set Command
The set command sets up the system IP address, DNS server IP address, Ethernet type, system clock and time zone, NTP server IP address, and failover.
Type the following command from your command line.
set [ clock | data migration | digest | dns | ethn | failover | ip | ipv6 | ntpserver | regexsearches | reverse_forward | strong_passwd | timezone | tls syslog key password]
| Parameter | Description |
|---|---|
| clock | Sets the system date and time. set clock takes an option in the format: MMDDhhmm[[CC]YY][.ss] |
| data migration | Configures the appliance for data migration. After entering the command, the appliance prompts you to identify which migration path to use. You must run the command on both the appliance being migrated from and to. |
| digest | Sets the appliance SHA Digest. The default is the 128-bit MD5 Digest. If the digest setting is changed, the appliance will be restarted to synchronize the log data collection processes to use the new SHA Digest.
Usage of the 256-bit SHA2 Digest can reduce the maximum message handling rate of the appliance up to 20%. The command takes one of the following options: SHA256 | MD5 | default. |
| dns | Queries the Internet Domain Name System (DNS) for host information. This command helps to convert host names into IP addresses and vice versa.
This command takes one option: dns-server-ip-address |
| ethn | Changes network card settings.
n is the number of the interface (eth0, eth1, etc.).
This command takes one of the following options: [ 100baseTx-FD | 100baseTx-HD | 10baseT-FD | 10baseT-HD | 1000baseTx-FD | 1000baseTx-HD | auto ] |
| failover | Assigns or resets failover active and standby appliance roles. For more information, see
Failover.
This command takes either of two options: configure | disable The command prompts you for several options before taking certain actions. |
| ip | Configures the kernel-resident network interfaces on the appliance.
This command takes several options: ip-address netmask gateway [ifdev] [defaultgw] ifdev specifies either eth0, eth1, eth2, or bond0. The default is bond0. defaultgw specifies the default gateway. Optional for specific NICs, but one NIC must be specified. The last gateway specified in defaultgw is in effect. Note: The
defaultgw keyword no longer has any effect and is allowed only for backward compatibility.
When asked whether you want a certificate generated for Blue Coat when you also plan to use the TLS TCP syslog feature, ensure that you choose yes. Alternatively, you can use a custom certificate. |
| ipv6 | Configures the kernel-resident network interfaces on the appliance with IPv6 address.
This command takes several options: ipv6-address ipv6-prefix gateway [ifdev] [defaultgw] ifdev specifies the network interface name or bond interface, like eth0, eth1, eth2, or bond0. defaultgw specifies the default gateway. Optional for specific NICs, but one NIC must be specified. The last gateway specified in defaultgw is in effect. |
| ntpserver | Sets the network time server.
This command takes either of two options: ipaddress | hostname |
| regexsearches | Sets the number of simultaneous regular expression searches that the appliance can run.
This command takes one option: limit |
| reverse_forward [ disable | tunnel_init on| tunnel_init off| tunnel_init add <ip_address>|tunnel_init delete <ip_address>| tunnel_accept [on|off] ] | disable - Disables reverse tunnel.
tunnel_init on - The appliance will try to initiate tunnels to the partners configured. tunnel_init off - The appliance will not try to initiate tunnels. tunnel_init add <ip_address> - To add a LogLogic appliance IP address to initiate a tunnel to. tunnel_init delete <ip_address> - To remove the tunnel to the LogLogic appliance with the specified IP address. tunnel_accept [on|off] - The appliance will [accept not} tunnel connections. |
| strong_passwd [ enable | disable | settings | expiration ] | Controls the use of strong passwords for user authentication through the CLI on the appliance. (To set strong passwords for GUI access, see
System Settings.)
enable - turns on the requirement of strong passwords for appliance users disable - turns off the requirement of strong passwords for appliance users settings - sets the strong password requirements for the appliance. This command requires five options, as follows: settingslowermin uppermin digitsmin nonalphanum minlength lowermin - Minimum required lowercase letters (default and minimum = 1) uppermin - Minimum required uppercase letters (default and minimum = 1) digitsmin - Minimum number of numeric digits (default and minimum = 1) nonalphanum - Minimum number of non-alphanumeric characters (default and minimum = 1) minlength - Minimum number of total characters in the password (default = 15; minimum is 6 or the sum of the other four settings, whichever is greater) expiration - the number of days after which a user password expires on the appliance (1 through 99999 or never) After disabling strong passwords, all settings are retained, but are only effective when strong passwords are enabled. |
| timezone | Sets the time zone conversion. A time zone table displays with all possible selections. Enter a selection from this time zone table. |
| tls syslog key password | Sets the TLS key password if you are enabling TCP TLS support for the TCP collector. |
Examples
- To set up a failover configuration for your Appliances:
- On the active appliance:
> set failover configure Enter the public Ip address of the cluster in the form <ip> <netmask> <broadcast>: CHANGES HAVE NOT BEEN SAVED! > save Writing changes to disk... Removing default gateway... Bringing down the eth0 interface... Bringing down the eth1 interface... Bringing up the eth0 interface... Bringing up the eth1 interface... Setting up default gateway... Bringing down the eth1 interface... Bringing up the eth1 interface... done.
On the standby appliance:> set failover configure CHANGES HAVE NOT BEEN SAVED! > save Writing changes to disk... Removing default gateway... Bringing down the bond0 interface... Bringing up the eth0 interface... Setting up default gateway... Bringing down the eth1 interface... Bringing up the eth1 interface... done.
- To disable the failover configuration:
- On the Standby system:
> set failover disable > save Writing changes to disk... Removing default gateway... Bringing down the eth0 interface... Bringing down the eth1 interface... Bringing up the bond0 interface... Setting up default gateway... done.
On the Active system:> set failover disable CHANGES HAVE NOT BEEN SAVED! > save Writing changes to disk... hecking network configuration now... [IPv4] Please select the network interface that will be the default gateway. 0. 192.168.1.245 eth0 1. Do not save this configuration. Exit now. > 0 The default gateway has been designated. Thank you. Please select the IP address to use to generate the BlueCoat certificate. 0. 192.168.1.245 eth0 1. Do not generate the BlueCoat certificate. > 1 The BlueCoat certificate will not be generated. Thank you. STOPPING MASTER TASK... [writing new cluster configuration] STARTING MASTER TASK...(ok) done.
- To set up network IP addresses for Ethernet interface 0:
-
> set ip 10.1.1.10 255.255.255.0 10.1.1.255 eth1 > show changes Current changes that have not been saved: ip address eth0 10.1.1.10 255.255.255.0 10.1.1.255 CHANGES HAVE NOT BE SAVED! > save
- To enable strong passwords and set each character minimum to 2, total minimum to 8, and expiration to 90:
-
> set strong_passwd enable > set strong_passwd settings 2 2 2 2 8 > set strong_passwd expiration 90