How to bind specific interface of the machine to Firewall Analyzer application?
For customers of version 7.5 or higher
Note: |
- In Windows, to comment a line in the batch (.bat) file prefix 'rem' to the line and to uncomment remove the 'rem' in the beginning of the line.
- In Linux, to comment a line in the script (.sh) file prefix '#' to the line and to uncomment remove the '#' in the beginning of the line.
|
For Windows Machine: (running as application and not as service)
- Shutdown Firewall Analyzer.
- Open the run.bat file which is under <Firewall Analyzer Home>bin directory and go to "RESTART Command block", uncomment the below RESTART command line and replace <ip-address> with the IP address to which you want to bind the application, comment the existing RESTART command line and save the file.
rem %JAVA% %JAVA_OPTS% -cp "%CLASS_PATH%" com.adventnet.mfw.Starter %SAFE_START% -c default -b <ip-address>
to
%JAVA% %JAVA_OPTS% -cp "%CLASS_PATH%" com.adventnet.mfw.Starter %SAFE_START% -c default -b <ip-address>
%JAVA% %JAVA_OPTS% -cp "%CLASS_PATH%" com.adventnet.mfw.Starter %SAFE_START%
to
rem %JAVA% %JAVA_OPTS% -cp "%CLASS_PATH%" com.adventnet.mfw.Starter %SAFE_START%
- Open setcommonenv.bat file which is under <Firewall Analyzer Home>bin directory and go to "JAVA_OPTS Setting command Block", uncomment the below JAVA_OPTS setting command line and replace <ip-address> with the IP address to which you want to bind the application and comment the existing JAVA_OPTS setting command.
rem set JAVA_OPTS=-Djava.library.path=..lib;..libnative -DpdfReport=false -Duser.country=US -Duser.language=en -DminDiskSpace=5 -Xms128m -Xmx512m -Dspecific.bind.address=<ip-address>
to
set JAVA_OPTS=-Djava.library.path=..lib;..libnative -DpdfReport=false -Duser.country=US -Duser.language=en -DminDiskSpace=5 -Xms128m -Xmx512m -Dspecific.bind.address=<ip-address>
set JAVA_OPTS=-Djava.library.path=..lib;..libnative -DpdfReport=false -Duser.country=US -Duser.language=en -DminDiskSpace=5 -Xms256m -Xmx1024m
to
rem set JAVA_OPTS=-Djava.library.path=..lib;..libnative -DpdfReport=false -Duser.country=US -Duser.language=en -DminDiskSpace=5 -Xms256m -Xmx1024m
- Open the postgresql.conf file which is under <Firewall Analyzer Home>pgsqldata directory and uncomment the line '#listen_addresses = 'localhost'' in the CONNECTIONS AND AUTHENTICATION section and replace the 'localhost' with the '<binding IP address>' to which you want to bind the application and save the file.
#------------------------------------------------------------------------------
# CONNECTIONS AND AUTHENTICATION
#------------------------------------------------------------------------------
# - Connection Settings -
#listen_addresses = 'localhost' # what IP address(es) to listen on;
# comma-separated list of addresses;
# defaults to 'localhost'; use '*' for all
# (change requires restart)
to
#------------------------------------------------------------------------------
# CONNECTIONS AND AUTHENTICATION
#------------------------------------------------------------------------------
# - Connection Settings -
listen_addresses = <binding IP address> # what IP address(es) to listen on;
# comma-separated list of addresses;
# defaults to 'localhost'; use '*' for all
# (change requires restart)
- Open the pg_hba.conf file which is under <Firewall Analyzer Home>pgsqldata directory and add the line
host all all <binding IP address in IPv4 format>/32 trust
after the line
host all all 127.0.0.1/32 trust
and save the file.
# TYPE DATABASE USER ADDRESS METHOD
# IPv4 local connections:
host all all 127.0.0.1/32 trust
# IPv6 local connections:
host all all ::1/128 trust
to
# TYPE DATABASE USER ADDRESS METHOD
# IPv4 local connections:
host all all 127.0.0.1/32 trust
host all all <binding IP address in IPv4 format>/32 trust
# IPv6 local connections:
host all all ::1/128 trust
- Restart Firewall Analyzer.
For Windows machine (running as service)
- Stop the Firewall Analyzer service.
