RaQPort: Turbolinux Qube3


	Online Store	My Account About Us Contact Us Support 1 800 695-6200

BlueOnyx Servers

SUN COBALT RAQ

Turbolinux Qube3
Back UP System
OS RESTORE CD
Cobalt Repair Services
Centos BQ PROMO RAQ
Servers Virtual Appliance
Cluster RAQ Servers
Zenoss Monitoring
Atom 9.8"deep Server 2009

Turbolinux Qube3

RaQport Ozone Qube Server Appliance with like QUBE3 GIU
Code: OZONE1
Weight: 32.00
Price: $2,199.00
Quantity in Basket: none

RaQport Ozon Qube Server Appliance with like QUBE3 GIU 3.0MHZ Intel dual 120 GB Sata HD's RAID1 1 GI
Code: OZONE2
Weight: 32.00
Price: $2,299.00
Quantity in Basket: none

RaQport Ozon Qube Server Appliance with like QUBE3 GIU 3.0MHZ Intel dual 200 GB Sata HD's RAID1 1 GI
Code: OZONE3
Weight: 32.00
Price: $2,355.00
Quantity in Basket: none

RaQport Ozon4 Qube Server Appliance with like QUBE3 GIU 3.0Ghz Dual 500GB Sata HD's RAID1 4GIG RAM
Code: OZONE4
Weight: 32.00
Price: $1,599.00
Quantity in Basket: none

Turbolinux Appliance Server 1.0 Workgroup Edition

Operation Manual

Production literary work

© 2004 Turbolinux Inc. All rights reserved.

It is unlawful to duplicate and/or distribute any portion of this document, in whole or in part,

without permission of the copyright holder.

The name and logo of Turbolinux and Turbo Linux are trademarks or registered trademarks

of the Turbo Linux Corporation. Linux is trademarked in the United States and other

countries by Linus Torvalds. UNIX is the registered trademark in the United States and other

countries of The Open Group. Microsoft, MS-DOS, and Windows are the registered

trademarks in the United States and other countries of the Microsoft Corporation. Macintosh

and MacOS are the registered trademarks in the United States and other countries of Apple

Computer Inc. Adobe, Acrobat, and Adobe Acrobat are the trademarks or registered

trademarks of Adobe Systems Inc. Sun, SunMicrosystems, Java, JavaScript, Sun Cobalt,

and Sun Cobalt Qube are the trademarks or registered trademarks in the United States and

other countries of SunMicrosystems Inc.

In addition, company names, logos, and product names are the trademarks or registered

trademarks of the companies they represent. In this guide, the © the ®, and the TM marks are

not indicated.

Table of Contents

1 Introduction .................................................................................................... 6

1.1 Turbolinux Appliance Server features.............................................................................................. 7

1.2 ATOM Server Desktop summary ................................................................................................... 11

2 Setting up Turbolinux Appliance Server ........................................................14

2.1 Network interface specification...................................................................................................... 14

2.2 Operating Turbolinux Appliance Server ............................................................................................... 15

2.3 Accessing the setup wizard ........................................................................................................... 18

2.4 Primary interface settings.................................................................................................................... 30

3 Site Management..........................................................................................32

3.1 Accessing site management.......................................................................................................... 33

3.2 Site management summary........................................................................................................... 35

3.2.1 Server management ............................................................................................................................................. 35

3.2.2 Turbopkg ............................................................................................................................................................... 36

3.2.3 Programs............................................................................................................................................................... 37

3.2.4 Personal Profile..................................................................................................................................................... 38

3.3 Users & Groups.................................................................................................................................. 39

3.3.1 User List ................................................................................................................................................................ 40

3.3.1.1 Edit user defaults ............................................................................................................................................... 41

3.3.1.2 Add new user ..................................................................................................................................................... 42

3.3.1.3 Modify user settings........................................................................................................................................... 44

3.3.1.4 Deleting a user................................................................................................................................................... 46

3.3.1.5 Capabilities......................................................................................................................................................... 47

3.3.2 Group List.............................................................................................................................................................. 50

3.3.2.1 Editing Group Defaults ...................................................................................................................................... 51

3.3.2.2 Adding a Group.................................................................................................................................................. 52

3.3.2.3 Modifying a Group ............................................................................................................................................. 53

3.3.2.4. Deleting a Group............................................................................................................................................... 53

3.3.3 LDAP directory...................................................................................................................................................... 53

3.3.3.1 LDAP server summary ...................................................................................................................................... 53

3.3.3.2 LDAP Directory .................................................................................................................................................. 54

3.3.3.3 Setting up LDAP client....................................................................................................................................... 55

3.3.4 Import .................................................................................................................................................................... 59

3.3.4.1 File Import .......................................................................................................................................................... 60

3.3.4.2 LDAP Import....................................................................................................................................................... 61

3.4 Email .................................................................................................................................................. 63

