Avamar: How to Use Goav Network Data Management Protocol Firewall Menu

Summary: This article explains how to use the 'goav ndmp firewall' command set.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Instructions

This feature is supported in Goav version 1.51 and later.

 

Follow the instructions in Dell article 192151, Avamar: Goav tool, to download and install the Goav tool onto Avamar. To recap:

  1. Download the tool from central.dell.com site or optionally use wget from Avamar.
  2. Make the tool executable after it is downloaded onto Avamar.

 

Network Data Management Protocol (NDMP) Firewall Menu:

Usage:M
  goav ndmp firewall [command]

Available Commands:
  allowlist   NDMP firewall settings
  disable     Disable the NDMP firewall.
  enable      NDMP firewall enable
  setup       This will display firewall rules and configured NAS client addresses
  start       NDMP firewall start
  status      NDMP firewall status
  stop        NDMP firewall stop

Flags:
  -h, --help   help for firewall

Global Flags:
  -d, --debug      debug output
  -f, --force      Ignore Configuration
  -n, --noheader   Do no display header

Use "goav ndmp firewall [command] --help" for more information about a command.

 

Commands Explained:

  • Disable the firewall service from starting on bootup: 
    ./goav ndmp firewall disable --name <ndmp accelerator>

The flag, "--name" is required.
  • Start the firewall service: 
    ./goav ndmp firewall start --name <ndmp accelerator>

The flag, "--name" is required.
  • Stop the firewall service: 
    ./goav ndmp firewall stop --name <ndmp accelerator>

The flag, "--name" is required.
  • Display the Status of one or more firewalls: 
    ./goav ndmp firewall status
  • Setup command:
    • Scans legacy firewall file (/etc/firewall-ips)
    • Scans NAS Clients configuration in /usr/local/avamar/var/<NAS Client> directory
    • Builds firewall rules
    • --build applies firewall rules to NDMP Accelerator
    • Backs up firewall file /usr/local/avamar/lib/admin/security/avfwb_custom_config.txt
    • Restarts firewall if it is running
    ./goav ndmp firewall setup

 

NDMP Firewall allowlist Menu:

This allows for users to Add/Remove CUSTOM firewall rules that are required for backups.  NAS filer IP addresses need to be ommited from Firewall

Usage:
  goav ndmp firewall allowlist [command]

Available Commands:
  add         Allows users to add ip(s) to the firewall which are required for NDMP backup/restore functionality to the NDMP Accelerator
  remove      Used to remove a NAS Filer IP address from a firewall allowlist
  show        Lists the Custom Firewall rules configured on NDMP Accelerator

Flags:
  -h, --help   help for allowlist

Global Flags:
  -d, --debug      debug output
  -f, --force      Ignore Configuration
  -n, --noheader   Do no display header

 

Commands Explained:

  • Add IP addresses to the firewall custom rules:

    ./goav ndmp firewall allowlist add 

Example: goav ndmp firewall allowlist add --ips 192.168.0.1,192.168.0.2,192.168.0.3 --name <ndmp accelerator>

The flags, "--name" and "--ips" are required.

    Also, backs up firewall file /usr/local/avamar/lib/admin/security/avfwb_custom_config.txt. This is helpful for errors "Unable to establish data connection to address <IP ADDRESS>, port <#####>."

  • Remove IP addresses from the firewall custom rules: 
    ./goav ndmp firewall allowlist remove 

The flag, "--name" is required.
  • Show custom rules for the firewall on the NDMP Accelerator: 
    ./goav ndmp firewall allowlist show --name <ndmp accelerator>

The flag, "--name" is required.

 

Affected Products

Avamar
Article Properties
Article Number: 000216619
Article Type: How To
Last Modified: 09 Jul 2024
Version:  8
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.