Users Guide
Table Of Contents
- Table of Contents
- Preface
- 1 Introduction
- 2 Installing and Launching
- 3 QCS CLI Commands
- General Syntax and Keywords
- Command List
- Commands by Item View
- Command Details
- Add (Team Configuration)
- Add Discovery Portal
- Add Host
- Add iSNS Server
- Add Target
- Boot Configuration
- Cable Diagnostics
- Configure Advanced Settings
- Configure Advanced FCoE Settings
- Configure Advanced Adapter Settings
- Configure Advanced Port Settings
- Configure iSCSI Boot
- Configure iSCSI Initiator
- Configure iSCSI Management
- Configure iSCSI Management (on a Linux Host)
- Configure iSCSI Secret
- Configure Licenses
- Configure Multifunction
- Configure Resource
- Configure SR-IOV
- Configure System TOE
- Create Multiple NPIV Ports
- Create NPIV Port
- Diagnostics
- Discover Host
- Fallback
- Help
- Information (Adapter)
- Information (Team)
- List (Targets)
- List Discovery Portals
- List iSNS Servers
- Log
- Login
- Logout
- Network Diagnostics
- Ping Test
- Quit
- Refresh
- Refresh All
- Refresh Discovery Portal
- Refresh iSNS Server
- Remove (Team)
- Remove All Hosts
- Remove Discovery Portal
- Remove Host
- Remove iSNS Server
- Remove Multiple NPIV Ports
- Remove NPIV Port
- Remove Persistent Target
- Remove Target
- Reset Session Statistics
- Reset Statistics
- Restore (Team)
- Save (Team)
- Select (Target)
- Session Statistics
- Sessions
- Show Selected (Target)
- Statistics
- Unassigned (Adapters)
- Upgrade (Firmware)
- Version
- Legacy Commands
- 4 QCS CLI Usage
- Using Interactive Mode
- Performing Management Tasks
- Listing Target Adapters of Different Views in CLI Mode
- Obtaining Context Help for each Command
- Switching Between Different Views of Target Adapters
- Selecting a Target for the Command to Operate On
- Selecting a Target in Interactive Mode
- Getting Information for a Selected Target
- Configuring Advanced Parameters for a Selected Target
- Displaying Licenses for a Selected Target
- Configuring the iSCSI Parameter for a Selected Target
- Configuring the Resource of a Selected Target
- Configuring OoB Management for a Selected Target
- Configuring Systoe for the System
- Getting Statistics for a Selected Target
- Resetting Statistics for a Selected Target
- Running Diagnostic Tests for a Selected Target
- Running a Cable Diagnostic Test for a Selected Target
- Running a Network Diagnostic Test for a Selected Target
- Connecting to an FCoE Target
- Connecting to an iSCSI Target
- Creating a Team Configuration
- Restoring a Team Configuration
- Saving a Team Configuration
- Removing One or More Teams
- Displaying Unassigned Adapters
- Switching Between Primary and Standby Adapters in a Team
- Connecting an iSCSI Target
- Refreshing a Host
- Performing Other Common Tasks
- A Security Considerations
- B Configuration File Examples
- C Third-party Licenses
- D Exit Codes
- E Revision History
- Glossary
A–Security Considerations
Managing Security
Doc No. TD-000971 Rev. 1
January 29, 2021 Page 172 Copyright © 2021 Marvell
SLES 11.x and SLES 10.x
To configure the firewall on SLES 10 and 11:
1. To check the firewall status (by default, the command shows chain and rules
set for the host), issue the following command:
# iptables -L
2. To add customized rules in iptables, provide the path for customized rules in
/etc/sysconfig/SuSEfirewall2:
FW_CUSTOMRULES="/etc/sysconfig/scripts/SuSEfirewall2-custom"
#FW_CUSTOMRULES=""
3. In the /etc/sysconfig/scripts/SuSEfirewall2-custom directory,
modify the
fw_custom_before_port_handling( ) function. To allow
the qlnxremote management agent to communicate with the outside world,
add the following rules:
# iptables -I INPUT 4 -p tcp -m state --state NEW -m tcp --dport 1:1024 -j
ACCEPT
# iptables -I INPUT 5 -p udp -m state --state NEW -m udp --dport 1:1024 -j
ACCEPT
4. In the /etc/sysconfig/scripts/SuSEfirewall2-custom directory,
modify the fw_custom_before_port_handling( ) function. To set
port 8080 for http and 8443 for https allowing QCS CLI servers to connect to
clients, add the following rules:
# iptables -I INPUT 6 -p tcp -m state --state NEW -m udp --dport 8080 -j ACCEPT
# iptables -I INPUT 7 -p udp -m state --state NEW -m udp --dport 8080 -j ACCEPT
# iptables -I INPUT 8 -p tcp -m state --state NEW -m udp --dport 8443 -j ACCEPT
# iptables -I INPUT 9 -p udp -m state --state NEW -m udp --dport 8443 -j ACCEPT
5. To reload customized rules at runtime, issue the following command:
# /etc/init.d/SuSEfirewall2_setup reload
NOTE
The preceding commands reflect the default port numbers of 8080
for HTTP and 8443 for HTTPS. If different port numbers were
specified during QCS CLI installation, replace the port numbers in
the preceding commands with the port numbers specified during
installation.
Providing the FW_CUSTOMRULES file path causes custom rules to
persist across reboots.