The add command is used instead of set when multiple parameters of the same type can exist. For example, add network hosts IP address makes an entry for a host with the specified IP address in the hosts list. In that case, add is used because multiple hosts can exist.
In contrast, the set command (as in: set network interface eth0 IP address) is used to specify the IP address for one of the Ethernet interfaces. In that case, the set command is used because each interface has only one IP address.
Adding certain parameters causes one or more related parameters to be added. For example, in the case where an IP address is added to the hosts list, empty hostname and alias parameters are also added. Until values are set for empty parameters, the get or show commands list the parameter names without any values.
You must add parameters in a prescribed order. For example, because an empty hostname and alias parameters are created when you add a host’s IP address, you cannot add a host by name before specifying the host’s IP address, and you cannot specify the host name at the same time as its IP address. To specify a name or alias for a host you need to add the host first by adding its IP address, then you need to use the set command to specify its name and alias.
The following table shows the parameters that can be added using the add command. When a parameter is shown in the Parameter Level 2 column, the Parameter Level 1 and Parameter Level 2 parameters must be entered with the add command.
|
|
|
|
|
|
|
|
Adds a VPN IPSec connection: add ipsec conn connection_name. Then use the set command to set the following for the left host: a left host IP address [left IPaddress], an optional alias for the left host [leftid alias], an optional RSA key [leftrsasigkey key], an optional subnet IP address [leftsubnet IPaddress], an optional next hop IP address [leftnexthop IPaddress]. Use the set command to set the following for the right host: a right host IP address [right IPaddress], an optional alias for the right host [rightid alias], an optional RSA key [rightrsasigkey key], an optional subnet IP address [rightsubnet IPaddress], an optional next hop IP address [rightnexthop IPaddress].
|
|
|
Adds a shared key: add ipsec key key_name. Then use the set command to set the key [set key_name key]. The key can be in hexadecimal (with the 0x prefix followed by any of: a-f, A-F, 0-9), in base 64 (with the 0s prefix followed by any base 64 number using a-z, A-Z, +, or \); or a text string (entered with the 0t prefix followed by text):
|
|
|
Add chainname to the list of chains: add iptables nat|filter chainname. By default, a set of chains is defined but no rules are configured: For NAT, the predefined chains are: PREROUTING, POSTROUTING, OUTPUT. For filter, the predefined chains are: INPUT, OUTPUT, FORWARD.
Then use the set command to set filtering policies for each rule, by optionally specifying one or more of the following: a destination IP, [destination IPaddress]; whether to invert the destination IP [inv]; a source IP address [source IPaddress] whether to invert the source IP address [inv]; a protocol [tcp, udp, icmp, all or a protocol number], whether to invert the protocol [inv]; for protocol tcp or udp, the destination port [dport]; source port [sport]; whether to invert the protocol [inv]; an input interface [in-interface]; whether to invert the in-interface [inv]; an output interface [out-interface]; whether to invert the out-interface [inv]; whether to allow fragments [fragment yes] or to disallow all fragments [fragment no]; whether to invert the fragment yes | no [inv]; a target action [target action]. For NAT and filter, the following target actions are defined: DROP, ACCEPT, REJECT or chainname. For NAT, the following additional target actions are defined: DNAT to change the destination address [DNAT to-destination IPaddress]; and SNAT, to change the source IP [SNAT to-source IPaddress].
|
|
|
Add an IP address for a host: add network hosts IPaddress. Then use the set command to set the following for the host: a hostname [name], an optional alias [alias].
|
|
|
Add to the list of static route targets a subnet or host (networks in the form 1.2.3.4/255.255.0.0 or host IPs): add network st_routes network_IPaddress/netmask | host_IPaddress.
|
|
|
Add a notification using any name add notifications notification_name. Then use the set command to set the trigger specifying the format used for triggers in the /etc/syslog.ng file [trigger trigger_string]; a notification type, one of SNMP, SMS or MAIL [type SNMP|SMS|MAIL].
|
|
|
If MAIL is set, then use set notifications MAIL with the recipient email address [to email_address]; sender email address [from email_address]; Subject: line in quotes [subjectsubject of the notification email]; email message body in quotes [body body of the email message]; mail server IP address [mail_server IP_address].
