Article Number
000036446
Applies To
RSA Product Set: NetWitness Logs & Network
RSA Product/Service Type: NetWitness Admin Server
RSA Version/Condition: 11.x
Task
This article describes how to add custom firewall rules in situations where the requirement for custom firewall rules arises after nwsetup-tui has completed.
Resolution
Add a
customer-firewall line to the
/etc/netwitness/config-management/environments/netwitness.json file, which contains persistent data about the environment, by performing the steps below.
- Connect to the host via SSH.
- Update the netwitness.json file, adding the customer-firewallline.
The line needs to go between the global header and the mongo sub-header (Please ensure to add a comma at the end of the line).
# vi /etc/netwitness/config-management/environments/netwitness.json
"global" : {
"customer-firewall" : true,
"mongo" : {
- Update the iptables and ip6tables files with the custom firewall rules.
- /etc/sysconfig/iptables
- /etc/sysconfig/ip6tables
- Reload the iptables and ip6tables services.
# service iptables reload
# service ip6tables reload
Notes
Once the customer-firewall line is added and persisted in the netwitness.json file on a certain version, it will propagate forward on all future updates.
This change has to be applied to all hosts where we want to configure custom firewalls rules, otherwise, the firewall rules will not persist.
