1.1. Procedure – PNS startup and initialization - - Proxedo Network Security Suite 2 Reference Guide

1.1. Procedure – PNS startup and initialization

The velactl utility loads the instances.conf file and starts the main PNS program. The instances.conf file stores the parameters of the configured PNS instances.
PNS performs the following initialization steps:
- Sets the stack limit.
- Creates its PID file.
- Changes the running user to the user and group specified for the instance.
- Initializes the handling of dynamic capabilities and sets the chroot directory.
- Loads the firewall policy from the policy.py file.
The init() of PNS initializes the ruleset defined for the PNS instance.
The kvela kernel module uploads packet filtering services, rules, and zones into the kernel.

Note

PNS creates four sockets (one for each type of traffic: TCP IPv6, TCP IPv4, UDP IPv6, UDP IPv4); the kvela module directs the incoming connections to the appropriate socket.

Note
PNS creates four sockets (one for each type of traffic: TCP IPv6, TCP IPv4, UDP IPv6, UDP IPv4); the kvela module directs the incoming connections to the appropriate socket.

Previous	Up	Next
	Home

Proxedo Network Security Suite 2 Reference Guide