doc

gasownerData Management

Jan 31, 2013 (4 years and 6 months ago)

226 views

Server Farm Removal Guide


Operation on slave machine:

1.

Get

local DB password in clish console:

[root@sp1 ~]# cat /root/.pgpass

localhost:5432:iwss:sa:aaadedbacb

2.

Run “/usr/iwss/setup
-
postgres
-
env.sh” on the slave machine and follow
the instructions.

Speci
fy PostgreSQL server name or IP address:
<Local_DB>

Specify port number of PostgreSQL [ 5432 ]:
<Port>

Specify database name of PostgreSQL [ iwss ]:
<DB_Name>

Specify the user name for PostgreSQL [ sa ]:
<User_Name>

Specify the password for user "sa":
<SA_
Pwd>

Connection via psql successful

Connection via unixODBC successful

Modifying intscan.ini

Updating ODBC configuration files


Do you want to create tables and stored procedures on the designated
PostgreSQL server ? ( y/n ) [ n ]


--

Notice
--


All exis
ting data in the IWSS related table will be lost if you select
YES


n

Using CATALINA_BASE: /usr/iwss/AdminUI/tomcat

Using CATALINA_HOME: /usr/iwss/AdminUI/tomcat

Using CATALINA_TMPDIR: /usr/iwss/AdminUI/tomcat/temp

Using JRE_HOME: /usr/iwss/Admin
UI/jre

Using CATALINA_BASE: /usr/iwss/AdminUI/tomcat

Using CATALINA_HOME: /usr/iwss/AdminUI/tomcat

Using CATALINA_TMPDIR: /usr/iwss/AdminUI/tomcat/temp

Using JRE_HOME: /usr/iwss/AdminUI/jre

Stopping database logging daemon...


Starting DataBase l
ogging daemon ...

Please wait while the InterScan Web Security Suite daemon is being
checked...ok


Shutting down the InterScan HTTP daemon...

Shutting down SCIP daemon...

No need to update /etc/iscan/intscan.ini and
/var/iwss/postgres/pgdata/postgresql.con
f.

No need to update /etc/squid/squid.conf.

Starting the InterScan HTTP daemon...

Initializing SCIP daemon...

Please wait while the InterScan Web Security Suite daemon is being
checked.....ok


Stopping InterScan Web Security Suite FTP daemon ....

All Inter
Scan Web Security Suite FTP has stopped.

Stopping metrics management daemon...

>>>>

Starting metrics management daemon...

IWSS PostgreSQL environment set
-
up finished successfully.

3.

Update

remote_db


key

in
“/etc/iscan/intscan.ini” on slave machine.

#
/etc/
iscan/intscan.ini

[Database]

remote_db = no

4.

Make sure
following
configuration of section “[Database]” and
“[Database_Log]” are set to local DB in “/etc/iscan/intscan.ini” on slave
machine.

#
/etc/iscan/intscan.ini

[Database]

# ODBC Data Source Name for con
necting database.

DSN=IWSS

# The name for the database that stores iwss information.

DB=iwss

# DB Server hostname

DB_HOSTNAME=localhost

# DB Server port

DB_PORT=5432

# The path points to the SQL statements location.

SqlPath=/usr/iwss/sql/postgresql

# Wheth
er the connection uses SQL authentication or Windows
authentication

# Note that Windows Authentication only works with MSDE/SQL Server

sql_auth=yes


[Database_Log]

# ODBC Data Source Name for connecting database.

DSN=IWSS_LOG

# The name for the database th
at stores iwss information.

DB=iwss

# DB Server hostname

DB_HOSTNAME=localhost

# DB Server port

DB_PORT=5432

5.

Clear server farm configuration.

1. Click Administration
-
>IWSVA Server Farm.

2. Uncheck checkbox of

Enable for use in a multiple IWSVA server
con
figuration




佰敲慴楯渠潮O浡獴敲慣桩湥a



Check that the “/var/iwss/postgres/pgdata/pg_hba.conf” file has the
following line, and remove it.

“host all all 10.168.100.7 255.255.255.0 password”

(10.168.100.7 is slave server ip
-
address)

#
/var/iwss/postgres
/pgdata/pg_hba.conf

# TYPE DATABASE USER IP
-
ADDRESS IP
-
MASK METHOD


local all all password

# IPv4
-
style local connections:

host all all 127.0.0.1
255.255.255.255 password

# IPv6
-
style local connections:

host all all ::1 ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
password

2.

Set the firewall configuration setting postgresql_port in the network.in
i
configuration fi
le to “0”

#/etc/iscan/network.ini

[network]

postgresql_port=
0

restart the firewall to unblock the PostgreSQL listen port.

[root@sp1 ~]# service iptables restart

3.

Clear server farm configuration.

1. Click Administration
-
>IWSVA Server Farm.

2. Uncheck check
box of

Enable for use in a multiple IWSVA server
configuration