3.4.1 Email server .......................................................................................................................................................... 63

3.4.1.1 Summary of Email server .................................................................................................................................. 63

3.4.1.2 Email Server Settings ........................................................................................................................................ 64

3.4.2 Mailing Lists .......................................................................................................................................................... 68

3.4.2.1 Add Mailing List.................................................................................................................................................. 68

3.4.2.2 Editing a mailing list........................................................................................................................................... 72

3.4.2.3 Deleting a mailing list......................................................................................................................................... 72

3.4.2.4 Subscribing or unsubscribing to a mailing list.................................................................................................... 72

3.4.2.5 Approval by the mailing list manager ................................................................................................................. 73

3.4.3 Remote Retrieval .................................................................................................................................................. 74

3.5 File & Print......................................................................................................................................... 76

3.5.1 Windows................................................................................................................................................................ 76

3.5.1.1 Windows File Sharing Settings .......................................................................................................................... 77

3.5.1.2 Windows Domain Controller Settings ................................................................................................................ 78

3.5.1.3 WINS Server Settings........................................................................................................................................ 81

3.5.2 Apple ..................................................................................................................................................................... 81

3.5.2.1 Apple File Sharing Settings ............................................................................................................................... 82

3.5.3 Guest Share.......................................................................................................................................................... 82

3.5.3.1 Setting up Guest Share ..................................................................................................................................... 83

3.5.4 FTP........................................................................................................................................................................ 83

3.5.4.1 FTP server summary ......................................................................................................................................... 83

3.5.4.2 FTP Settings ...................................................................................................................................................... 84

3.5.5 Print Server ........................................................................................................................................................... 84

3.5.5.1 Print server summary ........................................................................................................................................ 84

3.5.5.2 Print Server Settings.......................................................................................................................................... 85

3.5.5.3 Adding a printer.................................................................................................................................................. 87

3.5.5.4 Modifying printer settings .................................................................................................................................. 88

3.5.5.5 Managing print jobs ........................................................................................................................................... 89

3.5.5.6 Deleting a printer ............................................................................................................................................... 89

3.6 Web.................................................................................................................................................... 90

Table of Contents

3.6.1 Web Server ........................................................................................................................................................... 90

3.6.1.1 Web Server summary........................................................................................................................................ 90

3.6.1.2 CGI script permissions ...................................................................................................................................... 91

3.6.2 Web Caching......................................................................................................................................................... 91

3.6.2.1 Proxy Server summary...................................................................................................................................... 92

3.6.2.2 Web Caching Settings ....................................................................................................................................... 93

3.6.3 Web Access .......................................................................................................................................................... 94

3.7 Network ............................................................................................................................................. 95

3.7.1 TCP/IP................................................................................................................................................................... 95

3.7.1.1 TCP/IP Settings ................................................................................................................................................. 95

3.7.1.2 Setting the static route....................................................................................................................................... 97

3.7.1.3 Port Forwarding ................................................................................................................................................. 98

3.7.2 Internet ................................................................................................................................................................ 100

3.7.2.1 Gateway on LAN Settings ............................................................................................................................... 101

3.7.2.2 Cable Modem or DSL Settings........................................................................................................................ 102

3.7.2.3 Analog Modem or ISDN Settings ..................................................................................................................... 104

3.7.3 DNS..................................................................................................................................................................... 105

3.7.3.1 DNS server summary ...................................................................................................................................... 105

3.7.3.2 DNS Settings ................................................................................................................................................... 107

3.7.3.3 Setting of primary service.................................................................................................................................111

3.7.3.4 Setting of secondary service .............................................................................................................................116

3.7.4 DHCP .................................................................................................................................................................. 120

3.7.4.1 DHCP server summary.................................................................................................................................... 120

3.7.4.2 DHCP Settings................................................................................................................................................. 121

3.7.5 SNMP.................................................................................................................................................................. 124

3.7.5.1 SNMP summary............................................................................................................................................... 124

3.7.5.2 SNMP Settings................................................................................................................................................. 125

3.7.6 Shell..................................................................................................................................................................... 126

3.8 Security ............................................................................................................................................ 128

3.8.1 Basic Firewall...................................................................................................................................................... 128

3.8.1.1 Packet filtering summary ................................................................................................................................. 128

3.8.1.2 Firewall Settings .............................................................................................................................................. 130

3.8.1.3 Displaying the rules ......................................................................................................................................... 131

3.8.1.4 Setting the default policy ................................................................................................................................. 134

3.8.1.5 Adding a rule .................................................................................................................................................... 135

3.8.1.6 Editing a rule .................................................................................................................................................... 136

3.8.1.7 Editing rule order ............................................................................................................................................. 136

3.8.1.8 Deleting a rule.................................................................................................................................................. 137

3.8.2 Point-to-Point VPN.............................................................................................................................................. 137

