serial Port Connect to a modem or to a null-modem adaptor ////////// Installation Manual Loop-Back Connector Mounting Kit FIGURE 3
Cyclades-TS Installation & Service Manual Cyclades-TS1000 Back View 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 Ethernet 10/100Base-T 90-240VAC CYCLADES TS1000 Console On/Off Switch Cross Cable (Same as Console Cable) Connect to a DTE Device Wall Outlet Power Cable Console Cable Modem Cable Connect to a COM Serial Port Connect to a modem or to a null-modem adaptor ////////// Installation Manual Loop-Back Connector Mounting Kit FIGURE 3.
Cyclades-TS Installation & Service Manual Cyclades-TS800 Back View On/Off Ethernet DC IN Console 1 0 On/Off Switch Power Cable Modem Cable To Wall Outlet Cross Cable (Same as Console Cable) Connect to a DTE Device Console Cable Connect to a modem or to a null-modem adaptor ////////// Installation Manual Loop-Back Connector FIGURE 3.
Cyclades-TS Installation & Service Manual Cyclades-TS400 Back View On/Off Ethernet DC IN Console 1 0 On/Off Switch Power Cable Modem Cable To Wall Outlet Cross Cable (Same as Console Cable) Connect to a DTE Device Console Cable Connect to a modem or to a null-modem adaptor ////////// Installation Manual Loop-Back Connector FIGURE 3.
Cyclades-TS Installation & Service Manual Cyclades-TS100 Front View Back View Power Cable Console Cable Connect to a COM Serial Port To Wall Outlet Installation Manual Loop-Back Connector DB-9 Female to DB-25 Male connector FIGURE 3.
Cyclades-TS Installation & Service Manual CHAPTER 4 QUICK INSTALLATION GUIDE For users familiar with networking, command line interface in Linux or WEB, this chapter gives all the necessary information to quickly configure and start using the Cyclades-TS box. For more detailed information, the next two chapters should be read. Configuring using Web The Cyclades-TS box comes with an IP address pre-configured on its Ethernet interface (192.168.160.10).
Cyclades-TS Installation & Service Manual WARNING! Type root in the username field and tslinux in the password field to use the Web Configuration Manager. Change the root password as soon as possible: the user database for the Web Configuration Manager is different than the system user database, so the root password can be different. FIGURE 4.1 LOGIN PAGE OF THE WEB CONFIGURATION MANAGER After logging in, the screen shown in Figure 4.2 appears.
Cyclades-TS Installation & Service Manual FIGURE 4.
Cyclades-TS Installation & Service Manual This page gives a brief description of all menu options. To change the password: 1. Click on the link Web User Management->Users 2. Select the user root, then click on the Change Password button. 3. Type the new password twice and submit the request. 4. The next page will require a new login, type root and the new password 5. Click on the link Web User Management->Load/Save Configuration and click on the Save Configuration button. 6.
Cyclades-TS Installation & Service Manual FIGURE 4.
Cyclades-TS Installation & Service Manual A Menu of links is provided along the left side of the page. A summary of what each link leads to is shown in the following figures. Link Name General Syslog Serial Ports Serial Port Groups Host Table Static Routes IP Chains Boot Configuration Edit Text File System Users System Groups Description of Page Contents Description, Ethernet, DNS, Name Service Access, Data Buffering. Configuration for the syslog-ng. Configuration for the Portslave package.
Cyclades-TS Installation & Service Manual Link Name Logout Reboot Port Conversation Download/Upload Image Load/Save Configuration Set Date/Time Active Sessions Process Status Restart Processes Description of Page Contents Exits the Web Manager. Resets the equipment. Does a port conversation through a serial port. Uses an FTP server to load and save a kernel image. Uses flash memory or an FTP server to load or save the TS's configuration. Set the TS's date and time.
Cyclades-TS Installation & Service Manual Configuring using Telnet The Cyclades-TS box comes with an IP address pre-configured on its Ethernet interface (192.168.160.10). To access that box using telnet please do as follows: Step 1: From the working station, issue a command to add a route pointing to the network 192.168.160.0 reached through the workstation’s Ethernet interface. For Linux, the command would be: route add -net 192.168.160.
Cyclades-TS Installation & Service Manual CHAPTER 5 SUMMARY OF THE CONFIGURATION PROCESS The Cyclades-TS can be used as a: • console server, • terminal server, • remote access server. A detailed description of each of these profiles is provided in the next chapter. The Cyclades-TS’s operating system is embedded Linux. Even if you are a Unix user and find the tools and files familiar, do not configure this product as you would configure a regular Linux server.
Installation & Service Manual Cyclades-TS D. Change password for root and new users. The default /etc/passwd file has the user “root” with password “tslinux”. The customer should change the password for user root as soon as possible. Before changing any password or adding new users the customer should also activate shadow password, if it is needed. The Cyclades-TS has support for shadow password, but it is not active by default. To activate shadow password follow the steps listed below: 1.
Cyclades-TS Installation & Service Manual 5. Remove the temporary user boo. # deluser boo 6. Change the password for all users and add the new ones needed. # passwd or # adduser 7. Edit config_files file and add a line with “/etc/shadow”. E. Edit the pslave.conf file. This is the main configuration file that concentrates most product parameters and defines the functionality of the Cyclades-TS. The modifications made to this file will depend on the profile. F. Activate the changes. G.
Cyclades-TS Installation & Service Manual CHAPTER 6 CONFIGURATION This chapter guides you step by step through the configuration of the Cyclades-TS for the three principal applications: 1. Console Server, 2. Terminal Server, and 3. Remote Access Server. Many steps are common to both, so please read the entire chapter before beginning. STEP ONE Connect a PC or terminal to the Cyclades-TS using the console cable.
Cyclades-TS Installation & Service Manual STEP TWO Any configuration change must be saved in flash once validated. To save in flash run saveconf (seen later in this chapter). To validate a configuration run signal_ras hup and check for the ending results (seen later in this chapter). In this step, four Linux files must be modified to identify the Cyclades-TS and its neighbors. Then, the boot parameters are configured.
Cyclades-TS Installation & Service Manual The fourth file defines static routes and is called /etc/network/st_routes. In the console server example in Figure 6.5, the PR1000 is the gateway router and thus its IP address is configured in this file to be the default gateway. Other static routes are also configured in this file. route add default gw 200.200.200.5 FIGURE 6.4 CONTENTS OF THE /ETC/NETWORK/ST_ROUTES FILE NOTE: We strongly recommend to use 9600 bps console speed.
Cyclades-TS Installation & Service Manual Radius Authentication Server, Syslog Server, Name Server IP Address: 200.200.200.2 Internet Workstation TS1000 Ethernet Interface IP Address: 200.200.200.1 Socket Port 7008 192.168.1.108 TS1000 Socket Port 7002 192.168.1.102 Socket Port 7001 192.168.1.101 Cyclades-PR1000 Ethernet Interface: 200.200.200.5 Workstation 200.200.200.4 Serial Connections Speed: 9.6 K FIGURE 6.
Cyclades-TS Installation & Service Manual parameters: conf.* parameters are global or apply to the Ethernet interface; all.* parameters are used to set default parameters for all ports, and s#.* parameters change the default port parameters for individual ports. An all.* parameter can be overriden by a s#.* parameter appearing later in the pslave.conf file (or vice-versa). A brief description of each parameter used for the console server profile is given in Figures 6.6-6.7. Parameter Description conf.
Cyclades-TS Installation & Service Manual Parameter Description conf.facility This value (0-7) is the Local facility sent to the syslog. The file /etc/syslogng/syslog-ng.conf contains a mapping between the facility number and the action (see more in Appendix G). This value (0-7) is the Local facility sent to the syslog with the data when syslog_buffering and/or alarm are active. The file /etc/syslog-ng/syslogng.conf contains a mapping between the facility number and the action (see more in Appendix G).
Cyclades-TS Installation & Service Manual Parameter Description all.
Cyclades-TS Installation & Service Manual Parameter Description all.radtimeout This is the timeout (in seconds) for a Radius/TacacsPlus authentication query to be answered. The first server (authhost1) is tried "radretries" times, and then the second (authhost2), if configured, is contacted "radretries" times. If the second also fails to respond, Radius/TacacsPlus authentication fails. Defines the number of times each Radius/TacacsPlus server is tried 5 before another is contacted.
Cyclades-TS Installation & Service Manual Parameter Description all.poll_interval Valid only for protocols socket_server, socket_ssh and raw_data. When not set to zero, this parameter sets the wait for a TCP connection keep-alive timer (in milliseconds). If no traffic passes through the Cyclades-TS for this period of time, the Cyclades-TS will send a line status message to the remote device to see if the connection is still up. If not configured, 1000 ms is assumed.
Cyclades-TS Parameter Installation & Service Manual Description all.data_buffering Value for This Example 0 A non zero value activates data buffering (local or remote, according to what was configured in the parameter conf.nfs_data_buffering seen before). If local data buffering, a file is created on the Cyclades-TS; if remote, a file is created through NFS in a remote server. All data received from the port is captured in this file.
Cyclades-TS Installation & Service Manual Parameter Description all.dont_show_DB menu When zero, a menu with data buffering options is shown when a nonempty data buffering file is found. When 1, the data buffering menu is not shown. When 2, the data buffering menu is not shown but the data buffering file is shown if not empty. When 3, the data buffering menu is shown, but without the erase and show and erase options.
