Novell Home

My Favorites

Close

Please to see your favorites.

Restoring BorderManager 3.7 default filters

(Last modified: 26Aug2005)

This document (10080403) is provided subject to the disclaimer at the end of this document.

fact

BorderManager 3.7

BorderManager filters

(...also see TID 10013153)

This tid is specific for NBM 3.7. For NBM 3.8, check tid10097678 or pay attention to the notes added to this tid.

symptom

How do I put default filters back in place for BorderManager 3.7?

How do I restore/reset BorderManager 3.7 default filters?

fix

1. Make sure there is a Master or Read/Write replica of eDirectory on the BorderManager server (of the partition that the BM server is in).  Make sure that there are NO eDirectory errors (DSREPAIR).

2. Make sure that in the SYS:\ETC\HOSTS file, you do NOT list the PUBLIC interface (IP address), and make sure that only the PRIVATE interface is listed, with only the SERVERNAME, for example:

# PrivIP     ServerName
10.0.0.1     SERVERNAME

(NOTE: you want a blank line as the last line in the file, and that you do NOT use TAB characters to separate the private IP address and the servername...use spaces.  Also, make sure that there is NOT a 3rd entry on this line...only these 2 entries).


***** ***** ***** ***** ***** ***** ***** ***** ***** ***** ***** *****
3. Make sure that at least BorderManager 3.7 SP3 and bm37fp4e.exe are installed.

FOR NBM 3.8, BM38SP3.EXE IS THE CURRENT MINIMUM

 

4. Go to INETCFG->Protocols->TCP/IP->Filter Support (DISABLE this).  Do NOT "reinitialize system" at this point.  EXIT out of INETCFG.

5. Delete all filters/objects in the "NBMRuleContainer" in NWAdmin/ConsoleOne.  Do NOT delete the "NBMRuleContainer" itself. An easy way to do this is.
LOAD FILTSRV -CF (This clear the filters from ds).
Watch them purge from DS with:
SET DSTRACE=ON
SET DSTRACE=+OBIT
SET DSTRACE=*J
Here is an example of the filters purging from DS.
Processing obits, entry [000088e9] <._PF_10311.NBMRuleContainer.OU1.O1.>
Give this process a few minutes to complete.

6. Rename FILTERS.CFG (or delete it). ONLY APPLICABLE TO 3.7. NOT NECESSARY WITH 3.8 AS BRDCFG.NLM IN 3.8 WILL WRITE THE FILTERS DIRECTLY INTO EDIR.

7. Reinitialize System.


***** ***** ***** ***** ***** ***** ***** ***** ***** ***** ***** *****
8. LOAD BRDCFG.NLM.

9. Say NO to launch INETCFG.NLM.

10. Select Set filters on the Public interface.

11. Select the PUBLIC interface and enter on continue.

12. Hit ENTER when prompted to acknowledge both IP and IPX filter placement success.

13. Hit ESCAPE to leave BRDCFG.NLM. The system will be reinitialized automatically.

14. Unload IPFLT, IPFLT31, AND FILTSRV at the console.  *** Make SURE that FILTSRV is unloaded! ***

15. Load FILTSRV MIGRATE  (this will migrate the filters into eDirectory...from the FILTERS.CFG file). ONLY APPLICABLE TO 3.7. NOT NECESSARY WITH 3.8 AS BRDCFG.NLM IN 3.8 WILL WRITE THE FILTERS DIRECTLY INTO EDIR.

16. Unload FILTSRV.

17. Reinitialize System.

18. Go into FILTCFG to see if filters are there.  If the filters are NOT there, then verify the size of the FILTERS.CFG file (should be at least 4k in size).  If it is NOT at least 4k in size, then copy the BRDCFG.NLM from the BM 3.7 CDROM, then repeat from STEP #8 above.

ONLY APPLICABLE TO 3.7. NOT NECESSARY WITH 3.8 AS BRDCFG.NLM IN 3.8 WILL WRITE THE FILTERS DIRECTLY INTO EDIR. IF FILTERS ARE NOT THERE, THERE IS AN UNDERLYING DS PROBLEM.

19. If STEP #18 doesn't do it, then copy BUILTINS.CFG from the BM 3.7 CDROM, then repeat from STEP #8 above.  Verify size of FILTERS.CFG.

ONLY APPLICABLE TO 3.7. NOT NECESSARY WITH 3.8 AS BRDCFG.NLM IN 3.8 WILL WRITE THE FILTERS DIRECTLY INTO EDIR.

20. Reboot the server, and verify that FILTCFG shows the filters.

 

If this doesn't work, delete the NBMRuleContainer and recreate it following TID 10071884 step one.  Start with step six in this tid.

In some cases, old TCPIP stacks can cause problems with filters.  Make sure the TCPIP stack is current and has not be back rev'd.

disclaimer

The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.
Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.

  • Document ID:
  • 10080403
  • Solution ID: NOVL87343
  • Creation Date: 20Feb2003
  • Modified Date: 26Aug2005
    • NovellGroupware

      NetWare

      BorderManager Services

Did this document solve your problem? Provide Feedback