In article <XIfMk.3894$Fg1.3705@kovat.provo.novell.com>, Manu Kalmanovitz wrote:
> Shall I do it before using the filtsrv? Does it means to simple rename and\or copy filters.cfg to other
folder?
>
DID YOU MAKE A BACKUP OF FILTERS.CFG FIRST?

I'm trying to get you to do this before anything else, or you could wipe out all the filters you have, with
no backup.

My method, which assumes you have a) a backup of filters.cfg and b) only one BM 3.7/3.8/3.9 server in the
same OU, is to wipe the filtering objects out of NDS, then reimport them with the filtsrv migrate.

The sequence of events is critical. If you do something wrong, you will end up with no filters. This is
why it is critical that you start with a backup of filters.cfg.

Second, you unload filtsrv.nlm.

THEN, you use consoleone or nwadmin to open the nbmrulecontainer object and delete all the objects inside
it.

Finally, you use the filtsrv migrate procedure.

Then unload/reload filtsrv and check filters. You should be able to edit them with no problems now.

If you find that you have no filters, you did something out of sequence, like deleting the objects with
filtsrv still loaded. This is when you need your good backup of filters.cfg.

Don't even think about doing this without making a backup for filters.cfg first AND look at it with an
editor to see if your filter exceptions are in there before you start.

Craig Johnson
Novell Support Connection SysOp
*** For a current patch list, tips, handy files and books on
BorderManager, go to http://www.craigjconsulting.com ***

In article <XIfMk.3894$Fg1.3705@kovat.provo.novell.com>, Nanu Kalmanovitz wrote:
> Shall I do it before using the filtsrv? Does it means to simple rename and\or copy filters.cfg to other
folder?
>
> Wha I'm missing or do wrong?
>
You did not delete the old objects from NDS before remigrating the data.

You might be interested in getting my BMgr filtering book (see the URL below), which shows this operation
in detail and explains how the filters work in NDS.


You did not mention copying filters.cfg to back up that file. I'll tell you once again that it is critical
to have another copy here because if something goes wrong, you will lost all your filters.

Craig Johnson
Novell Support Connection SysOp
*** For a current patch list, tips, handy files and books on
BorderManager, go to http://www.craigjconsulting.com ***

Thanks!!!

The FILTERS.CFG problem was fixed, but the exception filter doesn't permit access tot the internal server yet.

Here are again the goal and actual definition:

I'm using the Novell SBS 6.5 tree with 3 servers:

1. Border Manager 3.8- sp1
2. GroupWise (NAT) - sp1
3. WEB (NAT) sp6 - Apache 2.0.59, MySQL ver. 5.0.67, PHP 5.2.6.

I want to permit some one from the public side to access the WEB (third) server with the RDBHOST.NLM (port 8880) utility to check\maintain the server.

The exception filter definition is:

Source: Public
Destination: Private

Protocol: TCP
Source: ALL
Destination: 8880
ACK: Disabled
Stateful: Enabled

Src Addr Type: Any Address

Dest Addr Type: Host
Dest IP Address: my server private address (NAT)


It doesn't work yet.

TIA

Nanu

In article <f2hOk.5629$Fg1.994@kovat.provo.novell.com>, Nanu
Kalmanovitz wrote:
> It doesn't work yet.
>
Does it work with filters unloaded?

The exception looks correct to me, as described. It could be that
additional ports are required. I suggest you start using filter debug
or pktscan to see what the packets are doing when they hit the server.

Craig Johnson
Novell Support Connection SysOp
*** For a current patch list, tips, handy files and books on
BorderManager, go to http://www.craigjconsulting.com ***

Yes it works while IPFLT unloaded.
I will try the tools.

TIA

Nanu

>>> Craig Johnson<craigsj@ix.netcom.com> 30/10/2008 14:50:38 >>>
In article <f2hOk.5629$Fg1.994@kovat.provo.novell.com>, Nanu
Kalmanovitz wrote:
> It doesn't work yet.
>
Does it work with filters unloaded?

The exception looks correct to me, as described. It could be that
additional ports are required. I suggest you start using filter debug
or pktscan to see what the packets are doing when they hit the server.

Craig Johnson
Novell Support Connection SysOp
*** For a current patch list, tips, handy files and books on
BorderManager, go to http://www.craigjconsulting.com ***