Manualshelf

HP-UX Secure Resource Partitions (SRP) A.02.02 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Containers (SRP)
61626364656667686970
64
Variable Name: ipf_tcp_ports.
Valid Input: One or more TCP port numbers each in the range 1- 65535,
separated by commas.
Default: None.
IPFilter UDP port
numbers
Specifies the local UDP port numbers for IPFilter rules that allow inbound
packets.
Variable Name: ipf_udp_ports.
Valid Input: One or more UDP port numbers each in the range 1-
65535,
separated by commas.
Default: None.
11.1.2.2 Configuration Data
If the compartment address is an IPv4 address, SRP adds IPFilter rules to the
/etc/opt/ipf/ipf.conf file. If the compartment address is an IPv6 address, SRP adds IPFilter
rules to the /etc/opt/ipf/ipf6.conf file.
SRP configures rules that allow inbound packets from any remote IP address to the compartment IP
address with the specified destination TCP or UDP port numbers.
SRP inserts these rules at the top of the IPFilter rules file and uses the quick keyword.
The IPFilter configuration file already contains rules from the base template to allow all outbound
TCP, UDP, and ICMP packets from the compartment IP address, as described in 11.1.3.2
Configuration Data
.
11.1.3 The provision Service
The provision service executes the customizable script /opt/hpsrp/bin/util/custom_setup
to provision (deploy) an additional application in the SRP compartment.
11.1.3.1 Input Data
SRP prompts for the following data. You can also specify a variable name and value in the command
line, as described in
15.1 Creating an SRP Compartment or Adding Data to an SRP.
Provision Script
name
The provision script path to use to configure additional set of
applications .
Variable Name: script
Default: /opt/hpsrp/bin/util/custom_setup.
11.1.3.2 Configuration Data
By default, the /opt/hpsrp/bin/util/custom_setup script:
Prints the script name used by the instance during the verbose listing.
Prints the arguments to the script in the verbose mode for any operation. These arguments
include:
- verbose: Is set to 1 if verbose is enabled
- compartment: SRP compartment name
- script: current script name
- srp_id: current instance id
- service: selected services