Install Guide
Table Of Contents
- Table of Contents
- Preface
- 1 System Requirements
- 2 Installing QConvergeConsole GUI
- Before You Begin
- Downloading and Installing Management Agents
- Installing QConvergeConsole GUI
- Uninstalling QConvergeConsole GUI
- 3 Getting Started
- 4 Security Considerations
- 5 Troubleshooting
- A Revision History
- Glossary
- Index
4–Security Considerations
Managing Security
Doc. No. TD-000966 Rev. 1
January 21, 2021 Page 39 Copyright © 2021 Marvell
3. Allow the management agents qlremote, netqlremote, and iqlremote, to
communicate with the outside world. In
/etc/sysconfig/scripts/SuSEfirewall2-custom in the
fw_custom_before_port_handling( ) function, add the following
rules:
# iptables -I INPUT 4 -p tcp -m state --state NEW -m tcp --dport 1:1024 -j
ACCEPT
# iptables -I INPUT 5 -p udp -m state --state NEW -m udp --dport 1:1024 -j
ACCEPT
4. Set port 8080 for http and 8443 for https to allow QCC GUI servers to
connect to clients. In
/etc/sysconfig/scripts/SuSEfirewall2-custom in the
fw_custom_before_port_handling( ) function, add the following
rules:
# iptables -I INPUT 6 -p tcp -m state --state NEW -m udp --dport 8080 -j ACCEPT
# iptables -I INPUT 7 -p udp -m state --state NEW -m udp --dport 8080 -j ACCEPT
# iptables -I INPUT 8 -p tcp -m state --state NEW -m udp --dport 8443 -j ACCEPT
# iptables -I INPUT 9 -p udp -m state --state NEW -m udp --dport 8443 -j ACCEPT
5. To reload customized rules at runtime, issue the following command:
# /etc/init.d/SuSEfirewall2_setup reload
NOTE
The preceding commands reflect the default port numbers of 8080
for http and 8443 for https. If different port numbers were specified
during QCC GUI installation, replace the port numbers in the
preceding commands with the port numbers specified during
installation.
Providing the FW_CUSTOMRULES file path causes custom rules to
persist across reboots.