144 DOMINION SX USER G UIDETo view the current iptables rulesetadmin > Security >firewall >iptables –listClear the iptables rulesTo clear the iptables rules.admin > Security >firewall >iptables --flushSave the configured settingsTo save the iptables rules into the local database.admin > Security >firewall >iptables-saveExecute this command once you have configured all the settings.Kerberos CommandThe kerberos command menu provides access to the commands used to configure the Kerberosnetwork authentication protocol. The Kerberos commands are listed in the table below.Table 61 Kerberos CommandsCOMMAND DESCRIPTIONgethostnamefile Get /etc/hosts in case of DNS failure filegetkrbconfig Get kerberos 5 configuration filekadmin Kerberos admin clientkerberos Kerberos based Network Authenticationkinit get kerberos ticketklist list kerberos ticketKerberos and DSXDSX can use kerberos authentication by using the following steps. As a result , Kerberos-basednetwork mutual authentication and symmetric [ a.k.a. private/secret] key cryptography can beachieved in the CLI and GUI of the DSX for remote user authentication.See the MIT Kerberos website for information about Kerberos, KDC, Kadmind , client machinesetup, and the FAQs related to these topics.1. Set your krb5.conf stanzas and ftp it using getkrbconfig [ configuration settings availablein : http://www.faqs.org/faqs/kerberos-faq/general/section-38.html ]2. Get a ticket use : kinit.3. Use kadmin to add the keys to /etc/krb5.keytab for HTTP/FQDN@REALM andhost/FQDN@REALM .These keys are consistent across boots.4. Remote authentication and authorization can be set up along with Kerberosauthentication. HTTP and telnet access will prompt you to enter username and password.Currently Kerberos does not automatically map to local or remote usernames.5. Enable Kerberos.6. After a reboot, DSX is ready for secure telnet and HTTP protocol remote access.Diagnostic Tips:• Use the name command in the network menu to set the FQDN for DSX.• Disable HTTP redirect from the services menu.• Synchronize the time of the client machine. DSX machine, KDC and kadmind machinesusing time menu and ntp option.