No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

eSight V300R009C00 Operation Guide 09

Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
How Should I Configure File Name Extension Restrictions for Configuration Files on the eSight

How Should I Configure File Name Extension Restrictions for Configuration Files on the eSight

Question

By default, the eSight verifies video configuration files by their file name extensions. What should I do if I want to restrict the file name extensions for the configuration files on the eSight?

Answer

The operations on the SUSE Linux operating system and Windows are similar. The SUSE Linux is taken as an example.

  1. Log in to the eSight server as the ossuser user.
  2. Open the med_node_1_svc.xml file.

    cd eSight installation directory/AppBase/sysagent/etc/sysconf/svcbase

    vi med_node_1_svc.xml

    Find the <config name="ftpServer">^ section in the file:

         <config name="ftp"> 
                                    ... 
                                    <param name="permitFileType">([xX][mM][lL]|[cC][sS][vV]|[tT][xX][tT]|[zZ][iI][pP]|[cC][fF][gG]|[bB][iI][nN]|[cC][cC]|[tT][mM][pP]|[pP][aA][tT]|[bB][aA][kK]|[pP][tT][sS]|[pP][aA][tT][cC][hH]|[iI][nN][iI]|[bB][iI][oO][sS]|[pP][eE][mM]|[rR][oO][mM]|[tT][aA][rR]|[gG][zZ]|[jJ][kK][sS]|[kK][eE][yY][sS][tT][oO][rR][eE]|[mM][bB][fF]|[pP][aA][fF]|[dD][aA][tT])param name="permitFileType">([xX][mM][lL]|[cC][sS][vV]|[tT][xX][tT]|[zZ][iI][pP]|[cC][fF][gG]|[bB][iI][nN]|[cC][cC]|[tT][mM][pP]|[pP][aA][tT]|[bB][aA][kK]|[pP][tT][sS]|[pP][aA][tT][cC][hH]|[iI][nN][iI]|[bB][iI][oO][sS]|[pP][eE][mM]|[rR][oO][mM]|[tT][aA][rR]|[gG][zZ]|[jJ][kK][sS]|[kK][eE][yY][sS][tT][oO][rR][eE]|[mM][bB][fF]|[pP][aA][fF]|[dD][aA][tT])>
    • On the eSight, the permitFileType parameter specifies the file name extensions that can pass the verification. Configuration files whose file name extensions are out of the parameter value range cannot pass the verification.
    • If you want configuration files with other file name extensions to pass the verification, add the allowed file name extensions and separated each two of them with |. See the following example:
      <param name="permitFileType">(...|[dD][aA][tT]|New file name extension)</param>
    • If the configuration files whom you want to pass the verification have no file name extensions, set this parameter to <param name="permitFileType"></param>. If this parameter is empty, the eSight does not verify the file name extensions of configuration files. All configuration files can pass the verification.

    Not verifying configuration file name extensions may bring information security risks. Exercise caution when perform this setting.

  3. Repeat the preceding steps to set <param name=permitFileType></param> in the <config name=sftp> and <config name=ftps> sections.
  4. Restart the eSight server.
Download
Updated: 2019-05-17

Document ID: EDOC1100011877

Views: 282779

Downloads: 536

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next