Cyclades-TS Parameter Installation & Service Manual Description all.admin_users Value for This Example peter, john, user_group This parameter determines which users can open a sniff session, which is where other users connected to the very same port can see everything that a first user connected is doing. The other users connected to the very same port can also cancel the first user’s session (and take over). If all.
Cyclades-TS Installation & Service Manual Parameter Description all.idletimeout Valid only for the CAS profile (protocols socket_server, socket_ssh raw_data and modbus). Specifies how long (in minutes) a connection can remain inactive before it is cut off. If set to zero (the default), the connection will not time out. Tty settings after a socket connection to that serial port is established.
Cyclades-TS Installation & Service Manual Parameter Description s1.
Cyclades-TS Installation & Service Manual 2. From the console, ping 200.200.200.2 to make sure the Radius authentication server is reachable. 3. Make sure that the physical connection between the Cyclades-TS and the servers is correct. A cross cable (not the modem cable provided with the product) should be used. Please see the hardware specifications appendix for pin-out diagrams. 4. The Cyclades-TS has been set for communication at 9600 bps, 8N1.
Cyclades-TS Installation & Service Manual STEP THREE - TERMINAL SERVER The terminal server profile allows a terminal user to access a server on the LAN. The terminal can be either a dumb terminal or a terminal emulation program on a PC. No authentication is used in this example and rlogin is chosen as the protocol. LAN Linux Server IP: 200.200.200.3 ETH0 IP: 200.200.200.1 TS1000 VT100 Terminal Port 16 Speed: 9600 Port 1 PC Running Terminal Application (VT100) FIGURE 6.
Cyclades-TS Installation & Service Manual later in the pslave.conf file (or vice-versa). A brief description of each parameter used for the terminal server profile is given in Figures 6.9-6.10. Parameter Description Value for This Example conf.eth_ip The IP address of the Ethernet interface. This parameter, along with the 200.200.200.1 next two, is used by the cy_ras program to OVERWRITE the file /etc/network/ifcfg_eth0 as soon as the command "signal_ras hup" is executed.
Cyclades-TS Installation & Service Manual Parameter Description all.speed The speed for all ports. This value (as for any "all." parameters) can later be overridden for individual ports using the s.speed parameter. The data size for all ports. The number of stop bits for all ports The parity for all ports. DCD signal (sets the tty parameter CLOCAL). Valid values are 0 or 1. In a socket session, if all.
Cyclades-TS Installation & Service Manual Parameter Description all.authhost1 This address indicates the location of the Radius/TacacsPlus authentication server and is only necessary if this option is chosen in the previous parameter. A second Radius/TacacsPlus authentication server can be configured with the parameter all.authhost2.
Cyclades-TS Parameter all.issue all.prompt all.term all.flow all.socket_port all.userauto s1.tty s16.tty Installation & Service Manual Description Value for This Example This text determines the format of \r\n\ TSLINUX - Portslave Internet Services\n\ the login banner that is issued when \r\n\ Welcome to terminal server %h port S%p \n\ a connection is made to the \r\n\ Customer Support: 510-770-9727 Cyclades-TS. \n represents a new www.cyclades.com/\n\ line and \r represents a carriage \r\n return.
Cyclades-TS Installation & Service Manual 2. From the console, ping 200.200.200.3 to make sure the server is reachable. 3. Make sure that the physical connection between the Cyclades-TS and the terminals is correct. A cross cable (not the modem cable provided with the product) should be used. Please see the hardware specifications appendix for pin-out diagrams. 4. The Cyclades-TS has been set for communication at 9600 bps, 8N1. The terminals must also be configured with the same parameters. 5.
Cyclades-TS Installation & Service Manual Syslog Server IP: 200.200.200.3 LAN Radius Authentication Server IP: 200.200.200.2 ETH0 IP:200.200.200.1 TS2000 Port 1 Speed: 57600 Port 32 Modem Modem IP: 200.200.200.42 Modem Modem PC PC IP: 200.200.200.11 FIGURE 6.11 REMOTE ACCESS SERVER APPLICATION The fifth configuration file (the first four were described in step two) is specific to the Cyclades-TS and a sample file with comments is supplied in the Linux file system.
Cyclades-TS Installation & Service Manual Parameter Description conf.eth_ip The IP address of the Ethernet interface. This parameter, along with the next two, is used by the cy_ras program to OVERWRITE the file /etc/network/ifcfg_eth0 as soon as the command "signal_ras hup" is executed. The file /etc/network/ifcfg_eth0 should not be edited by the user unless the cy_ras application is not going to be used. The mask for the Ethernet network.
Cyclades-TS Installation & Service Manual Parameter Description all.speed The speed for all ports. This value (as for any "all." parameters) can later be overridden for individual ports using the s.speed parameter. The data size for all ports. 8 The number of stop bits for all ports 1 The parity for all ports.
Cyclades-TS Installation & Service Manual Parameter Description all.accthost1 This address indicates the location of the Radius/TacacsPlus accounting server, which can be used to track how long users are connected after being authorized by the authentication server. Its use is optional. If this parameter is not used, accounting will not be performed. If the same server is used for authentication and accounting, both parameters must be filled with the same address.
Cyclades-TS Installation & Service Manual Parameter all.initchat Description Modem initialization string. all.flow This sets the flow control to hardware, software, or none. PPP options to auto-detect a ppp session. The cb-script parameter defines the file used for callback and enables negotiation with the callback server. Callback is available in combination with Radius Server authentication. When a registered user calls the TS, it will disconnect the user, then call the user back.
Cyclades-TS Installation & Service Manual FIGURE 6.13 REMOTE ACCESS SERVER PSLAVE.CONF PORT-SPECIFIC PARAMETERS (CONTINUED) Parameter Description s1.tty The device name for the port is set to the value given in this parameter. If a device name is not provided for a port, it will not function. See the s1.tty entry in this table. s32.tty Value for This Example ttyS1 ttyS32 FIGURE 6.13 REMOTE ACCESS SERVER PSLAVE.
Cyclades-TS Installation & Service Manual STEP FOUR - FOR ALL PROFILES TS100 owners, please skip to the special section on the TS100 later in this chapter, then return to this section to continue with step four. Restart the cy_ras process using its process ID. This can be done by executing the command: signal_ras hup This executes the ps command, searches for the cy_ras process id, then sends the signal HUP to the process, all in one step.
Cyclades-TS Installation & Service Manual Information applicable only to the Cyclades-TS100 Since there are two physical interfaces available in the Cyclades-TS100, RS-232 and RS-485, this model requires the configuration of the parameter described in the Figure 6.14. Parameter all.media or* s1.media Description For the TS100 only.
Cyclades-TS Installation & Service Manual After rebooting the TS100, the initial configuration is complete. Clustering Clustering has been added to the Cyclades-TS with firmware version 1.3.0 (except for the TS100). It allows the stringing of Terminal Servers so that one master Cyclades-TS can be used to access all Cyclades-TSs on a LAN.
Cyclades-TS 7303 Installation & Service Manual 7302 7035 7301 7034 7033 7003 7002 7001 Port Numbers LAN Cyclades-TS Slave 2 Ethernet IP Address: 20.20.20.3 Cyclades-TS Slave 1 Ethernet IP Address: 20.20.20.2 Cyclades-TS Master Ethernet IP Address: 20.20.20.1 Secondary Address: 209.81.55.110 Management Workstation IP Address: 20.20.20.10 Cyclades-PR1000 Router Ethernet IP Address: 209.81.55.111 Remote Management Workstation FIGURE 6.16 EXAMPLE USING THE CLUSTERING FEATURE.
Cyclades-TS Installation & Service Manual The Master Cyclades-TS must contain references to the Slave ports. The configuration described earlier for Console Access Servers should be followed with the following exceptions for the Master and Slaves: Master Configuration: Parameter Description conf.eth_ip Ethernet Interface IP address. conf.eth_ip_alias Secondary IP address for the Ethernet Interface (needed for clustering feature). conf.eth_mask_alias Mask for secondary IP address above. all.
Cyclades-TS Installation & Service Manual Parameter s35.tty s35.serverfarm s35.ipno etc. for s36-s64 S65.tty S65.serverfarm S65.ipno S66.tty S66.serverfarm S66.ipno S67.tty S67.serverfarm S67.ipno etc. for s68-s96 Description See s33.tty. An alias for this port. See s33.ipno. Value for This Example 20.20.20.2:7035 Server_on_slave1_serial_s3 0.0.0.0 The format of this parameter is IP_of_Slave:[slave_socket_port] for non-master ports. The value 7301 was chosen arbitrarily for this example.
Cyclades-TS Installation & Service Manual Parameter all.protocol all.authtype conf.eth_ip all.socket_port Value for This Example Socket_server None 20.20.20.3 7301+ FIGURE 6.18 CYCLADES-TS CONFIGURATION FOR SLAVE 2 (WHERE IT DIFFERS FROM THE STANDARD CAS PROFILE) To access ports from the remote management workstation, use telnet with the secondary IP address: Telnet 209.81.55.110 7001 to access the first port of the Master Cyclades-TS Telnet 209.81.55.