3.8.2.1 VPN summary.................................................................................................................................................. 137

3.8.2.2 Tunnel List........................................................................................................................................................ 138

3.8.2.3 Add a tunnel ..................................................................................................................................................... 139

3.8.2.4 Deleting a tunnel.............................................................................................................................................. 140

3.8.2.5 Modify a Tunnel................................................................................................................................................ 141

3.8.2.6 View Local Host Information............................................................................................................................ 142

3.8.2.7 Profile List ........................................................................................................................................................ 143

3.8.2.8 Add a Profile..................................................................................................................................................... 144

3.8.2.9 Deleting a profile.............................................................................................................................................. 145

3.8.2.10 Modifying a profile.......................................................................................................................................... 146

3.8.3 Remote Access VPN .......................................................................................................................................... 146

3.8.3.1 Remote Access Settings.................................................................................................................................. 147

3.8.3.2 Setting up a Remote Access Client.................................................................................................................. 151

3.9 System ............................................................................................................................................ 154

3.9.1 Power .................................................................................................................................................................. 154

3.9.2 Time..................................................................................................................................................................... 155

3.9.3 Information .......................................................................................................................................................... 156

3.10 Maintenance.................................................................................................................................. 158

3.10.1 Backup .............................................................................................................................................................. 158

3.10.1.1 Add Scheduled Backup ................................................................................................................................. 158

3.10.1.2 Backup location ............................................................................................................................................. 160

3.10.1.3 Deleting a scheduled backup......................................................................................................................... 160

3.10.1.4 Scheduled Backup Details ............................................................................................................................. 161

3.10.1.5 Backup data directory name........................................................................................................................... 161

3.10.2 Restore.............................................................................................................................................................. 161

3.10.2.1 Restoration from historical backup................................................................................................................. 162

3.10.2.2 Manual Restore From Directory..................................................................................................................... 164

3.10.2.3 Deleting a historical backup record................................................................................................................ 165

3.10.2.4 History Item Details........................................................................................................................................ 165

3.11 Usage information........................................................................................................................... 166

Table of Contents

3.11.1 Web ................................................................................................................................................................... 166

3.11.1.1 Reset Statistics............................................................................................................................................... 168

3.11.2 Disk.................................................................................................................................................................... 168

3.11.2.1 Check Usage Now ......................................................................................................................................... 169

3.11.3 Network ............................................................................................................................................................. 170

3.12 Active Monitor............................................................................................................................. 171

3.12.1 Status ................................................................................................................................................................ 172

3.12.1.1 Displaying up-to-date information .................................................................................................................. 173

3.12.1.2 Status Details Table ....................................................................................................................................... 174

3.12.2 Settings ............................................................................................................................................................. 175

4 Updating Turbolinux Appliance Server ........................................................177

4.1 Package Adding.......................................................................................................................... 178

4.2 Third Party Software Install.......................................................................................................... 179

4.3 Package updating....................................................................................................................... 181

4.4 Package removing....................................................................................................................... 182

4.5 Auto Update ............................................................................................................................... 184

4.6 Detail .......................................................................................................................................... 186

4.7 Package Manager Log ............................................................................................................... 187

5 User Site .....................................................................................................188

5.1 Access to User Site .......................................................................................................................... 188

5.2 User Site summary.......................................................................................................................... 189

5.2.1 Programs............................................................................................................................................................. 189

5.2.2 Personal profile ................................................................................................................................................... 190

5.3 WebMail .......................................................................................................................................... 191

5.3.1 Compose............................................................................................................................................................ 192

5.3.1.1 Attaching files................................................................................................................................................... 193

5.3.2 Folder list............................................................................................................................................................. 194

5.3.2.1 Viewing folders................................................................................................................................................. 194

5.3.2.2 Reading mail .................................................................................................................................................... 196

5.3.2.3 Replying to Email............................................................................................................................................. 197

5.3.2.4 Forwarding Email............................................................................................................................................. 198

5.3.2.5 Deleting Email.................................................................................................................................................. 199

5.3.2.6 Moving Email ................................................................................................................................................... 199

5.3.3 Managing folders ................................................................................................................................................ 199

5.3.3.1 Creating a new folder ...................................................................................................................................... 200

5.3.3.2 Modification of folder name .............................................................................................................................. 201

5.3.3.3 Deletion of folder.............................................................................................................................................. 202

5.3.4 Mailing List .......................................................................................................................................................... 202

5.3.4.1 Archive List....................................................................................................................................................... 202

5.3.4.2 Reply to archive ............................................................................................................................................... 203

5.4 Address Book .................................................................................................................................. 204

5.4.1 Users ................................................................................................................................................................... 204

5.4.1.1 View contact information ................................................................................................................................. 205

5.4.1.2 Send message to user..................................................................................................................................... 205

5.4.1.3 Display a user’s web page ............................................................................................................................... 206

