IBM DataPower Operations Dashboard v1.0.17.0

A newer version of this product documentation is available.

You are viewing an older version. View latest at IBM DPOD Documentation.

Changing Agents TCP port

Owned by shachar greenberg (Unlicensed)
Last updated: Aug 13, 2017 by Hanan Kenan

DPOD's agents (both Syslog and WS-M) listen on predefined TCP ports:

Syslog agents - 60000-60009

WS-M agents - 60020-60029

In order to change these default ports, please use the following procedure.

Changing the agent’s configuration

  1. Identify your existing agents by using the CLI Admin utility. From a console / ssh session, invoke the command app-util.sh and select option 3 (check status). A list of DPOD’s services will be displayed including the Syslog and WS-M agents.
    For example:



  2. Stop the agents that are about to be changed using the CLI Admin utility.

  3. Change the agents' listening port. From a console / ssh session invoke the command:

     /app/scripts/change_agent_config.sh -t|--agent-type <syslog | wsm> -n|--agent-number <number> -p|--agent-port <TCP port>

    The script is available in DPOD v1.0.4.0 and above. For earlier versions please contact DPOD support.

    Operation

    Purpose

    -t, --agent-type

    The agent type: Syslog or WS-M

    -n, --agent-number

    The agent number, for example: MonTier-SyslogAgent-3 is syslog agent number 3

    -p, --agent-port

    The new TCP port for the agent


    For example, the following command will change the listening port for syslog agent number 1 to TCP port 60000:

    /app/scripts/change_agent_config.sh -t syslog -n 1 -p 60000
  4. Restart (stop and start) the agents internal keepalive service (hk_keepalive) using the CLI Admin utility.

  5. Start the agents' services (Syslog / WS-M) using the CLI Admin utility.

Changing firewall rules

  1. Update DPOD's firewall service (iptables) rules to accepts network traffic using the new TCP ports.

    It is highly recommend to backup the configuration file before editing it (make a copy of the file).

  2. Edit the iptables configuration file:

    vi /etc/sysconfig/iptables

    The relevant rules for the agent network traffic are marked. Alter the rules corresponding to the new agents' ports (for example change ports 60000:60009 to 10000:10009):



  3. Restart iptables service for the new rules to take effect:

    service iptables restart

Reconfigure DataPower to work with the new agents' ports

This step is required only if changes were made to agents that are already receiving network traffic from DataPower devices.


  1. Make sure DataPower has network connectivity to the agents using the new agents TCP ports. See Network Preparation.

  2. Redeploy DPOD Syslog log targets to DataPower ("Setup Syslog for the New Monitored Devices" and "Syslog Setup for all Domains")


IBM DataPower Operations Dashboard (DPOD) v1.0.17.0