CacheGuard-OS
User's Guide - Version UF-2.1.3


Configuration Management

To implement the appliance in an existing network it must be configured adequately. The behaviour of the appliance depends on a set of parameters combined together to form a "Configuration" seen as a whole. To see the current (or running) configuration use the command "conf" without any argument.

Parameters

The appliance is configured by setting different parameters using online commands ( Console port or SSH) or the Web administration GUI (see the Administration Interface section). There are different types of parameters: A classical parameter is given alongside a command as its argument. For instance to set the internal network interface use the command: "ip internal <ip > <netmask>"

A boolean parameter is activated with the keyword "on" and deactivated with the keyword "off". For instance to activate the compress use the command "compress on".

List parameters are manipulated using the following keywords:

For instance to add a route use the command "ip route add <ip> <netmask> <gateway>".

Applying a Configuration

The appliance always has two configurations: a current (or running) configuration and a new configuration (or programmed). The configuration process consist of two steps:
  1. The Parameter Setting step
  2. The Applying step
During the Parameter Setting step, used commands do not immediately affect the running system. To be operational a configuration (set of parameters) must be applied to the system. The applying process replaces the current (running) configuration by a new programmed configuration. After the "apply" process and if no error is detected, the current configuration is equal to the new configuration. The command "conf diff" allows you to compare the current and the new configuration and shows differences between those configurations.

A configuration is seen as a whole and to be applicable, all settings should be compatible together. The command "apply" does all integrity checks before applying a configuration. To apply a configuration use the command "apply". This command launches a system apply as background task. The system apply may take from seconds to some minutes according to the nature of the configuration and the performance of your hardware. The command "apply report" prints the state execution report of the latest "apply" command.

If after having set different parameters to create a new configuration you decide to cancel the programmed configuration you can use the command "cancel". This is only possible before the use of command "apply".

Finally, there is the ability to reset to the initial factory configuration. To apply the factory configuration use the following commands:

Load & Save a Configuration

The configuration may be saved on a file server (FTP, TFTP...) with the command "conf". Only trusted file servers are allowed to communicate with the appliance. A file server is declared trusted by using the command "access". To trust the TFTP server identified by the IP address "172.18.2.1" use the following commands: Wait for the termination of the asynchronous command "apply" (use the command "apply report" to see the execution state report). Now to save the current running configuration in the file "cacheguard.conf" located on the TFTP server "172.18.2.1" use the following command: The created file will contain a list of configuration commands. To load this configuration into the appliance from the same TFTP server use the following command: The syntax used in a configuration file is the same as the online configuration syntax. The configuration loaded from a file server is added to the existing new configuration. To avoid cumulative settings you can reset list values before adding new items to that list. To do this you can use the keyword "raz" to reset that list. If the command "apply" is not included in the loaded file, it should be manually invoked after the file loading to activate the new configuration - The saving process does write the command "apply" into the target file.