5.4.2 Groups................................................................................................................................................................. 206

5.4.2.1 Send message to group .................................................................................................................................. 207

5.4.2.2 Display a group’s web page ............................................................................................................................. 207

5.4.3 Personal Address Book ...................................................................................................................................... 208

5.4.3.1 Adding a contact .............................................................................................................................................. 209

5.4.3.2 Modifying a contact.......................................................................................................................................... 210

5.4.3.3 Deleting a contact ............................................................................................................................................ 210

5.4.3.4 Send message to contact .................................................................................................................................211

5.5.1 Updating account information............................................................................................................................. 212

5.6 Email ................................................................................................................................................ 213

5.6.1 Turn on Email forwarding.................................................................................................................................... 213

5.6.2 Turn off Email forwarding.................................................................................................................................... 214

5.6.3 Turn on vacation message ................................................................................................................................. 214

5.6.4 Turn off vacation message ................................................................................................................................. 214

5.7 Disk usage........................................................................................................................................ 215

5.8 Personal information......................................................................................................................... 216

5.8.1 Updating personal information ............................................................................................................................ 217

1 Introduction

Appliance servers have recently attracted attention throughout the Internet because of their

specialized functions, such as web and mail servers, and good pricing levels. This type of

product does not require advanced knowledge of technology and networking, such as TCP/IP

and server construction, and can be operated simply when compared with other server OS.

But, until now, server appliances have not gained wide general use.

Turbolinux Appliance Server Workgroup Edition (below Turbolinux Appliance Server) has a

browser-base management tool called the “ATOM Server Desktop” which is easy to use and

offers abundant features. It offers useful tools of typical Internet servers, such as web server,

DNS server, and FTP server. It also goes further by adding proxy server, file/printer sharing

and serving, and DHCP server. In addition to that, Turbolinux Appliance Server can be used

as a broadband access router with PPPoE and PPP. Turbolinux Appliance Server provides

packet filtering and IP masquerading when configured as a LAN gateway. It is possible to

control all of these advanced features from the ATOM Server Desktop.

All tasks such as the system management and settings of Turbolinux Appliance

Server are necessarily executed from ATOM Server Desktop. The settings of the

ATOM Server Desktop are retained in the system database, superseding the

setting file of the system. Therefore, when logging in to Turbolinux Appliance

Server directly from the console, the settings files which affect the setting and

consistency of ATOM Server Desktop should not be tampered with, since

changes will not appear in the settings of ATOM Server Desktop.

Problems may occur in the ATOM Server Desktop depending on the web

browser used. Please use the NETSCAPE Navigator 4.78 or later or Microsoft

Internet Explorer 5.5 or later. In addition, the ATOM Server Desktop operation

requires cookies, CSS, and Javascript to work effectively. Usually, these

functions are set correctly with default settings of the web browser. With

problems occurring in regard to operation of the ATOM Server Desktop, there is

no affect on the system and the data of Turbolinux Appliance Server.

This manual is maintained in PDF format and can be accessed by clicking the icon on

the ATOM Server Desktop. To view, Adobe Acrobat Reader is necessary. In addition, when

a new version of the manual exists on our company FTP site, updating with Turbopkg is

possible. For details about Turbopkg, please refer to "4 Updating Turbolinux Appliance

Server."

1.1 Turbolinux Appliance Server features

The following is a simple introduction of the services and functions of the Turbolinux

Appliance Server.

ATOM Server Desktop

ATOM Server Desktop is the user interface of Turbolinux Appliance Server which operates

through a standard web browser. Through ATOM Server Desktop, all operations of the

Turbolinux Appliance Server can be accomplished. For more information on the ATOM

Server Desktop, please refer to "1.2 ATOM Server Desktop summary."

User and group management

Users and groups can be added, deleted, and edited through the ATOM Server Desktop. In

addition, it can be used to prepare the user file which describes the information a user would

like to add, collects the group of users for import, or exports the existing users. Because the

user file is a simple text file, it is possible to create easily with a text editor.

Internet connection

The following connection methods are available on Turbolinux Appliance Server:

Gateway on LAN

Cable modem or DSL modem

Analog modem or ISDN terminal adapter

Because it supports PPPoE and PP connections, Turbolinux Appliance Server can serve as a

broadband router for the network user.

Web server

Turbolinux Appliance Server, answering the request from the web browser, operates as the

web server, transferring the HTML files. In addition, it supports the execution of CGI and

PHP scripts. As for the user, hard disk space can be allotted for a web page which is created

in /home/users/<user name>/web/. For uploading files to the web server, it is possible to use

Windows file sharing, Macintosh file sharing, and/or FTP service through Turbolinux

Appliance Server.

