|
|
|
|
|
Add a group to the list of local groups: add group groupname. The group name is automatically assigned a gid.
|
|
|
Adds a VPN IPSec connection: add ipsec conn connection_name. Then use the set command to set the following for the left host: a left host IP address [ left IPaddress], an optional alias for the left host [ leftid alias], an optional RSA key [ leftrsasigkey key], an optional subnet IP address [ leftsubnet IPaddress], an optional next hop IP address [ leftnexthop IPaddress]. Use the set command to set the following for the right host: a right host IP address [ right IPaddress], an optional alias for the right host [ rightid alias], an optional RSA key [ rightrsasigkey key], an optional subnet IP address [ rightsubnet IPaddress], an optional next hop IP address [ rightnexthop IPaddress].
|
|
|
Adds a shared key: add ipsec key key_name. Then use the set command to set the key [ set key_name key]. The key can be in hexadecimal (with the 0x prefix followed by any of: a-f, A-F, 0-9), in base 64 (with the 0s prefix followed by any base 64 number using a-z, A-Z, +, or \); or a text string (entered with the 0t prefix followed by text):
|
|
|
Add chainname to the list of chains: add iptables nat|filter chainname. By default, a set of chains is defined but no rules are configured: For NAT, the predefined chains are: PREROUTING, POSTROUTING, OUTPUT. For filter, the predefined chains are: INPUT, OUTPUT, FORWARD.
Then use the set command to set filtering policies for each rule, by optionally specifying one or more of the following: a destination IP, [ destination IPaddress]; whether to invert the destination IP [ inv]; a source IP address [ source IPaddress] whether to invert the source IP address [ inv]; a protocol [ tcp, udp, icmp, all or a protocol number], whether to invert the protocol [ inv]; for protocol tcp or udp, the destination port [ dport]; source port [ sport]; whether to invert the protocol [ inv]; an input interface [ in-interface]; whether to invert the in-interface [ inv]; an output interface [ out-interface]; whether to invert the out-interface [ inv]; whether to allow fragments [ fragment yes] or to disallow all fragments [ fragment no]; whether to invert the fragment yes | no [ inv]; a target action [ target action]. For NAT and filter, the following target actions are defined: DROP, ACCEPT, REJECT, or chainname. For NAT, the following additional target actions are defined: DNAT to change the destination address [ DNAT to-destination IPaddress]; and SNAT, to change the source IP [ SNAT to-source IPaddress].
|
|
|
Add an IP address for a host: add network hosts IPaddress. Then use the set command to set the following for the host: a hostname [ name], an optional alias [ alias].
|
|
|
Add to the list of static route targets a subnet or host (networks in the form 1.2.3.4/255.255.0.0 or host IPs): add network st_routes network_IPaddress/netmask | host_IPaddress.
|
|
|
Add a notification using any name add notifications notification_name. Then use the set command to set the trigger specifying the format used for triggers in the /etc/syslog.ng file [ trigger trigger_string]; a notification type, one of SNMP, SMS, or MAIL [type SNMP|SMS|MAIL].
|
|
|
If MAIL is set, then use set notifications MAIL with the recipient email address [ to email_address]; sender email address [ from email_address]; Subject: line in quotes [ subject” subject of the notification email”]; email message body in quotes [ body “body of the email message”]; mail server IP address [ mail_server IP_address].
|
|
|
If SNMP is set, use set notifications snmptrap with an OID [ oid OID]; trap number [ trapnumber number]; community name [ community community_name]; server IP address [ server IPaddress]; message body in quotes [ body “body of the email message”].
|
|
|
If SMS is set, use set notifications pager with an pager number [ number pager_number], message body in quotes [ body “body of the pager message”]; username [ user username]; server IP address [ server IPaddress]; port number [ port number].
|
|
|
Add a managed device (SP, server, or device): add server device_name. Also use the set command to set the type: drac rsa-II, ilo, ipmi1_5 [ type device_type], devconsole, custom1, custom2, custom3; authentication type: kerberos, kerberosdownlocal, ldap, ldapdownlocal, local, localnis, localradius, localtacplus, nis, nisdownlocal, nislocal, none, radius, radiusdownlocal, radiuslocal, smb, smbdownlocal, tacplus, tacplusdownlocal, tacpluslocal [ authtype device_type]; the IP address for the device [ ip | local_ip IP_address]; the device’s netmask [ netmask netmask]; if drac type is set, enter the DRAC console port ID, either com1 or com2 [ drac_console_port com1 | c om2]; the login name [ login username]; the user’s password [ password password]; a short description for the server in quotes [ description “device description”]; enable or disable event logging [ eventlog enable yes | no].
|
|
|
When eventlog is enabled, use the set command to set the frequency for logging in hours [ frequency hours]; the maximum log size in bytes [ maxlogsize size].
|
|
|
Add the name of a user or group authorized to access the device: add onboard user username | group groupname.
|
|
|
Add a device for an existing user or group when the device_name has been added as described under onboard server: add onboard user | group device_name. Then use the set command to set permissions for sensors, power, sel, spconsole, console, kvm, vpn, specifying either yes or no for each.
|
|
rwcommunity | rocommunity
|
Add a read-write community [ rwcommunity] or a read-only community [ rwcommunity]: add snmpd rwcommunity | rocommunity community_name. Then use the set command to set the source IP [ source] and OID [ oid].
|
|
|
Add a read-write user [rwuser] or a read-only user [ rouser]: add snmpd rwuser | rouser user_name. Then use the set command to set the user level [ level noauth | auth] and OID [ oid].
|
|
|
Add a user: add snmpd user user_name. Then use the set command to set the common method: snmpd, proxy, or host [ common]; the authentication method, MD5 or SHA [ authmethod] and authentication pass phrase, must be greater than eight characters [ authpassphrase];encryption method, must be DES [ cryptmethod]; encryption pass phrase, must be greater than eight characters [ cryptpassphrase].
|
|
|
Adds a group: add snmpd group group_name. Then use the set command to set the security model: v1, v2c, or usm [ sec_model] and security name [ sec_name]
|
|
|
Adds a view: add snmpd view. view_name Also use the set command to set the policy as included or excluded [ incl_excl included | excluded], [ subtree], [ mask]
|
|
|
Adds an access type. add snmpd access type. Also use the set command to set the [ context], security model: v1, v2c, or usm [ sec_model v1 | v2 | usm], security level [ sec_level], [ match], [ read|write|notif]
|
|
|
Adds add snmpd view Also use the set command to set the [ common snmpd|proxy[$i]-Cn], proxy version [ version snmpd|proxy[$i]-Cn], [ community| user]; OID [ oid], security level [ sec_level snmpd|proxy[$i]-Cn]; the location of the system, syslocation and contact person, syscontact [syscontact | syslocation]
|
|
|
Adds a destination name for syslog messages: add syslog destination server_name. Also use the set command to enable or disable the destination [ enable yes|no]; set a destination type, one of tcp, udp, or file [ type tcp | udp | file]; set a valid username as the owner of the tty [ usertty username]; set an IP address for the destination [ tcp|udp IP_address]; set a destination filename [ file filename]; set a named pipe as a destination [ pipe pipename];
|
|
Note: Do not use. The correct way to add a user using the cycli is as an onboard user, as in:
|
Add a user or users to the list of local users; add user username. Also use the set command to set the password [passwd password], user ID [uid UID], group ID [gid GID], group name [group groupname], identifying string for the user in quotes [gecos “ Identifying string for the user name”], home directory [home directory_pathname], user type, regular or admin [ type regular | admin]
|