Cyclades-TS Installation & Service Manual Cyclades-TS Unit 2 Cyclades-TS IP address: Unit 1 10.0.0.2/8 IP address: 10.0.0.1/8 Cyclades-TS Unit 3 IP address: 10.0.0.3/8 Server where master configuration file is stored /etc/portslave/TScommon.conf FIGURE 6.19 EXAMPLE OF CENTRALIZED MANAGEMENT The abbreviated pslave.conf and /etc/hostname files in each unit, for the example are: unit 1: unit1 FIGURE 6.20 /ETC/HOSTNAME FILE IN UNIT 1 conf.eth_ip conf.eth_mask conf.include 10.0.0.1 255.0.0.
Cyclades-TS Installation & Service Manual unit 2: unit2 FIGURE 6.22 /ETC/HOSTNAME FILE IN UNIT 2 conf.eth_ip conf.eth_mask conf.include 10.0.0.2 255.0.0.0 /etc/portslave/TScommon.conf FIGURE 6.23 PSLAVE.CONF FILE IN UNIT 2 unit 3: unit3 FIGURE 6.24 /ETC/HOSTNAME FILE IN UNIT 1 conf.eth_ip conf.eth_mask conf.include 10.0.0.3 255.0.0.0 /etc/portslave/TScommon.conf FIGURE 6.25 PSLAVE.
Cyclades-TS Installation & Service Manual conf.host_config unit1 conf.host_config unit2 conf.host_config unit3 conf.host_config .end FIGURE 6.26 TSCOMMON.CONF FILE When this file is included, unit1 would read only the information between “conf.host_config unit1” and conf.host_config unit2".
Cyclades-TS Installation & Service Manual CHAPTER 7 UPGRADES AND TROUBLESHOOTING Upgrades All 6 files added by Cyclades to the standard Linux files are in the /proc/flash directory.
Cyclades-TS Installation & Service Manual NOTE: Due to space limitations, the new zImage file may not be downloaded with a different name, then renamed. The TS searches for a file named zImage when booting and there is no room in flash for two zImage files. To make sure the downloaded file is not corrupted or that the zImage saved in flash is OK, run: md5sum -b /proc/flash/zImage Now check with the information present in the text file saved in the Cyclades site (e.g. zImage.132.md5sum).
Cyclades-TS Installation & Service Manual j. The TS should begin to boot off the network and the new image will be downloaded and begin running in RAM. At this point, follow the upgrade steps above (login, cd /proc/flash, ftp, and so forth) to save the new zImage file into flash again. NOTE: possible causes for the loss of flash memory: downloaded wrong zImage file, downloaded as ASCII instead of binary; problems with flash memory.
Cyclades-TS File /etc/ssh/ssh_host_dsa_key /etc/ssh/ssh_host_dsa_key.pub /etc/snmp/snmpd.conf /etc/portslave/pslave.conf /etc/network/ifcfg_eth0 /etc/network/ifcfg* /etc/network/ifcfg_lo /var/run/radsession.id /home /etc/network/st_routes /etc/syslog-ng/syslog-ng.conf Installation & Service Manual Program sshd (ssh2) sshd (ssh2) snmpd cy_ras, portslave, TS configuration information ifconfig eth0, cy_ras, rc.sysinit ifconfig, cy_ras, rc.sysinit ifconfig lo, cy_ras, rc.
Cyclades-TS Installation & Service Manual step 1) signal_ras stop. step 2) Perform all hardware tests needed. step 3) signal_ras start. Port Test Either a cross cable or a loop-back connector is necessary for this test. Their pinout diagrams are supplied in appendix B. Connect the loop-back connector to the modem cable and then connect the modem cable to the port to be tested (or connect a cross cable between two ports to be tested).
Cyclades-TS Installation & Service Manual on the screen (which also occurs if the loop-back connector is removed), the port is not functioning correctly. A second method that can be used to test the port is to connect it to a modem with a straight cable. Begin the test and type “at”. The modem should respond with “OK”, which will appear on the screen. Other commands can be sent to the modem or to any other serial device.
Cyclades-TS Installation & Service Manual This is because the test is receiving the DTR signal sent through the DCD and DSR pins. When Ctrl-R is typed, the Xs in the RTS and CTS columns should move together. If the Xs change position as described, the signals are being sent and received correctly.
Cyclades-TS Installation & Service Manual If the password or username was forgotten, execute the following commands: passwd saveconf reboot For configuration problems, the user has two options: 1. Edit the file(s) causing the problem with vi, then execute the commands saveconf reboot 2. Reset the configuration by executing the commands: echo 0 > /proc/flash/script reboot If the problem is due to an upgrade/downgrade, a second downgrade/upgrade will be necessary to reverse the process.
Cyclades-TS Installation & Service Manual If the Cyclades-TS is reachable, see if the /bin/webs process is running by executing the command ps. If it is not, type /bin/webs & to start it. If the /bin/webs process is not being initialized during boot, change the file /etc/inittab. 2. How to restore the default configuration of the Web Configuration Manager This would be required only when the root password was lost or the configuration file /etc/websum.conf was damaged.
Cyclades-TS Installation & Service Manual Using a different speed for the serial console The serial console is originally configured to work at 9600 bps. If the customer wants to change that, it is necessary to run bootconf. The user will be presented with the screen: Current configuration MAC address assigned to Ethernet [00:60:2e:00:16:b9] IP address assigned to Ethernet interface [192.168.160.
Cyclades-TS Installation & Service Manual APPENDIX A INFORMATION FOR USERS NOT FAMILIAR WITH LINUX Users and Passwords A username and password are necessary to log in to the Cyclades-TS. The user “root” is predefined, with a password tslinux. A password should be configured as soon as possible to avoid unauthorized access. Type the command: passwd to create a password for the root user.
Installation & Service Manual Cyclades-TS /home /bin /dev /etc /lib /proc /mnt /opt /tmp /usr /var Contains the work directories of system users. Contains applications and utilities used during system initialization. Contains files for devices and ports. Contains configuration files specific to the operating system. Contains shared libraries. Contains process information Contains information about mounted disks. Location where packages not supplied with the operating system are stored.
Installation & Service Manual Cyclades-TS Other commands allow the user to change directories and see the contents of a directory. pwd Supplies the name of the current directory. While logged in, the user is always "in" a directory. The default initial directory is the user's home directory, /home/ ls [options] directory_name Lists the files and directories within directory_name. Some useful options are -l for more detailed output and -a which shows hidden system files.
Cyclades-TS Installation & Service Manual Entering the program, the user is automatically in the command mode.
Installation & Service Manual Cyclades-TS The Routing Table The Cyclades-TS has a static routing table that can be seen using the commands route or netstat -rn The file /etc/network/st_routes shown in Figure 6.5 is the Cyclades-TS’s method for configuring static routes.
Installation & Service Manual Cyclades-TS The command to start an ssh client session from a Unix workstation is ssh -t @ where = :ttySnn or :socket_port or :ip_addr or :serverfarm Note: “serverfarm” is a physical port alias. It can be configured in the file pslave.conf. An example: username: TS1000 IP address: host name: servername for port 1: cyclades 192.168.160.1 ts1000 file_server ttyS1 addressed by IP 10.0.0.1 or socket port 7001.
Cyclades-TS Installation & Service Manual ssh -t cyclades:7001@ts1000 (openssh 3.1p1 or later - Cyclades-TS V_1.3.2 or later -> ssh2 will be used) ssh -t -1 cyclades:7001@ts1000 (openssh 3.1p1 or later - Cyclades-TS V_1.3.
Cyclades-TS Installation & Service Manual Note 1: Some ssh clients do not allow just this type of authentication, for security reasons. Note 2: To access the serial port, the TS must be configured for local authentication. Note 3: No root user should be used as username. 2. Only RhostsRSAAuthentication yes in sshd_config • One of the RhostsAuthentication above settings • Client machine’s host key ($ETC/ssh_host_key.pub) copied into the TS /tmp/known_hosts file.
Cyclades-TS Installation & Service Manual • client start-up command: ssh -t 4. Only PasswdAuthentication yes in sshd_config • Removal of TS’s *.equiv, ~/.?hosts, *known_hosts, and *authorized_keys files • client startup command: ssh –t -l or ssh –t –l Configuring sshd’s client authentication using SSH Protocol version 2 1.
Installation & Service Manual Cyclades-TS PID 1 31 32 36 154 Uid root root root root root State S S S S R Command /sbin/inetd /sbin/sshd /sbin/cy_ras /sbin/cy_wdt_led wdt led /ps -a To restart the cy_ras process use its process ID or execute the command: signal_ras hup This executes the ps command, searches for the cy_ras process id, then sends the signal HUP to the process, all in one step. Never kill cy_ras with the signals -9 or SIGKILL.
Cyclades-TS Installation & Service Manual • status (active or inactive) - if this item is not active, the script will not be executed. • user - the process will be run with the privileges of this user, who must be a valid local user. • source - pathname of the crontab file. When the /etc/crontab_files file contains the following line: active root /etc/tst_cron.src and the /etc/tst_cron.src file contains the following line: 0-59 * * * * /etc/test_cron.sh crond will execute the script listed in test_cron.
Cyclades-TS Installation & Service Manual The DHCP client on the Ethernet Interface can be configured in two different ways, depending on the action the Cyclades-TS should take in case the DHCP server does not answer the IP address request: 1. No action is taken and no IP address is assigned to the Ethernet Interface (most common configuration): • Set the global parameter conf.dhcp_client to 1 • Comment all other parameters related to the Ethernet Interface (conf.eth_ip, etc.