Email server

Turbolinux Appliance Server operates as an SMTP (Simple Mail Transfer Protocol) server

which sends and receives Email on the Internet. In addition, POP (Post Office Protocol)

server or IMAP (Internet Message Access Protocol) can be utilized by a user which has an

account on Turbolinux Appliance Server. Using the optional Email client, it is possible to

receive the mail from the user’s own mailbox file. Furthermore, the APOP certification

encodes the password which is used to receive Email. Turbolinux Appliance Server also

supports POP before SMTP which requires the Email client to authenticate with the server

before being able to send Email through it.

Mailing list

Mailing lists can also be easily managed from the ATOM Server Desktop. When the mailing

list is used, Email is not transmitted individually. Mailing lists may include users on the

Turbolinux Appliance Server system and users with Email addresses outside the system.

Windows/Macintosh file sharing

On Turbolinux Appliance Server, AppleShare is used for file sharing with MacOS computers

and SMB is used for file sharing with Windows computers. Because ownership is set by

adding users and groups, it is easy to share files between the two platforms. On a Windows

computer this sharing shows up through “My Network Places” and on a Macintosh it shows

up through the “Chooser.” The host name of the Turbolinux Appliance Server appears in “My

Network Places” and in “Chooser.”

FTP server

Turbolinux Appliance Server operates as an FTP server that allows transfers of files between

the host and an optional FTP client. A user’s FTP upload directory exists in the /home

directory on Turbolinux Appliance Server. It is useful for uploading and downloading files. In

addition, Anonymous FTP can be easily managed and allows access to the FTP site by

multiple unspecified users.

DHCP server

Turbolinux Appliance Server can operate as a DHCP server to network clients, transmitting

IP address, subnet mask, DNS, and gateway information.

DNS server

Turbolinux Appliance Server contains its own DNS server allowing hostname to IP lookups to

be resolved. Editing of the zone file which defines the corresponding IPs is supported with

the graphical user interface of ATOM Server Desktop.

Proxy server

Turbolinux Appliance Server can also act as a network caching proxy server. When HTTP

requests are made to the same web site, the proxy can use the Internet connection more

efficiently by returning information from the cache. In addition, when using Turbolinux

Appliance Server as a proxy server, it acts as the gateway and additional client configuration

is not necessary.

IP masquerading (NAT)

IP masquerading is the function which uses one global IP address for multiple private IP

addresses, masking the identity of computers from the Internet. This is made possible by

rewriting the private IP as a global IP. This method is generally referred to as NAT (Network

Address Translation). However, NAT is generally a one to one conversion, but IP

masquerading uses port numbers rather than IP addresses to provide the conversion and is

sometimes referred to as NAPT (Network Address Port Translation. This provides increased

security by hiding the true identity of the client and making it difficult to find from the outside

and thereby eliminating unauthorized access.

Packet filtering

Turbolinux Appliance Server includes a simple firewall function which controls packet filtering

for the local users. Packet filtering analyzes the IP address and port of the sending and

receiving transmission to determine whether or not that packet is allowed. Packet filtering is

primarily used to prevent illegal access to the LAN from the Internet. For more details, see

“3.8.1 Basic Firewall.”

SNMP server

SNMP (Simple Network Management Protocol) is used as the management protocol of the

network equipment and consists of an SNMP agent on the client side which is controlled by

the SNMP manager. Many pieces of network equipment, such as routers and switching hubs,

use SNMP. The Turbolinux Appliance Server SNMP agent makes it possible to verify the

system information of CPU activity ratio, memory activity ratio, and the network traffic which it

acquires periodically from the SNMP manager.

SSH/Telnet server

Turbolinux Appliance Server allows the system to operate as a Telnet and SSH server,

allowing a remote login environment into the system. The system can be set to allow or deny

the shell access function for individual users.

LDAP server

When the LDAP (Lightweight Directory Access Protocol) server in Turbolinux Appliance

Server is enabled, user information can be transmitted to and from an LDAP-enabled client.

Microsoft Outlook, NETSCAPE Mail, and Mozilla Mail, for example, use the LDAP function for

searching user information on the server.

Point to Point VPN/remote access VPN

The VPN (Virtual Private Network) function of Turbolinux Appliance Server allows secure

communications between private networks over public networks, such as the Internet.

Turbolinux Appliance Server supports Point-to-Point VPN for PCs connected to a LAN as well

as Remote Access VPN for individual systems.

Backing up and restoring data

The Turbolinux Appliance Server system manager has the ability to set manual and

automatic backups, in full or in increments, in case anything were to happen to the server. If

an event occurs causing data loss, it is possible to reconstruct the system from a past backup.

The data from a backup can be sent to another system using Windows file sharing, FTP, and

NFS.

WebMail (Email client)

WebMail is a web browser based Email client. It is possible for a user with an account on the

Turbolinux Appliance Server to send and receive Emails through the web browser.

Personal profile

A Turbolinux Appliance Server user can modify their account and personal profile. The

system allows changes to be made to the login password, settings, etc., for Email and can

monitor personal disk usage.

