The Screen object controls much of the identity of SunScreen. It contains information for your stealth, HA, cluster, and administrative rules. Upon installation, a Screen object is created, which you can edit. As with other common objects you can edit, you must specify all the options that you want to set; otherwise the options are set to off, the default.
To add a screen object with a previously- created certificate, using DNS and NIS for Name Service, pass routing information, and a comment, type the following:
edit> add screen vorticity ADMIN_CERTIFICATE vorticity.admin RIP DNS NIS COMMENT "The screen that protects the sales office" |
Type the following to list all the Screens:
edit> list screen "sphere" ADMIN_CERTIFICATE "sphere.admin" CDP RIP DNS COMMENT "This is the data center screen" |
To add an SNMP receiver to the previous Screen:
edit> add screen sphere ADMIN_CERTIFICATE sphere.admin RIP DNS NIS SNMP 10.100.253.200 |
To add multiple SNMP receivers to the previous Screen object:
edit> add screen vorticity ADMIN_CERTIFICATE vorticity.admin ROUTING DNS NIS SNMP 10.100.253.200 10.100.253.254 |
To add a Time Status Indicator of 30 minutes to the previous Screen object:
edit> add screen vorticity ADMIN_CERTIFICATE vorticity.admin ROUTING DNS NIS SNMP_TIMER 30 SNMP 10.100.253.200 10.100.253.254 |
To remove SNMP receivers from the Screen, do not include them in the Screen object when you set it:
edit> add screen vorticity ADMIN_CERTIFICATE vorticity.admin RIP DNS NIS |
The Screen object allows you to set the maximum size of your log file. The value is in Mb, where 200 is 200 Mb.
At the command line prompt, type:
edit> add screen sphere ADMIN_CERTIFICATE sphere.admin CDP RIP DNS SNMP 10.100.253.200 LOGSIZE 200 |
Type the following:
edit> add screen vorticity ADMIN_CERTIFICATE vorticity.admin RIP STEALTH_NET 10.100.253.0 255.255.255.0 COMMENT "The screen in Stealth Mode" |