Smarts IP: How to use "--accept" to define IP address range
search cancel

Smarts IP: How to use "--accept" to define IP address range

book

Article ID: 331774

calendar_today

Updated On:

Products

VMware Smart Assurance

Environment

VMware Smart Assurance - SMARTS

Resolution

This article describes the conditions upon which --accept can be utilized for specifying a list of hosts in order to limit possible connections, as well as how to use the command  to supports an IP Range.

The --accept flag is part of the sm_server, and sm_adapter command (both sm_server and sm_adapter can utilize --accept ), which can provide another method of access control and security for a Smarts Server. This flag limits the hosts that can connect with the server. With this flag, before other security measures occur, incoming connections must pass the --accept option before authenticating.

When using --accept , an IP address range is not supported. You will have to specify a list of hosts, by name or IP address, from which programs accept connections. Multiple entries should by separated by commas. For example, specifying an IP range like below is not supported:

--accept=137.69.117.301-137.69.117.315

In order to block the IP addresses listed above, you would have to follow the below format (Addresses listed out individually and separated out by a comma):

--accept=137.69.117.301, --accept=137.69.117.302, --accept=137.69.117.303, --accept=137.69.117.304, --accept=137.69.117.305

Note:

  • By default, ITOps programs accept connections from any host. ITOps programs that accept connections are dmstart, sm_server, sm_adapter, and sm_trapd.
  • Note that sm_adapter and sm_trapd accept only connections when started with the --name option. To limit connections to the host on which ITOps software is installed, specify the name or IP address of the host instead of localhost
  • More information on --accept can be found in the Smarts Foundation Version 9.2 System Administration Guide.