Cyclades-TS Installation & Service Manual Two files are related to DHCP: /bin/handle_dhcp - the script which is run by the DHCP client each time an IP address negotiation takes place. /etc/network/dhcpcd_cmd - contains a command that activates the DHCP client (used by the cy_ras program).
Cyclades-TS Installation & Service Manual The shell script /bin/build_DB_ramdisk creates a 4 Mbyte ramdisk for the TS3000. Use this script as a model to create customized ramdisks for your environment. Any user-created scripts should be listed in the file /etc/ user_scripts because rc.sysinit executes all shell scripts found there. This avoids changing rc.sysinit itself. Data buffering can be done in local files or in remote files through NFS.
Cyclades-TS Installation & Service Manual I - Insert a condition in a specified location in the chain. L - List all conditions in the chain. F - Flush (remove) all conditions in the chain. N - Create a new chain.
Cyclades-TS Installation & Service Manual target is one of the following: ACCEPT DENY the name of another chain interface is: eth0 (The Ethernet interface is the only option on the Cyclades-TS.) Lists do not need to be associated to an interface, so this option may be omitted. To save changes made using the ipchains command, execute fwset. This command will save the filter configuration in the file /etc/network/firewall and then save the file in flash memory.
Installation & Service Manual Cyclades-TS ipchains -A input -p tcp -s ! 200.200.200.4 -d 200.200.200.1 7001:7032 -j DENY ipchains -A input -p tcp -s ! 200.200.200.4 -d 0.0.0.0/0 22 -j DENY ts_menu Script to Simplify telnet and ssh Connections (Note: This feature is only available for firmware versions 1.2.x and above) The ts_menu script can be used to avoid typing long telnet or ssh commands. It presents a short menu with the names of the servers connected to the serial ports of the Cyclades-TS.
Installation & Service Manual Cyclades-TS > ts_menu Master and Slaves Console Server Connection Menu 1 2 3 4 5 64.186.161.113/TSJen800 64.186.161.82 /edson-r4.Cyclades.com 64.186.161.84 /az84.Cyclades.com 64.186.190.85 64.186.161.85 /az85.Cyclades.com Type 'q' to quit, a valid option [1-5], or anything else to refresh: Selecting 1 in this example, and the user will access the local serial ports on that Cyclades-TS. In case the user selects 2 through 5, remote serial ports will be accessed.
Installation & Service Manual Cyclades-TS To access remote serial ports, the presentation will follow a similar approach as the one used for local serial ports. The ts_menu script has the following line options: -p : Displays Ethernet IP Address and TCP port instead of server names Cyclades-TS: Serial Console Server Connection menu 1 209.81.55.79 7001 2 209.81.55.79 7002 3 209.81.55.79 7003 4 209.81.55.79 7004 5 209.81.55.79 7005 6 209.81.55.
Cyclades-TS Installation & Service Manual APPENDIX B HARDWARE SPECIFICATIONS AND CABLING General Hardware Specifications The power requirements, environmental conditions and physical specifications of the Cyclades-TS are listed in the table below.
Cyclades-TS Installation & Service Manual PHYSICAL SPECIFICATIONS TS100 External 2.76in x 3.35 Dimensions in x 1.18 in Weight 0.3 lb TS400 8.5in x 4.75in x 1in 1.5 lb TS800 8.5in x 4.75in x 1in 1.6 lb TS1000 17in x 8.5 in x 1.75 in 6 lb TS2000 17in x 8.5 in x 1.75 in 6.2 lb TS3000 17in x 8.5 in x 1.
Cyclades-TS Installation & Service Manual RS-232 is now mostly being used to connect DTE devices directly (without modems or communication lines in between). While that was not the original intention, it is possible with some wiring tricks.
Cyclades-TS Installation & Service Manual • If your application is outside the above limits (high speed, long distances), you will need better quality (low- impedance, low-capacitance) cables. Successful RS-232 data transmission depends on many variables that are specific to each environment. The general rules above are empirical and have a lot of safety margins built-in. Connectors The connector traditionally used with RS-232 is the 25-pin D-shaped connector (DB-25).
Cyclades-TS RS-232 Signal Chassis TxD RxD DTR DSR DCD RTS CTS Gnd Installation & Service Manual Name/Function (Input/Output) Safety Ground Transmit Data (O) Receive Data (I) Data Terminal Ready (O) Data Set Ready (I) Data Carrier Detect (I) Request To Send (O) Clear To Send (I) Signal Ground DB-25 pins (Standard) 1 2 3 20 6 8 4 5 7 DB-9 pins (Standard) Shell 3 2 4 6 1 7 8 5 RJ-45 pins (Cyclades) Shell 3 6 2 8 7 1 5 4 Straight-Through vs.
Cyclades-TS To Connect To DCE DB-25 Female (standard) - Analog Modems - ISDN Terminal Adapters DTE DB-25 Male or Female (standard) - Serial Terminals - Old PC COM ports - Most serial printers - Some Console Ports - Most automation devices DTE DB-9 Male or Female (standard) - Newer PC COM ports - Most Mice and pointing devices - Some automation devices DTE RJ-45 Cyclades (custom) - All Cyclades Console Ports DTE RJ-45 Netra (custom) - Sun Netra Console Ports - Cisco Console Ports Installation & Service Man
Cyclades-TS Installation & Service Manual cable would connect the TxD with RxD, DTR with DCD/DSR, and RTS with CTS across both sides. A “simplified” crossover cable would cross TxD and RxD and locally short-circuit DTR with DCD/DSR and RTS with CTS. Most of the diagrams in this document show the “complete” version of the crossover cables, with support for modem control signals and hardware flow control.
Cyclades-TS Installation & Service Manual Cable #2: Cyclades RJ-45 to DB-25 Female/Male, Crossover Application: It connects Cyclades products (serial ports) to console ports, terminals, printers and other DTE RS-232 devices.
Cyclades-TS Installation & Service Manual Cable #3: Cyclades RJ-45 to DB-9 Female, Crossover Application: It connects Cyclades products (serial ports) to console ports, terminals, printers and other DTE RS-232 devices.
Cyclades-TS Installation & Service Manual Cable #4: DB-9 Female to DB-25 Female, Crossover Application: It connects the Cyclades-TS100 (serial port) to terminals, printers and other DTE RS-232 devices.
Cyclades-TS Installation & Service Manual Cable #5: Cyclades RJ-45 to Cyclades RJ-45, Crossover Application: Usually used to connect two ports of a Cyclades product (“loopback”) for testing purposes.
Cyclades-TS Installation & Service Manual Cable #6: Cyclades RJ-45 to Netra RJ-45, Crossover Usually used in console management applications to connect Cyclades products to a Sun Netra server or to a Cisco product.
Cyclades-TS Installation & Service Manual Loop-Back Connector for Hardware Test The use of the following DB-25 connector is explained in the Troubleshooting chapter. 2 3 4 5 6 8 20 DB-25 Male to DB-9 Female Adapter The following adapter may be necessary.
Cyclades-TS Installation & Service Manual Cabling Information Applicable only to the TS100 The RS-485 Standard The RS-485 is another standard for serial communication and is available only in the Cyclades-TS100. Different from the RS-232, the RS-485 uses fewer wires - either two wires (one twisted pair) for half duplex communication or four wires (two twisted pairs) for full duplex communication. Another RS-485 characteristic is the “termination”.
Cyclades-TS Installation & Service Manual 9 and block connector. In this case, the DB-9 pins used in an RS-232 connection can be considered not connected. Cable diagrams Cable #1: DB-9 Female to DB-9 Female, Crossover half duplex Application: It connects the Cyclades-TS100 (serial port) DTE RS-485 devices with half duplex communication.
Cyclades-TS Installation & Service Manual Cable #3: Block Connector to Block Connector, Crossover half duplex Application: It connects the Cyclades-TS100 (serial port) to DTE RS-485 devices with half duplex communication.
Cyclades-TS Installation & Service Manual APPENDIX C SAMPLE PSLAVE.CONF FILES The pslave.conf file with all possible parameters and their descriptions is presented first. The pslave.conf files for the three examples configured in chapter 6 follow. The Complete pslave.conf File Provided with the Cyclades-TS # # pslave.conf Sample server configuration file. # # The Terminal Server uses a virtual terminal concept. Virtual terminals are # named s1, s2, etc.
Cyclades-TS Installation & Service Manual # # # # # # # # # # # # # # # # # # %L: %p: %P: %b: %i: %j: %1: %2: %3: %4: %c: %m: %t: %r: %I: %T: %h: %%: # # # # # # # # Generic SAMPLE: all async ports at 9600 bps, 8N1, no flow control Eth IP address 192.169.160.10/24 (MTU=1500) protocol socket_server host IP 192.168.160.8/24 Radius Server IP 192.168.160.
Cyclades-TS Installation & Service Manual # the file /etc/network/dhcpcd_cmd. # # Valid values 0: DHCP disabled (default) # 1: DHCP active # 2: DHCP active and the TS saves in flash the last ip assigned # by the DHCP server. This option requires changes in the # files /etc/config_files and /etc/network/dhcpcd_cmd # # SEE Cyclades-TS manual for more information. # #conf.dhcp_client 1 conf.eth_ip 192.168.160.10 conf.eth_mask 255.255.255.0 conf.eth_mtu1500 # # Secondary IP address of ethernet # #conf.
