VMware

Jonathan Marrott's VM Scripting Blog

A swell blog containing some of the scripts I have written for VM management.

1 Posts tagged with the xml tag
0

Firewall - XML Changes (Updated)

Posted by froboy Jan 18, 2008

I decided that I didn't like changing the firewall by executing esxcfg-firewall all the time. So I edited the appropriate XML file to include the nececssary ports for TSM and VMM (HP) agent. This is different for ESX 3.0.x and 3.5. One word of caution: In ESX 3.5 if you add a service to services.xml and it exists in another XML file. You can render your system inaccessible.

ESX 3.5
Service - TSM
Location - ibmTSM.xml

<!-- Firewall configuration information for IBM TSM -->
<ConfigRoot>
<service>
<id>TSM</id>
<rule id='0000'>
<direction>inbound</direction>
<protocol>tcp</protocol>
<port type='dst'>1500</port>
<flags>-m state --state NEW</flags>
</rule>
<rule id='0001'>
<direction>outbound</direction>
<protocol>tcp</protocol>
<port type='dst'>1500</port>
<flags>-m state --state NEW</flags>
</rule>
<rule id='0002'>
<direction>inbound</direction>
<protocol>tcp</protocol>
<port type='dst'>
<begin>1581</begin>
<end>1583</end>
</port>
<flags>-m state --state NEW</flags>
</rule>
<rule id='0003'>
<direction>outbound</direction>
<protocol>tcp</protocol>
<port type='dst'>
<begin>1581</begin>
<end>1583</end>
</port>
<flags>-m state --state NEW</flags>
</rule>
</service>
</ConfigRoot>

ESX 3.0.x
Service - TSM
Location - services.xml
<service id='0023'>
<id>TSM</id>
<rule id='0000'>
<direction>inbound</direction>
<protocol>tcp</protocol>
<port type='dst'>1500</port>
<flags>-m state --state NEW</flags>
</rule>
<rule id='0001'>
<direction>outbound</direction>
<protocol>tcp</protocol>
<port type='dst'>1500</port>
<flags>-m state --state NEW</flags>
</rule>
<rule id='0002'>
<direction>inbound</direction>
<protocol>tcp</protocol>
<port type='dst'>
<begin>1581</begin>
<end>1583</end>
</port>
<flags>-m state --state NEW</flags>
</rule>
<rule id='0003'>
<direction>outbound</direction>
<protocol>tcp</protocol>
<port type='dst'>
<begin>1581</begin>
<end>1583</end>
</port>
<flags>-m state --state NEW</flags>
</rule>
</service>

Service - VMM
Location - services.xml
Note: We discontinued use of VMM do to VM reboots.

<service id='0028'>
<id>VmmService</id>
<rule id='0000'>
<direction>inbound</direction>
<protocol>tcp</protocol>
<port type='dst'>
<begin>1124</begin>
<end>1126</end>
</port>
<flags>-m state --state NEW</flags>
</rule>
<rule id='0001'>
<direction>outbound</direction>
<protocol>tcp</protocol>
<port type='dst'>
<begin>1124</begin>
<end>1126</end>
</port>
<flags>-m state --state NEW</flags>
</rule>
</service>

0 Comments Permalink Tags: esx, firewall, xml

froboy
Click to view froboy's profile Member since: Jun 26, 2006

A swell blog containing some of the scripts I have written for VM management.

View froboy's profile

Communities