Package management (Turbopkg)

Turbolinux Appliance Server can be updated from the Turbolinux FTP site through the ATOM

Server Desktop. In addition, ATOM Server Desktop can provide an installation summary of

new packages, installations in progress, and completed packages, and it allows for deletion

of packages.

Raid-1 (disk mirroring)

The Turbolinux Appliance Server supports software RAID. RAID is the technology of using

multiple hard disks to protect data and speed disk access. Specifications range from RAID-0

to RAID-5 and offer varying degrees of safety and speed. Turbolinux Appliance Server can

utilize RAID-1, also called disk mirroring, to protect data by having the same data on two hard

disks. The OS recognizes the redundant drives as one logical disk. When a problem occurs

in one drive, data is retrieved from the other drive automatically.

When a problem occurs in one drive, the server manager of Turbolinux Appliance Server can

analyze it through the “active monitor” function. Refer to “3.12 Active Monitor.” After

replacing the defective hard disk and restarting the system, the RAID reconstruction is done

automatically.

RAID-1 is defined in Turbolinux Appliance Server during the initial server setup but is not

necessary to server operation. It will stay in effect as long as both drives are connected.

When a problem occurs in the primary hard disk, it may be necessary to change

the boot sequence in the system bios to boot to the good drive. Otherwise the

Turbolinux Appliance Server may not start properly.

To support RAID, additional hardware may be required.

1.2 ATOM Server Desktop summary

ATOM Server Desktop is the user interface of Turbolinux Appliance Server which is operated

from the web browser. Through ATOM Server Desktop all operations of Turbolinux

Appliance Server can be accessed. Depending on which user is logged in, ATOM Server

Desktop divides into the following two user interfaces:

Management Site

User Site

Management site

The Management Site is the user interface for the system administrator of Turbolinux

Appliance Server. The “admin” user is created by default for system management tasks.

When logged in as admin, the screen below is displayed.

The Management Site consists of four tabs: [Administration], [Turbopkg], [Programs], and

[Personal Profile]. The [Administration] and [Turbopkg] tabs are only displayed when logged

in as a site manager. For details on the Management Site, see “3 Site Management.”

User site

When a general user of Turbolinux Appliance Server, added by the server manager, logs in,

the ATOM Server Desktop appears like the image below.

The User Site consists of the [Turbopkg] and [Personal Profile] tabs. Unlike the Management

Site, it is not possible to execute system management tasks and server settings. For details

on the user site, see “5 User Site.”

It is possible for the administrative user to entrust the authority to additional

user(s) to perform server tasks within the ATOM Server Desktop.

Other helpful icons

In addition, several other buttons appear in ATOM Server Desktop. The explanation of each

of these is as follows:

The document link.

Users can refer to this manual which is in PDF format. To view, Adobe

Acrobat Reader is necessary.

The download indicator.

When the server manager logs in, this button may indicate that updates are

ready. It is possible to update the package which uses Turbopkg. For

details about Turbopkg, please refer to "4 Updating Turbolinux Appliance

Server.” When a newer version of the package exists, the indicator will

change to yellow.

The active monitor indicator.

When the server manager logs in, this button may indicate that there are

services that require attention. The active monitor verifies the system state

and service state of Turbolinux Appliance Server. For further details, please

refer to "3.12 Active Monitor.” The active monitor continually watches the

state of the system. When errors occur, this indicator will change to red.

Logout.

This button logs the user out of Turbolinux Appliance Server and returns to

the login screen of ATOM Server Desktop.

2 Setting up Turbolinux Appliance Server

2.1 Network interface specification

Turbolinux Appliance Server can use up to three network interfaces. Each interface has a

specific use, as illustrated below.

Primary interface (eth0)

This interface connects to the LAN.

Turbolinux Appliance Server, by default, sets the IP address of the primary

interface to 192.168.0.1/255.255.255.0. This is the IP address which is used in

order to access the setup wizard for initializing Turbolinux Appliance Server. In

order to access the setup wizard which operates from a web browser, this

interface must be accessible to the client. It is possible to modify the settings of

the primary interface after completing the setup wizard. For details, refer to "2.4

Primary interface settings."

Turbolinux Appliance Server sets the IP address of the primary interface to

192.168.0.1/255.255.255.0, but the interface may be different depending on the

vendor and system purchased.

Secondary interface (eth1)

The secondary interface is used to connect to the Internet and is usually assigned a global IP

address.

Auxiliary interface (eth2)

The auxiliary interface can be used to set up a DMZ (demilitarized zone) on the network.

With Turbolinux Appliance Server, note the labels of the interfaces in the system

as it is important that the secondary interface (eth1) connect to the Internet while

primary interface (eth0) connects to the LAN.