|
|
|
If SNMP is set, use set notifications snmptrap with an OID [oid OID]; trap number [trapnumber number]; community name [community community_name]; server IP address [server IPaddress]; message body in quotes [body body of the email message].
|
|
|
If SMS is set, use set notifications pager with an pager number [number pager_number], message body in quotes [body body of the pager message]; username [user username]; server IP address [server IPaddress]; port number [port number].
|
|
|
Add a managed device (SP, server, or device): add server device_name. Also use the set command to set the type: drac, rsa-II, ilo, ipmi1_5 [type device_type], devconsole, custom1, custom2, custom3; authentication type: kerberos, kerberosdownlocal, ldap, ldapdownlocal, local, localnis, localradius, localtacplus, nis, nisdownlocal, nislocal, none, radius, radiusdownlocal, radiuslocal, smb, smbdownlocal, tacplus, tacplusdownlocal, tacpluslocal [authtype device_type]; the IP address for the device [ip | local_ip IP_address]; the device’s netmask [netmask netmask]; if drac type is set, enter the DRAC console port ID, either com1 or com2 [drac_console_port com1 | com2]; the login name [login username]; the user’s password [password password]; a short description for the server in quotes [description device description]; enable or disable event logging [eventlog enable yes | no].
When eventlog is enabled, use the set command to set the frequency for logging in hours [frequency hours]; the maximum log size in bytes [maxlogsize size].
|
|
|
Add a device for an existing user or group when the device_name has been added as described under onboard server: add onboard user | group device_name. Then use the set command to set permissions for sensors, power, sel, spconsole, console, kvm, vpn, specifying either yes or no for each.
|
|
|
Add a read-write community [rwcommunity] or a read-only community [rwcommunity]: add snmpd rwcommunity | rocommunity community_name. Then use the set command to set the source IP [source] and OID [oid].
|
|
|
Add a read-write user [rwuser] or a read-only user [rouser]: add snmpd rwuser | rouser user_name. Then use the set command to set the user level [level noauth | auth] and OID [oid].
|
|
|
Add a user: add snmpd user user_name. Then use the set command to set the common method snmpd, proxy, or host [common]; the authentication method, MD5 or SHA [authmethod] and authentication pass phrase, must be greater than eight characters [authpassphrase];encryption method, must be DES [cryptmethod]; encryption pass phrase, must be greater than eight characters [cryptpassphrase].
|
|
|
Adds a group: add snmpd group group_name. Then use the set command to set the security model: v1, v2c, or usm [sec_model] and security name [sec_name].
|
|
|
Adds a view: add snmpd view. view_name Also use the set command to set the policy as included or excluded [incl_excl included | excluded], [subtree], [mask].
|
|
|
Adds an access type. add snmpd access. type. Also use the set command to set the [context], security model: v1, v2c, or usm [sec_model v1 | v2 | usm], security level [sec_level], [match], [read|write|notif].
|
|
|
Adds a snmpd view. Also use the set command to set common level [common snmpd|proxy[$i]-Cn], proxy version [version snmpd|proxy[$i]-Cn],a community or a user [community|user]; OID [oid], security level [sec_level snmpd|proxy[$i]-Cn]; the location of the system, syslocation and contact person, syscontact [syscontact | syslocation].
|
|
|
Adds a destination name for syslog messages: add syslog destination server_name. Also use the set command to enable or disable the destination [enable yes|no]; set a destination type, one of tcp, udp, or file [type tcp | udp | file]; set a valid username as the owner of the tty [usertty username]; set an IP address for the destination [tcp|udp IP_address]; set a destination filename [file filename]; set a named pipe as a destination [pipe pipename].
|
|
NOTE: Do not use. The correct way to add a user using the cycli is as an onboard user, as in: add onboard user joe
|
Add a user or users to the list of local users; add user username. Also use the set command to set the password [passwd password], user ID [uid UID], group ID [gid GID], group name [group groupname], identifying string for the user in quotes [gecos Identifying string for the user name], home directory [home directory_pathname], user type, regular or admin [type regular | admin].
|