- Open setcommonenv.bat file which is under <Firewall Analyzer Home>bin directory and go to "JAVA_OPTS Setting command Block", uncomment the below JAVA_OPTS setting command line and replace <ip-address> with the IP address to which you want to bind the application and comment the existing JAVA_OPTS setting command.
rem set JAVA_OPTS=-Djava.library.path=..lib;..libnative -DpdfReport=false -Duser.country=US -Duser.language=en -DminDiskSpace=5 -Xms128m -Xmx512m -Dspecific.bind.address=<ip-address>
to
set JAVA_OPTS=-Djava.library.path=..lib;..libnative -DpdfReport=false -Duser.country=US -Duser.language=en -DminDiskSpace=5 -Xms128m -Xmx512m -Dspecific.bind.address=<ip-address>
set JAVA_OPTS=-Djava.library.path=..lib;..libnative -DpdfReport=false -Duser.country=US -Duser.language=en -DminDiskSpace=5 -Xms256m -Xmx1024m
to
rem set JAVA_OPTS=-Djava.library.path=..lib;..libnative -DpdfReport=false -Duser.country=US -Duser.language=en -DminDiskSpace=5 -Xms256m -Xmx1024m
- Open the wrapper.conf file which is under <Firewall Analyzer Home>serverconf and go to "Adding Application Parameters Block", uncomment the below Application Parameters from 2 to 5 and replace <ip-address> in 4th and 5th Application Parameter with the IP address to which you want to bind the application and save the file.
wrapper.app.parameter.1=com.adventnet.mfw.Starter
#wrapper.app.parameter.2=-L../lib/AdventNetDeploymentSystem.jar
#wrapper.app.parameter.3=-c default
#wrapper.app.parameter.4=-b <ip-address>
#wrapper.app.parameter.5=-Dspecific.bind.address=<ip-address>
- Open the postgresql.conf file which is under <Firewall Analyzer Home>pgsqldata directory and uncomment the line '#listen_addresses = 'localhost'' in the CONNECTIONS AND AUTHENTICATION section and replace the 'localhost' with the '<binding IP address>' to which you want to bind the application and save the file.
#------------------------------------------------------------------------------
# CONNECTIONS AND AUTHENTICATION
#------------------------------------------------------------------------------
# - Connection Settings -
#listen_addresses = 'localhost' # what IP address(es) to listen on;
# comma-separated list of addresses;
# defaults to 'localhost'; use '*' for all
# (change requires restart)
to
#------------------------------------------------------------------------------
# CONNECTIONS AND AUTHENTICATION
#------------------------------------------------------------------------------
# - Connection Settings -
listen_addresses = <binding IP address> # what IP address(es) to listen on;
# comma-separated list of addresses;
# defaults to 'localhost'; use '*' for all
# (change requires restart)
- Open the pg_hba.conf file which is under <Firewall Analyzer Home>pgsqldata directory and add the line
host all all <binding IP address in IPv4 format>/32 trust
after the line
host all all 127.0.0.1/32 trust
and save the file.
# TYPE DATABASE USER ADDRESS METHOD
# IPv4 local connections:
host all all 127.0.0.1/32 trust
# IPv6 local connections:
host all all ::1/128 trust
to
# TYPE DATABASE USER ADDRESS METHOd
# IPv4 local connections:
host all all 127.0.0.1/32 trust
host all all <binding IP address in IPv4 format>/32 trust
# IPv6 local connections:
host all all ::1/128 trust
- Restart Firewall Analyzer
For Linux Machine: (running as application and not as service)
- Open setcommonenv.sh file which is under <Firewall Analyzer Home>/bin directory and go to "JAVA_OPTS Setting command Block", uncomment the below JAVA_OPTS setting command and replace <ip-address> with the IP address to which you want to bind the application and comment the existing JAVA_OPTS setting command and save the file.