Cyclades-TS Installation & Service Manual # operating system. # conf.lockdir/var/lock # # Location of the rlogin binary that accepts the "-i" flag. # conf.rlogin /usr/local/bin/rlogin-radius # # Location of our patched pppd with Radius linked in. # conf.pppd /usr/local/sbin/pppd # # Location of the telnet utility. This can be the system telnet. (Optional) # conf.telnet /bin/telnet # # Location of ssh utility. This can be the system SSH. (Optional) # conf.
Cyclades-TS Installation & Service Manual # can be configured using a combination of group names and user names. # #conf.group mkt: paul, sam # #conf.group adm: joe, mark # #s1.users mkt, joe # #s2.users adm, sam # # Speed. All ports are set to 9600 baud rate, 8 bits, No parity, 1 stop bit. # These values can be changed port by port later in the file. # all.speed 9600 all.datasize 8 all.stopbits 1 all.parity none # # Media type - define media type and operation mode (half/full) duplex.
Cyclades-TS Installation & Service Manual # If the authentication type is configured as "RadiusDownLocal" the portslave # first tries to authenticate using the radius server. If the Radius server # sends back a rejection, authentication will fail. Local authentication # will be tried only if the Radius server is down (timeout). # all.authtype none # # Authentication host and accounting host. Two of each can be configured # per port. The first is tried 'radretries' times before the # second is tried.
Cyclades-TS Installation & Service Manual # # IP Address assigned to the serial port. # The '+' after the value causes the interfaces to have # consecutive ip addresses. Ex. 192.168.1.101, 192.168.1.107, etc. # # The IP number of a port is used when the RADIUS # server does not send an IP number, or if it tells us to use a dynamic IP no. # all.ipno 192.168.1.101+ all.netmask 255.255.255.255 # # Maximum reception/transmission unit size for the port # all.mtu 1500 all.
Cyclades-TS Installation & Service Manual # who has accessed the Terminal Server and what they did. # all.sysutmp 1 all.syswtmp 0 all.utmpfrom "%p:%P.%3.%4" # # Use initchat to initialize the modem. # # d == delay (1 sec), p == pause (0.1 sec), l == toggle DTR # r == , l == # #all.initchat TIMEOUT 10 \ # "" \d\l\dATZ \ # OK\r\n-ATZ-OK\r\n "" \ # TIMEOUT 10 \ # "" ATM0 \ # OK\r\n "" \ # TIMEOUT 3600 \ # RING "" \ # STATUS Incoming %p:I.
Installation & Service Manual Cyclades-TS # all.dcd 0 # # PPP options - used if a PPP session is autodetected. # Note that mru and mtu are both set to the MTU setting. # Callback server is enabled when cb-script parameter is set. # #all.autoppp%i:%j novj \ # proxyarp modem asyncmap 000A0000 \ # noipx noccp login auth require-pap refuse-chap \ # mtu %t mru %t \ # ms-dns 192.168.160.5 ms-dns 0.0.0.0 \ # cb-script /etc/portslave/cb_script \ # plugin /usr/lib/libpsr.
Cyclades-TS Installation & Service Manual # 10, 20, 30, ... interval in milliseconds. # #all.tx_interval 100 # # Inactivity timeout - Defines the time in minutes that a conection can # remains without activity (rx/tx). Only for CAS profile # and socket_client protocol. # #all.idletimeout 5 # This defines an alternative labeling system for the Terminal Server ports. # This parameter is used by the protocols telnet, socket_client and # socket_server.
Cyclades-TS Installation & Service Manual all.syslog_buffering 0 # Alarm configuration # When non zero, all data received from the port is captured and is sent to syslog-ng # with LOCAL [0+DB_facility] facility and INFO level. # The syslog-ng.conf file should be set accordingly to make an action # (please see the documentation). # all.alarm 0 # # Controls the presentation of the Data buffering menu # # MENU: # "A non-empty Data Buffering File was found.
Cyclades-TS Installation & Service Manual # # Automatic User Definition (more useful when used to a specific port) # # This parameter is only used if the port is configured as a Terminal Server # (login, telnet, rlogin, ssh and ssh2) and authentication type 'none'. # #all.userauto edson # # Port access restriction (more useful when used to a specific port). # A single comma and spaces/tabs may be used between names. # A comma may not appear between the ! and the first user name.
Cyclades-TS Installation & Service Manual # # Users that are allowed to sniff sessionsI (administrator). This field has # the same format "all.users", but the '!' should be used used with PRECAUTION. # # In this example, ONLY the users joe, mark, and peter CAN access any # serial port (to create first session) but ONLY the user peter can # sniff or cancel another session. # #all.users joe, mark #all.admin_users peter # # Port-specific parameters # s1.tty ttyS1 s2.tty ttyS2 s3.tty ttyS3 s4.tty ttyS4 s5.
Cyclades-TS #s26.tty #s27.tty #s28.tty #s29.tty #s30.tty #s31.tty #s32.tty Installation & Service Manual ttyS26 ttyS27 ttyS28 ttyS29 ttyS30 ttyS31 ttyS32 # for TS3000 uncomment s33 through s48 #s33.tty ttyS33 #s34.tty ttyS34 #s35.tty ttyS35 #s36.tty ttyS36 #s37.tty ttyS37 #s38.tty ttyS38 #s39.tty ttyS39 #s40.tty ttyS40 #s41.tty ttyS41 #s42.tty ttyS42 #s43.tty ttyS43 #s44.tty ttyS44 #s45.tty ttyS45 #s46.tty ttyS46 #s47.tty ttyS47 #s48.tty ttyS48 Appendix C - Sample pslave.conf files-The complete pslave.
Cyclades-TS Installation Manual The pslave.cas File Provided With the Cyclades-TS for the Console Access Server Example # # pslave.conf Sample server configuration file. # # Console Access Server Profile # conf.eth_ip 200.200.200.1 conf.eth_mask 255.255.255.0 conf.eth_mtu1500 #conf.nfs_data_buffering 192.168.160.11:/tmp/ts_data_buffer conf.lockdir/var/lock conf.facility 7 all.speed 9600 all.datasize 8 all.stopbits 1 all.parity none all.authtype radius all.authhost1 200.200.200.2 all.accthost1 200.200.200.
Cyclades-TS Installation Manual all.data_buffering 0 all.syslog_buffering 0 #all.dont_show_DBmenu 1 # # Users joe and mark will only have access granted to the serial port ttyS2 # all.users ! joe, mark # # Sniff sessions will only display data sent by servers connected # to the serial port. # all.sniff_mode out # # Only users peter and john can open a sniff session # all.admin_users peter, john # # Port-specific parameters # #----------------# PORT 1 #----------------s1.tty ttyS1 s1.authtype local s1.
Installation Manual Cyclades-TS s8.tty s8.protocol s8.authtype s8.serverfarm ttyS8 socket_ssh none server_connected_serial8 Appendix C - Sample pslave.conf files - The pslave.
Cyclades-TS Installation Manual The pslave.ts File provided with the Cyclades-TS for the Terminal Server Example # # pslave.conf Sample server configuration file. # # Terminal Server Profile conf.eth_ip 200.200.200.1 conf.eth_mask 255.255.255.0 conf.eth_mtu1500 conf.lockdir/var/lock conf.rlogin /usr/local/bin/rlogin-radius conf.telnet /bin/telnet conf.ssh /bin/ssh conf.locallogins 0 all.speed 9600 all.datasize 8 all.stopbits 1 all.parity none all.authtype none all.protocoltelnet all.host 200.200.200.
Installation Manual Cyclades-TS # # Port-specific parameters # s1.tty ttyS1 s2.tty s2.authtype s2.protocol s2.speed s2.datasize s2.stopbits s2.parity ttyS2 local rlogin 19200 7 2 even s3.tty s3.protocol s3.authtype ttyS3 ssh2 remote s4.tty s4.protocol s4.authtype ttyS4 ssh remote s5.tty s5.users ttyS5 joe, mark Appendix C - Sample pslave.conf files - The pslave.
Cyclades-TS Installation Manual The pslave.ras File Provided With the Cyclades-TS for the Remote Access Server Example # # pslave.conf Sample server configuration file. # # Remote Access Server Profile # conf.eth_ip 200.200.200.1 conf.eth_mask 255.255.255.0 conf.eth_mtu1500 conf.lockdir/var/lock conf.pppd /usr/local/sbin/pppd-radius conf.facility 7 all.speed 57600 all.datasize 8 all.stopbits 1 all.parity none all.authtype radius all.authhost1 200.200.200.2 all.accthost1 200.200.200.2 all.radtimeout 5 all.
Installation Manual Cyclades-TS "" ATMO \ OK\R\N "" \ TIMEOUT 3600 \ RING "" \ STATUS Incoming %p:I.HANDSHAKE \ "" ATA \ TIMEOUT 60 \ CONNECT@ "" \ STATUS Connected %p:I.HANDSHAKE all.flow hard all.dcd 1 all.autoppp %i:%j novj \ proxyarp modem asyncmap 000A0000 \ noipx noccp login auth require-pap refuse-chap \ mtu %t mru %t \ plugin /usr/lib/libpsr.so all.pppopt %i:%j novj \ proxyarp modem asyncmap 000A0000 \ noipx noccp mtu %t mru %t netmask %m \ idle %I maxconnect %T \ plugin /usr/lib/libpsr.
