HP StorageWorks 9100 Extreme Data Storage System administration guide V1.0.2 (AN540-96018, February 2010)
1. Determine the rule number of the http rule by running the iptables list command as follows:
# iptables -L MXSO-External-Filter
This produces output like:
Counting down the rule set, the http rule is rule number 3.
2. Having identified the rule to be updated, it can be replaced with the rule that limits requests to
those with a source address on the 16.123.8 subnet with:
# iptables -R MXSO-External-Filter 3 -p tcp -m tcp -s 16.123.8.0/24 -
-dport 80 -j ACCEPT
# service iptables save
3. Repeat this procedure on every server.
Restoring the firewall configuration to the factory setting
If you need to restore the firewall to the original configuration, use the following commands:
# pdsh -a cp /etc/sysconfig/iptables.mxso /etc/sysconfig/iptables
# pdsh -a service iptables restart
NOTE:
The restart action may cause interruptions on existing connections; therefore, this should be done
during a scheduled downtime.
If you had opened or restricted ports since the system was originally installed, open or restrict them
again as described in the previous sections.
User accounts
The HP ExDS9100 system software creates the following user accounts:
• mysql—Used by the database server for the utility database
• pmxs—Used by Matrix software
CAUTION:
Do not delete or change any details of these accounts. Doing so could prevent normal operation of
the HP ExDS9100 system software or jeopardize the security of the system.
Create user accounts and manage them using any of the standard account management utilities such
as NIS and LDAP. However, no user account should be put into the pmxs or mysql groups.
Changing system parameters90