#JAVA_OPTS="-Djava.awt.headless=true -DpdfReport=false -Duser.language=en -Duser.country=US -DminDiskSpace=5 -Djava.library.path=../lib:../lib/native -Xms128m -Xmx512m -Dspecific.bind.address=<ip-address>"
to
JAVA_OPTS="-Djava.awt.headless=true -DpdfReport=false -Duser.language=en -Duser.country=US -DminDiskSpace=5 -Djava.library.path=../lib:../lib/native -Xms128m -Xmx512m -Dspecific.bind.address=<ip-address>"
JAVA_OPTS="-Djava.awt.headless=true -DpdfReport=false -Duser.language=en -Duser.country=US -DminDiskSpace=5 -Djava.library.path=../lib:../lib/native -Xms256m -Xmx1024m"
to
#JAVA_OPTS="-Djava.awt.headless=true -DpdfReport=false -Duser.language=en -Duser.country=US -DminDiskSpace=5 -Djava.library.path=../lib:../lib/native -Xms256m -Xmx1024m"
- Open the postgresql.conf file which is under <Firewall Analyzer Home>pgsqldata directory and uncomment the line '#listen_addresses = 'localhost'' in the CONNECTIONS AND AUTHENTICATION section and replace the 'localhost' with the '<binding IP address>' to which you want to bind the application and save the file.
#------------------------------------------------------------------------------
# CONNECTIONS AND AUTHENTICATION
#------------------------------------------------------------------------------
# - Connection Settings -
#listen_addresses = 'localhost' # what IP address(es) to listen on;
# comma-separated list of addresses;
# defaults to 'localhost'; use '*' for all
# (change requires restart)
to
#------------------------------------------------------------------------------
# CONNECTIONS AND AUTHENTICATION
#------------------------------------------------------------------------------
# - Connection Settings -
listen_addresses = <binding IP address> # what IP address(es) to listen on;
# comma-separated list of addresses;
# defaults to 'localhost'; use '*' for all
# (change requires restart)
- Open the pg_hba.conf file which is under <Firewall Analyzer Home>pgsqldata directory and add the line
host all all <binding IP address in IPv4 format>/32 trust
after the line
host all all 127.0.0.1/32 trust
and save the file.
# TYPE DATABASE USER ADDRESS METHOD
# IPv4 local connections:
host all all 127.0.0.1/32 trust
# IPv6 local connections:
host all all ::1/128 trust
to
# TYPE DATABASE USER ADDRESS METHOD
# IPv4 local connections:
host all all 127.0.0.1/32 trust
host all all <binding IP address in IPv4 format>/32 trust
# IPv6 local connections:
host all all ::1/128 trust
- Restart Firewall Analyzer
Note: |
To shutdown Firewall Analyzer use the below command
./shutdown.sh -S -s <ip-address>:<jndi-port>
where <jndi-port> in the above command is the one which you have set in sample-bindings.xml
Ensure that the following two conditions are met:
- In .etc/nsswitch.conf file you need to ensure the below line:
hosts: files dns
i.e. it should be in the order 'files' and 'dns' not the reverse as 'dns' and 'files'.
i.e. it should not be hosts: dns files
- In .etc/hosts file add the below one as the first line
<binded-ip-address> localhost
Replace <binded-ip-address> with the ip-address to which you want to bind your application.
|
- Open the postgresql.conf file which is under <Firewall Analyzer Home>pgsqldata directory and uncomment the line '#listen_addresses = 'localhost'' in the CONNECTIONS AND AUTHENTICATION section and replace the 'localhost' with the '<binding IP address>' to which you want to bind the application and save the file.
#------------------------------------------------------------------------------
# CONNECTIONS AND AUTHENTICATION
#------------------------------------------------------------------------------
# - Connection Settings -
#listen_addresses = 'localhost' # what IP address(es) to listen on;
# comma-separated list of addresses;
# defaults to 'localhost'; use '*' for all
# (change requires restart)
to
#------------------------------------------------------------------------------
# CONNECTIONS AND AUTHENTICATION
#------------------------------------------------------------------------------
# - Connection Settings -
listen_addresses = <binding IP address> # what IP address(es) to listen on;
# comma-separated list of addresses;
# defaults to 'localhost'; use '*' for all
# (change requires restart)
- Open the pg_hba.conf file which is under <Firewall Analyzer Home>pgsqldata directory and add the line
host all all <binding IP address in IPv4 format>/32 trust
after the line
host all all 127.0.0.1/32 trust
and save the file.
# TYPE DATABASE USER ADDRESS METHOD
# IPv4 local connections:
host all all 127.0.0.1/32 trust
# IPv6 local connections:
host all all ::1/128 trust
to
# TYPE DATABASE USER ADDRESS METHOD
# IPv4 local connections:
host all all 127.0.0.1/32 trust
host all all <binding IP address in IPv4 format>/32 trust
# IPv6 local connections:
host all all ::1/128 trust
- Restart Firewall Analyzer