Cyclades-TS Installation Manual #------------------------------------------s3.tty ttyS3 s3.protocol ppp_only s3.pppopt %i:%j novj \ proxyarp modem asyncmap 000A0000 \ noipx noccp login auth require-pap refuse-chap \ mtu %t mru %t \ plugin /usr/lib/libpsr.so s3.initchat "" s3.issue "" Appendix C - Sample pslave.conf files - The pslave.
Cyclades-TS Installation & Service Manual APPENDIX D CUSTOMIZATION Everything related to the Cyclades-TS can be traced back to two files: /etc/rc.sysinit and /etc/ inittab. All Cyclades-TS application programs are started during boot by the init process. The related lines in the /etc/inittab file are listed below: # System initialization. ::sysinit:/etc/rc.
Cyclades-TS Installation & Service Manual Cyclades provides a development kit which allows changes to be made to the Cyclades-TS’s software. However, Cyclades does not provide free technical support for systems modified in this way. Any changes are the responsibility of the user.
Cyclades-TS Installation & Service Manual APPENDIX E MULTIPLE SNIFFING Versions 1.3.2 and earlier Cyclades-TS allows a maximum of 2 connections to each serial port, as follows: • 1 common session: user can execute read and write commands to the tty port. Session can be established by a regular user or by an administrator. • 1 sniffer session: user can execute only read commands, in order to monitor what is going on in the other (main) session.
Cyclades-TS Installation & Service Manual Versions 1.3.3 and later Users will be able to open more than one common and sniff sessions at the same port. For this purpose, the following configuration items will be included in the file pslave.conf: • all.multiple_sessions: valid for all the serial ports; must be “yes” or “no”. The default value is “no”. • sN.multiple_sessions: valid only for port N; must be “yes” or “no”. If it is not defined, it will assume the value of all.multiple_sessions. • all.
Cyclades-TS Installation & Service Manual —————————————————————————————————— * * * * ttySN is being used by () !!! * 1 - Initiate a regular session 2 - Initiate a sniff session 3 - Send messages to another user 4 - Kill session(s) 5 - Quit Enter your option : —————————————————————————————————— If the user selects 1 - Initiate a regular session, he will share that serial port with the users that were previously connected.
Cyclades-TS Installation & Service Manual “send message mode” will make the TS show the previous menu. If this parameter is not set in pslave.conf, or it contains an invalid value, the regular sessions will not be allowed to return to the menu, and the sniffer sessions will be able to do it typing . In addition, the regular session will only be allowed to see the menu if the protocol used is “socket_server” or “socket_ssh”.
Cyclades-TS Installation & Service Manual APPENDIX F CONFIGURATION WIZARD Using Wizard through CLI The user has a choice to configure the Cyclades-TS using the standard vi editor. For those not familiar with the editor, there’s a way to pre-configure the unit (just basic configuration such as IP address of the Cyclades-TS) using the CLI. After that, they can continue configuring the unit through the WEB.
Cyclades-TS Installation & Service Manual ******************************************************************* ************* C O N F I G U R A T I O N W I Z A R D ************* ******************************************************************* Ok, let's get started! I need a few basic information on the system so that it can know where it is located within the network and it can know about its neighbor or its local environment. Set to defaults? (y/n) [N] : FIGURE F.
Cyclades-TS Installation & Service Manual ******************************************************************* ************* C O N F I G U R A T I O N W I Z A R D ************* ******************************************************************* INSTRUCTIONS: You can: 1) Enter the appropriate information for your system and press ENTER or 2) Press ENTER if you are satisfied with the value within the brackets [ ] and want to go on to the next parameter or 3) Press ESC if you want to exit.
Cyclades-TS Installation & Service Manual ******************************************************************* ************* C O N F I G U R A T I O N W I Z A R D ************* ******************************************************************* INSTRUCTIONS: You can: 1) Enter the appropriate information for your system and press ENTER or 2) Press ENTER if you are satisfied with the value within the brackets [ ] and want to go on to the next parameter or 3) Press ESC if you want to exit.
Cyclades-TS Installation & Service Manual * ** * ** ** * ** * ** ** * ** * ** * ** ** * ** * ** ** * ** * ** * ** ** * ** * ** * ** ** * ** * ** ** * * * ** * ** ** * ** * * C O N F I G U R A T I O N W I Z A R D * ** * ** * ** ** * * * ** * ** ** * ** * ** ** * ** * ** * ** ** * ** * ** ** * ** * ** * ** ** * ** * ** * ** ** * ** * ** ** * * I NS T RU CT I ON S : Y ou ca n: 1 ) En t er th e a pp r op r ia te in f or ma t io n f o r yo u r s ys t em a nd p r es s E NT E R o r 2 ) Pr e ss EN TE R i f y o u
Cyclades-TS Installation & Service Manual ******************************************************************* ************* C O N F I G U R A T I O N W I Z A R D ************* ******************************************************************* INSTRUCTIONS: You can: 1) Enter the appropriate information for your system and press ENTER or 2) Press ENTER if you are satisfied with the value within the brackets [ ] and want to go on to the next parameter or 3) Press ESC if you want to exit.
Cyclades-TS Installation & Service Manual ******************************************************************* ************* C O N F I G U R A T I O N W I Z A R D ************* ******************************************************************* INSTRUCTIONS: You can: 1) Enter the appropriate information for your system and press ENTER or 2) Press ENTER if you are satisfied with the value within the brackets [ ] and want to go on to the next parameter or 3) Press ESC if you want to exit.
Cyclades-TS Installation & Service Manual ******************************************************************* ************* C O N F I G U R A T I O N W I Z A R D ************* ******************************************************************* INSTRUCTIONS: You can: 1) Enter the appropriate information for your system and press ENTER or 2) Press ENTER if you are satisfied with the value within the brackets [ ] and want to go on to the next parameter or 3) Press ESC if you want to exit.
Cyclades-TS Installation & Service Manual ******************************************************************* ************* C O N F I G U R A T I O N W I Z A R D ************* ******************************************************************* Your current configuration parameters are: Hostname: TSx000 System IP: 192.168.160.10 Domain Name: mycompany.com DNS: 127.0.0.1 Gateway: 192.168.160.10 Mask: 255.255.255.0 Are all these parameters correct (Y)es or (N)o [N] : FIGURE F.
Cyclades-TS Installation & Service Manual If ‘y’ is entered, Figure F.9 is displayed. This figure explains what saving to flash means. Type ‘y’ if you want to save to flash. Type ‘n’ if you don’t want to save to flash. You can now continue TS configuration using the web browser by typing in the IP address of the TS. If you choose to not save to flash, all the new configuration will be lost if you were to reboot the TS. However, all configuration will be kept if you saved to flash.
Cyclades-TS Installation & Service Manual Using Wizard through WEB The web interface supports wizards for the serial ports configuration.
Cyclades-TS Installation & Service Manual Console Access Server (CAS) profile: Parameter speed datasize stopbits parity flow dcd sysutmp syswtmp authtype authhost1 accthost1 radtimeout secret radretries radnullpass protocol Value 9600 8 1 none hard 0 1 0 radius 200.200.200.2 200.200.200.2 3 cyclades 5 0 socket_server ipno 192.168.1.101+ socket_port 7001+ issue prompt term tx_interval poll_interval \r\nWelcome to...
Cyclades-TS Installation & Service Manual Parameter idletimeout data_buffering DB_timestamp alarm syslog_buffering dont_show_DB_ menu Value 0 0 0 0 0 1 sniff_mode admin_users out peter, john multiple_sessions no escape_char ^z serverfarm Server_connected serial Comments Don’t finish the session by idle timeout. Data buffering disabled. Don’t include time in the data buffering. Don’t generate alarm syslogs. Don’t generate syslogs for data buffering.
Cyclades-TS Installation & Service Manual Parameter authtype Value none authhost1 accthost1 radtimeout secret radretries radnullpass protocol socket_port host issue prompt term 200.200.200.2 200.200.200.2 3 cyclades 5 0 telnet 23 200.200.200.3 \r\nWelcome to %h login vt100 Comments No authentication; the next six parameters will be used only if authentication has radius or tacacs+.
Cyclades-TS Installation & Service Manual Parameter authhost1 accthost1 radtimeout secret radretries radnullpass protocol ipno Value 200.200.200.2 200.200.200.2 3 cyclades 5 0 ppp 200.200.200.11+ issue prompt netmask mtu mru initchat autoppp \r\nWelcome to ... %h login 255.255.255.255 1500 1500 TIMEOUT 10 %i:%j novj ... pppopt %i:%j novj ... Comments Change it to the authentication server of your network. Change it to the accounting server of your network. 3 minutes of timeout.
Cyclades-TS Parameter flow dcd media modbus_smode sysutmp syswtmp authtype protocol socket_port Installation & Service Manual Value hard 0 rs232 ascii 1 0 none modbus 520 Appendix F Configuration Wizard Comments Hardware flow control. Not sensitive to DCD signal. Change this option if RS485 media is used. Change this option if RTU serial mode is used. Write the users in utmp log file. Don't write the users in wtmp log file. No authentication. MODBUS protocol. MODBUS port.
