POWER7 information
Configuring Virtual I/O Server firewall settings
Enable the Virtual I/O Server firewall to control IP activity.
The Virtual I/O Server firewall
is not enabled by default. To enable the Virtual I/O Server firewall,
you must turn it on by using the viosecure command
with
the -firewall option. When you enable it, the default
setting
is activated, which allows access for the following IP services:
- ftp
- ftp-data
- ssh
- web
- https
- rmc
- cimom
Note: The firewall settings are contained in the file viosecure.ctl
in
the /home/ios/security directory. If for some
reason
the viosecure.ctl file does not exist when you run the command to
enable the
firewall, you receive an error. You can use the -force option
to enable the standard firewall default ports.
You can use the default setting or configure the firewall settings to meet the needs of your environment by specifying which ports or port services to allow. You can also turn off the firewall to deactivate the settings.
Use the following tasks at the Virtual I/O Server command
line to configure the Virtual I/O Server firewall
settings: