network iptables
Configure the iptables firewall for the appliance. You can use this command to configure the iptables ACCEPT and DROP rules.
By default, the ProtectServer Network HSM allows access to all networks and hosts. The default policy for the INPUT and OUTPUT chain is set to ACCEPT. The default policy for the FORWARD chain is set to DROP, since the ProtectServer Network HSM is not used to forward packets, as in a router or proxy.
User Access
admin, pseoperator
Syntax
network iptables
addrule
clear
delrule
save
show
| Argument(s) | Shortcut | Description |
|---|---|---|
| addrule | a | Add an ACCEPT or DROP rule to the iptables firewall for the appliance. See network iptables addrule. |
| clear | c | Clear the iptables for the device. This returns the iptables to a factory default state. See network iptables clear. |
| delrule | d | Deletes the specified "INPUT" chain rule in iptables. Run network iptables show to see the rule numbers. See network iptables delrule |
| save | sa | Saves the iptables changes. You must execute this command or any changes will be discarded on the next appliance restart. See network iptables save. |
| show | sh | Display the current iptables configuration. See network iptables show. |