Cyclades-TS Installation & Service Manual APPENDIX G GENERATING ALARM AND SYSLOG Versions 1.3.3 and later This appendix shows the characteristics of the Alarm for Data Buffering that is implemented for all the TSxk family. It is divided in five parts: 1. 2. 3. 4. 5. Syslog-ng and its configuration Alarm, sendmail, sendsms and snmtrap Example of the configuration to use syslog_buffering Example of the configuration to use alarm feature Example of the configuration to use multiples syslog servers. 1.
Cyclades-TS Installation & Service Manual • time_reopen(n): the time to wait before a died connection is reestablished. • time_reap(n): the time to wait before an idle destination file is closed. • sync_freq(n): the number of lines buffered before written to file. (the file is synced when this number of messages has been written to it) • mark_freq(n): the number of seconds between two MARKS lines. • log_fifo_size(n): the number of lines fitting to the output queue.
Cyclades-TS Installation & Service Manual The following source-drivers are available: a) internal() - messages generated internally in syslog-ng b) unix_stream(filename [options]) and unix_dgram(filename [options]) - they open the given AF_UNIX socket, and start listening on them for messages. - options: owner(name), group(name), perm(mask) are equal global options keep-alive(yes/no) - selects whether to keep connections opened when syslog-ng is restarted, can be used only with unix_stream.
Cyclades-TS Installation & Service Manual Some examples: 1. To read from a file: source {file(filename);}; Example to read messages from “/temp/file1” file: source file1 {file(“/temp/file1”);}; Example to receive messages from kernel: source s_kernel { file(“/proc/kmsg”); }; 2. To receive messages from local syslogd clients: source sysl {unix-stream(“/dev/log”);}; 3.
Cyclades-TS Installation & Service Manual The following internals functions are available: a) facility(): - selects messages based on their facility code.
Cyclades-TS Installation & Service Manual filter f_alert { level(alert); }; 3. To filter by matching one string in the received message: filter f_match { match(“string”); }; Example to filter by matching the string “named”: filter f_named { match(“named”); }; 4.
Cyclades-TS Installation & Service Manual - this is one of the most important destination drivers in syslog-ng. It allows you to output log messages to the named file. - the destination filename may include macros (by prefixing the macro name with a ‘$’ sign) which gets expanded when the message is written. - since the state of each created file must be tracked by syslog-ng, it consumes some memory for each file.
Cyclades-TS Installation & Service Manual • template(“string”) - syslog-ng write the “string” in the file. You can use the MACROS in the string. c) unix-stream(filename) and unix-dgram(filename) - this driver sends messages to a unix socket en either SOCKET_STREAM or SOCK_DGRAM mode. d) udp (“” port(number)) and tcp (“” port(number)) - this driver sends messages to another host (ip address/port) using either UDP or TCP protocol.
Cyclades-TS Installation & Service Manual $FULLDATE - the complete date when the message was sent. $FACILITY - the facility of the message $PRIORITY or $LEVEL - the priority of the message $PROGRAM - the message was sent by this program (BUFFERING or SOCK) $HOST - the name of the source host. $FULLHOST - the name of the source host and the source driver. Format: @ $MSG or $MESSAGE - the message received Example to send e-mail to z@none.com (SMTP’s IP address 10.0.0.
Cyclades-TS Installation & Service Manual template(“sendsms -d 123 -m \”$FULLDATE $HOST $MSG\” 10.0.0.1")); }; 3. To send snmptrap: destination {pipe(“/dev/cyc_alarm” template(“snmptrap ”)); }; where ident: uniquely identify this destination pars: -v 1 public : community \”\” : enterprise-oid \”\” : agent/hostname : 2-Link Down, 3-Link Up, 4-Authentication Failure 0 : \”\” : host-uptime .1.3.6.1.2.1.2.2.1.2.1 :interfaces.iftable.ifentry.ifdescr.
Cyclades-TS Installation & Service Manual destination d_user { usertty(“”); }; Example to send message to all sessions with root user logged: destination d_userroot { usertty(“root”); }; 6. To send message to remote syslogd server: destination d_udp { udp( “” port(514)); }; Example to send syslogs to syslogd located at 10.0.0.1: destination d_udp1 { udp( “10.0.0.
Cyclades-TS Installation & Service Manual log { source(sysl); source(s_udp); filter(f_messages); destination(d_messages); }; 4. To send e-mail if message received from local syslog client has the string “kernel panic”: log { source(sysl); filter(f_kpanic); destination(d_mail1); }; 5. To send e-mail and pager if message received from local syslog client has the string “root login”: log { source(sysl); filter(f_root); destination(d_mail1); destination(d_pager); }; 6.
Cyclades-TS Installation & Service Manual For example, to filter ALARM message with the string “root login”: filter f_root { facility(local1) and level(info) and match(“ALARM”) and match(“root login”); }; 3. to configure actions in syslog-ng configuration file.
Cyclades-TS Installation & Service Manual “To: “. Required. Multi-part allowed (multiple names are separated by commas). Names are expanded as explained below. [-c [,]] “Cc: “. Optional. Multi-part allowed (multiple names are separated by commas). [-b [,]] “Bcc:”. Optional. Multi-part allowed (multiple names are separated by commas). [-r ] “Reply-To: “. Optional. Use the Reply-To: field to make sure the destination user can send a reply to a regular mailbox.
Cyclades-TS Installation & Service Manual : A text field. As this kind of field can contain blank spaces, please use the quotation marks to enclose the text. For example, to send e-mail to z@none.com (SMTP’s IP address 10.0.0.2) from the e-mail address a@none.com with subject “TS sendmail test “. sendmail -t z@none.com -f a@none.com -s “TS sendmail test” -m “Sendmail test. \n Is it OK??? “ -h 10.0.0.2 2.3.
Cyclades-TS Installation & Service Manual -d dest: Required. The GSM network address (i.e. phone number) of the mobile phone the message is to be sent to. Supported format is: [int. prefix - country code] area code - phone number.The international prefix can be either “+” or “00” (or any other value supported by the GSM network provider the server is subscribed to). Some separation characters can be used to beautify the number, but they are purely cosmetic and will be stripped by the server.
Cyclades-TS Installation & Service Manual “well known service” sms (as defined in /etc/services). If that doesn’t return an answer, the compiled-in default value 6701 will be used. server : Required. The host name or IP address of the computer where the SMS gateway server process is running. By default, this server will be listening on TCP port 6701. Upon success (when the server module reports that the message was successfully sent), sendsms returns 0. When a problem occurs, a non zero value is returned.
Cyclades-TS Installation & Service Manual snmptrap -v 1 [-Ci] [common arguments] enterprise-oid agent generic-trap specific-trap uptime [objectID type value]... snmptrap -v [2c|3] [-Ci] [common arguments] uptime trap-oid [objectID type value]... where: -Ci : Optional. It sends INFORM-PDU common arguments: required. They are: SNMP server IP address and community. enterprise-oid: required, but it can be empty (‘’). agent: required, but it can be empty(‘’). The agent name. generic-trap: required.
Cyclades-TS Installation & Service Manual 3. Syslog-ng configuration to use with syslog buffering feature This configuration example is to use syslog buffering feature, and to send the messages to remote syslogd (10.0.0.1). In the pslave.conf file the parameters of the syslog buffering feature are configured as: conf.DB_facility 1 all.syslog_buffering 100 The syslog-ng.conf file need these lines: # local syslog clients source src { unix-stream(“/dev/log”); }; destination d_buffering { udp(“10.0.0.
Cyclades-TS Installation & Service Manual The syslog-ng.conf file need these lines: # local syslog clients source src { unix-stream(“/dev/log”); }; # To filter ALARM message with the string “kernel panic”: filter f_kpanic { facility(local2) and level(info) and match(“ALARM”) and match(“kernel panic”); }; # To filter ALARM message with the string “root login”: filter f_root { facility(local1) and level(info) and match(“ALARM”) and match(“root login”); }; # To send e-mail to z@none.
Cyclades-TS Installation & Service Manual }; # Example to send a Link Down trap to server at 10.0.0.1 with message carrying the current # date, the hostname of this TS and the message that received from the source: destination d_trap { pipe(“/dev/cyc_alarm” template(“snmptrap -v 1 10.0.0.1 public \”\” \”\” 2 0 \”\” \ .1.3.6.1.2.1.2.2.1.2.
Cyclades-TS Installation & Service Manual # remote server 1 - IP address 10.0.0.1 port default destination d_udp1 { udp(“10.0.0.1”);}; # remote server 2 - IP address 10.0.0.2 port 1999 destination d_udp2 { udp(“10.0.0.2” port(1999);}; # filter messages from facility local1 and level info to warning filter f_local1 { facility(local1) and level(info..warn)}; # filter messages from facility local 1 and level err to alert filter f_critic { facility(local1) and level(err ..
Cyclades-TS Installation & Service Manual APPENDIX H CERTIFICATE FOR HTTP SECURITY Obtaining a Signed Digital Certificate A certificate for the HTTP security is created by a CA (Certification Authority). The most usual procedure to obtain a certificate is: • Generation of the public and private keys, using a public key algorithm like RSA or X509. The keys can be generated by using a key generator software.
Cyclades-TS Installation & Service Manual The other requested information can be skipped. • The certificate signing request (CSR) generated by the command above contains some personal (or corporate) information and its public key. The next step is to submit the CSR and some personal data to the CA. This service can be requested by accessing the CA website and is not free, and there is a list of CA’s in the URL http://www.pki-page.org/.
Cyclades-TS Installation & Service Manual 6. Save the configuration in flash. #saveconf 7. The certification will be effective in the next reboot.
Cyclades-TS Installation & Service Manual APPENDIX I USING MODBUS PROTOCOL IN CAS PROFILE MODBUS is an application layer messaging protocol for client/server communication which is widely used in the industrial automation. It is a confirmed service protocol and offers many services specified by function codes, like reading and writing registers on PLCs.
Cyclades-TS Installation & Service Manual In this example, the Automation Application running in the Workstation (local or remote) controls the PLCs connected to the serial port (RS-485) of the Cyclades-TS100 using MODBUS/TCP protocol. The connection is opened using Cyclades-TS100 Ethernet IP address and TCP port = 502. Cyclades-TS100 accepts the incoming connection and converts MODBUS/TCP ADUs (packets) to plain MODBUS frames and sends them over the serial port.
Cyclades-TS Parameter Installation & Service Manual Description all.protocol Value for This Example modbus For the console server profile, the possible protocols are socket_server (when telnet is used), socket_ssh (when ssh version one or two is used), raw_data (to exchange data in transparent mode – similar to socket_server mode, but without telnet negotiation, breaks to serial ports, etc.
Cyclades-TS Installation & Service Manual APPENDIX J LINUX-PAM Overview Linux-PAM (Pluggable Authentication Modules for Linux) is a suite of shared libraries that enable the local system administrator to choose how applications authenticate users. In other words, without (rewriting and) recompiling a PAM-aware application, it is possible to switch between the authentication mechanism(s) it uses. Indeed, one may entirely upgrade the local authentication system without touching the applications themselves.
Cyclades-TS Installation & Service Manual scheme with the behavior of an application is made with entries in the relevant Linux-PAM configuration file. The management functions are performed by modules specified in the configuration file. Here is a figure that describes the overall organization of Linux-PAM. pam.conf X auth .. a.so X auth .. b.so X auth .. c.so X account .. b.so X account .. d.so X password .. b.so X session .. e.so X session .. c.so Y ath .. g.
Cyclades-TS Installation & Service Manual various authentication tasks for the application. Textual information, required from/or offered to the user, can be exchanged through the use of the application-supplied conversation function. The Linux-PAM Configuration File Linux-PAM is designed to provide the system administrator with a great deal of flexibility in configuring the privilege granting applications of their system.
Cyclades-TS Installation & Service Manual Service-name The name of the service associated with this entry. Frequently the service name is the conventional name of the given application. For example, ‘ftpd’, ‘rlogind’, ‘su’, etc. There is a special service-name, reserved for defining a default authentication mechanism. It has the name ‘OTHER’ and may be specified in either lower or upper case characters. Note, when there is a module specified for a named service, the ‘OTHER’ entries are ignored.
Cyclades-TS Installation & Service Manual Control-flag The control-flag is used to indicate how the PAM library will react to the success or failure of the module it is associated with. Since modules can be stacked (modules of the same type execute in series, one after another), the control-flags determine the relative importance of each module. The application is not made aware of the individual success or failure of modules listed in the ‘/etc/pam.conf’ file.
Cyclades-TS Installation & Service Manual Optional - as its name suggests, this control-flag marks the module as not being critical to the success or failure of the user’s application for service. In general, Linux-PAM ignores such a module when determining if the module stack will succeed or fail. However, in the absence of any definite successes or failures of previous or subsequent stacked modules this module will determine the nature of the response to the application.
Cyclades-TS Installation & Service Manual Bad - this action indicates that the return code should be thought of as indicative of the module failing. If this module is the first in the stack to fail, its status value will be used for that of the whole stack. Die - equivalent to bad with the side effect of terminating the module stack and PAM immediately returning to the application.
Cyclades-TS Installation & Service Manual Currently the Cyclades-TS has the following modules available: pam_access - Provides logdaemon style login access control. pam_deny - Deny access to all users. pam_env - This module allows the (un)setting of environment variables. Supported is the use of previously set environment variables as well as PAM_ITEMs such as PAM_RHOST. pam_filter - This module was written to offer a plug-in alternative to programs like ttysnoop (XXX - need a reference).
Cyclades-TS Installation & Service Manual pam_motd - This module outputs the motd file (/etc/motd by default) upon successful login. pam_nologin - Provides standard Unix nologin authentication. pam_permit - This module is very dangerous. It should be used with extreme caution. Its action is always to permit access. It does nothing else. pam_radius – Provides Radius server authentication and accounting.
Cyclades-TS Installation & Service Manual pam_wheel - Only permit root authentication to members of wheel group. Arguments The arguments are a list of tokens that are passed to the module when it is invoked. They are much like arguments to a typical Linux shell command. Generally, valid arguments are optional and are specific to any given module. Invalid arguments are ignored by a module, however, when encountering an invalid argument, the module is required to write an error to syslog(3).
Cyclades-TS Installation & Service Manual be used to attack a user’s account. In some circumstances, however, this sort of information is not deemed a threat: displaying a user’s full name when asking them for a password in a secured environment could also be called being ‘friendly’. The expose_account argument is a standard module argument to encourage a module to be less discrete about account information as it is deemed appropriate by the local administrator.
Cyclades-TS Installation & Service Manual Example configuration file entries This section gives some examples of entries that can be present in the Linux-PAM configuration file. As a first attempt at configuring your system you could do worse than to implement these. Default policy If a system is to be considered secure, it had better have a reasonably secure ‘OTHER’ entry. The following is a paranoid setting (which is not a bad place to start!): # # default; deny access # OTHER auth required pam_deny.
Cyclades-TS Installation & Service Manual # # default; wake up! This application is not configured # OTHER auth required pam_warn.so OTHER password required pam_warn.so Having two “OTHER auth” lines is an example of stacking. On a system that uses the /etc/pam.d/ configuration, the corresponding default setup would be achieved with the following file: # # default configuration: /etc/pam.d/other # auth required pam_warn.so auth required pam_deny.so account required pam_deny.so password required pam_warn.
Cyclades-TS Installation & Service Manual OTHER password required OTHER session required pam_unix_passwd.so pam_unix_session.so In general this will provide a starting place for most applications. Cyclades-TS Default pam.conf file In addition to the normal applications login, su, sshd, passwd, and pppd Cyclades also has made portslave a PAM-aware application. The portslave requires four services configured in the pam.conf. They are local, remote, radius, and tacplus.
Cyclades-TS Installation & Service Manual # # The PAM configuration file for the ‘tacplus’ service # tacplus auth requisite pam_securetty.so tacplus auth required pam_tacplus.so encrypt tacplus account required pam_tacplus.so encrypt service=ppp protocol=lcp tacplus session required pam_tacplus.so encrypt service=ppp protocol=lcp # # The PAM configuration file for the ‘radius’ service # radius auth requisite pam_securetty.so radius auth required pam_radius_auth.so radius account required pam_radius_auth.
Cyclades-TS remote password remote session Installation & Service Manual required required pam_permit.so pam_permit.
Cyclades-TS Installation & Service Manual # The PAM configuration file for the ‘samba’ service # samba auth required pam_unix.so samba account required pam_unix.so # # The PAM configuration file for the ‘su’ service # su auth required pam_wheel.so su auth sufficient pam_rootok.so su auth required pam_unix.so su account required pam_unix.so su session required pam_unix.so # # Information for the PPPD process with the ‘login’ option. # ppp auth required pam_nologin.so ppp auth required pam_unix.
Cyclades-TS other other password session Installation & Service Manual required required pam_deny.so pam_deny.so Reference The Linux-PAM System Administrators’ Guide Copyright (c) Andrew G. Morgan 1996-9. All rights reserved. Email: morgan@linux.kernel.
Cyclades-TS Installation & Service Manual APPENDIX K TIMEZONE The content of the file /etc/TIMEZONE can be one of two formats. The first format is used when there is no daylight saving time in the local time zone: std offset The std string specifies the name of the time zone and must be three or more alphabetic characters. The offset string immediately follows std and specifies the time value to be added to the local time to get Coordinated Universal Time (UTC).
Cyclades-TS Installation & Service Manual m (1 <= m <= 12). Week 1 is the first week in which day d occurs and week 5 is the last week in which day d occurs. Day 0 is a Sunday. The time fields specify when, in the local time currently in effect, the change to the other time occurs. If omitted, the default is 02:00:00. In the example below: GST+7DST+6M4.1.0/14:30.M10.5.6/10 The daylight saving time starts on the first Sunday of April at 2:30 pm and it ends on the last Saturday of October at 10:00 am.
Cyclades Australia Phone: +61 7 3279 4320 Fax: +61 7 3279 4393 www.au.cyclades.com Cyclades South America Phone: 55-11-5033-3333 Fax: 55-11-5033-3388 www.cyclades.com.br Cyclades Corporation 41829 Albrae Street Fremont, CA 94538 - USA Phone: (510) 770-9727 Fax: (510) 770-0355 www.cyclades.com Cyclades Philippines Phone: (632) 813-0353 Fax: (632) 655-2610 www.ph.cyclades.com Cyclades UK Phone: +44 1724 277179 Fax: +44 1724 279981 www.uk.cyclades.