2.2 Operating Turbolinux Appliance Server

As introduced in “1.1 Turbolinux Appliance Server features,” the system can function as an

all-in-one appliance, offering web, mail, DNS, Internet/Intranet, DHCP, file sharing and

broadband router services useful for small to medium-sized offices. Therefore, there are

various options for setting up the system. Here are some of the typical applications.

Internet access router

This network layout is the most common operational form of Turbolinux Appliance Server.

Turbolinux Appliance Server operates as the gateway which separates Internet and LAN.

The secondary interface, which is interface for Internet (eth1), serial port, ADSL modem,

cable modem, ISDN terminal adapter, or analog modem, etc., is connected to Internet directly.

The primary interface (eth0) is assigned a private IP address on the LAN. A client inside the

LAN has access to the Internet via the IP masquerading function of Turbolinux Appliance

Server.

It is necessary to assign the primary interface (eth0) IP as the default gateway on

the LAN client.

By setting up Turbolinux Appliance Server in this manner, it is possible for various Internet

services to be offered and managed if needed, such as mail, DNS, FTP servers, etc.

The client inside the LAN can take advantage of the file and printer sharing and DHCP. In

addition, the client can use the proxy server to use the Internet connection more effectively.

In this setup, almost every feature that Turbolinux Appliance Server offers is available.

Server inside the LAN

In this network setup, the primary interface (eth0) is used for the LAN connectivity. The most

common use of the Turbolinux Appliance Server—as a router—is not offered in this scenario.

In this way, it is possible to still use several of the system services and resources inside the

organization, such as file and printer sharing and the DHCP server.

Firewall application

Depending on the Internet Service Provider, there are times when not enough IPs are

available for the computers that need to connect to the Internet. In this case, as described

previously, Turbolinux Appliance Server makes it possible to attach multiple computers and

provide desirable security by controlling the services used. In this scenario, Turbolinux

Appliance Server sits inside the LAN and uses NAT to connect to the Internet. For more

information, see “3.7.1.3 Port Forwarding.” The ability for Turbolinux Appliance Server to

allow all services to all clients is taken away and the simple firewall function is used to control

packet filtering. For more information, see “3.8.1 Basic Firewall.”

With the network setup according to the figure above, the secondary interface (eth1) rewrites

the IP address from the client to point appropriately to a mail server, DNS server, etc. In this

way, the packet goes through the NAT process, modifying the IP packet and securing the

private client. It is possible to release an operational server with a private IP address on the

Internet. Additionally, if more global IP addresses are available, it is possible to assign those

IP addresses to the server through the auxiliary interface (eth2).

In this example, the auxiliary interface (eth2) is used before the primary interface

(eth0) transmits NAT. If the system is compromised, it may allow an unsecure

and undesirable possibility of a hacker penetrating from the server to the client

machine.

In this way, the auxiliary interface (eth2) provides a sort of buffer for the servers between the

global network (the Internet) and the private network functions and is referred to as the DMZ

(Demilitarized Zone).

2.3 Accessing the setup wizard

When first using Turbolinux Appliance Server, the system must be initialized. Initializing

starts by accessing the setup wizard which operates from a web browser.

Preparation

Listed below are the default IP address and the subnet mask of the primary interface (eth0)

when Turbolinux Appliance Server is started. The default host name and domain name are

also listed. It is possible to change the primary interface (eth0) after completing the setup

wizard. For details, refer to “2.4 Primary interface settings.”

IP address 192.168.0.1

Subnet mask 255.255.255.0

Host name atom

Domain name mydomain

Although the default IP address of the Turbolinux Appliance Server primary

interface (eth0) is usually 192.168.0.1/255.255.255.0, this setting may differ

depending on the vendor.

The secondary and auxiliary interfaces do not have a default setting.

To access the setup wizard, the primary interface of Turbolinux Appliance Server (eth0) must

be accessible to the client from the web browser on a LAN through a hub or cross-over cable,

like the illustration below.

It is necessary to set the client computer to the same subnet as eth0 to access the setup

wizard (i.e. 192.168.0.2/24).

When the primary interface of Turbolinux Appliance Server (eth0) is connected to

existing LAN, the client IP may not need to be changed when accessing the

setup wizard. But, when existing LAN is not on the network of

192.168.0.1/255.255.255.0, the packets will not reach the server until the client

has been updated. In addition, when existing LAN network is

192.168.0.0/255.255.255.0, it is necessary to verify that the IP 192.168.0.1 does

not already exist.

Access to the setup wizard

Follow the procedure below to access the setup wizard across the network.

1. Start Turbolinux Appliance Server.

2. After Turbolinux Appliance Server has started, access the URL http://192.168.0.1/ from

the client web browser.

When popup blockers are used on the client, the setup wizard may not function

properly. Turn this setting off if the wizard does not appear.

3. The setup wizard of Turbolinux Appliance Server is displayed in the web browser of the

client. Click the [Start] button.

The setup wizard is displayed only at the time of the first connection. When

Turbolinux Appliance Server is accessed after setup is completed, the default

home page of Turbolinux Appliance Server is displayed.

4. The language preference screen is displayed.

Select the language to be used for the ATOM Server Desktop from the drop-down menu.

Click the button to continue.

The language indicated here applies only to the admin user. When a general

user connects, the language settings depend on the language settings of the

client browser. It is possible to modify each user’s language for either Japanese

or English. For more information, refer to “5.5 Account information.”

5. The software product license screen is displayed. The terms of the End User License

Agreement must be accepted to continue. Scroll down and click the [I Agree] button at

the bottom of the screen to continue to the next step.

6. The password setting screen is displayed.

This password is for the admin user of Turbolinux Appliance Server. Since the default

password is “admin,” it is important to change the password.

The password should be between 3 and 16 characters long. Passwords are

case sensitive. Accents can not be used, but the characters #*.; : _-+! $%&\|?

{[ () ] can be used.

When the admin password is updated, the root password is also changed to

match.

Click the button to continue.

7. The date and time settings screen is displayed.

The system date and time and time zone of the Turbolinux Appliance Server can be set here.

Date and time

The system date and time can be set by selecting the appropriate drop-down menus.

Time zone

The time zone for the system can be set by selecting drop-down menus for the continent,

country, and time zone. For example, when Japan standard time is used, select [Asia] from

the continent drop-down menu, then select [Japan] from the country drop-down menu, and

the Japan standard time is updated automatically.

Click the button to continue.

8. The [User List] table is displayed.

General Turbolinux Appliance Server users can be added here. For details, refer to “3.3.1

User List.”

Click the button to continue.

9. The [Group List] table is displayed.

A group is made up from a set of users. In Turbolinux Appliance Server it is possible to

manage several users in a group as one unit. Certain groups can be assigned access to the

services that Turbolinux Appliance Server offers. For example, if a user is a member of a

group, they may be given access to the web site, file sharing, or a particular mailing list. For

details, refer to “3.3.2 Group List.”

Click the button to continue.

10. The [Network Settings] table is displayed.

These options allow Turbolinux Appliance Server to connect to the Internet. If it is not

necessary to connect the server to the Internet, select [Intranet Only] from the drop-down

menu to continue.

It is not possible to change the IP address of the primary interface (eth0) through

the setup wizard. For that reason, Turbolinux Appliance Server should reside on

an existing LAN. If it is necessary to change the primary interface settings, it can

be done from the ATOM Server Desktop after completing the setup wizard. For

details, refer to “2.4 Primary interface settings.”

When connecting to the Internet through a DSL or cable modem, use the secondary interface

(eth1). If using a dial-up modem, connect it to the serial port. The secondary interface of

Turbolinux Appliance Server becomes the method by which the Internet is connected.

Select the connection method from the drop-down menu. The table indicates which

connection method will be used and that method becomes the secondary interface.

LAN gateway

Use this setting if it is necessary to connect Turbolinux Appliance Server to the Internet

through an existing gateway or router on the LAN.

For details, refer to “3.7.2.1 Gateway on LAN Settings.”

Cable or DSL modem

In order to use Turbolinux Appliance Server on the Internet with a cable or DSL modem,

complete these settings. For details, refer to “3.7.2.2 Cable Modem or DSL Settings.”

Verify that the cable or DSL modem is attached to the secondary interface (eth1).

ISDN

In order to use Turbolinux Appliance Server on the Internet with an analog modem or ISDN

terminal adapter, complete these settings. For details, refer to “3.7.2.3 Analog Modem or

ISDN Settings.”

Verify that the analog modem or terminal adapter is attached to the serial port.

After completing the settings for the Internet connection, click the button to continue.

11. The [Product Registration] screen is displayed. Enter the serial number of the product

attachment. Click the button.

12. The server management screen of the ATOM Server Desktop is displayed.

The Turbolinux Appliance Server setup is now complete. For details concerning server

management and site management, please refer to “3 Site Management.”

2.4 Primary interface settings

The primary interface (eth0) in Turbolinux Appliance Server which is connected to the LAN

site has the default IP address of 192.168.0.1/255.255.255.0. It is possible to adjust the

settings to fit the existing LAN environment after initial setup. Use the procedure below to

modify the settings after completing the wizard setup. After updating the settings, the client

modifying the settings must be in the same subnet to access ATOM Server Desktop. If

modification is not needed, this procedure is not necessary.

The management site of ATOM Server Desktop is displayed after completed the setup wizard

as shown below. For accessing the management site from a new client, refer to “3.1

Accessing site management.”

The [Administration] tab is displayed. Click [Network] on the side menu, and then click

[TCP/IP] on the sub menu.

Enter the TCP/IP settings in the table, including the IP address and subnet mask. Click the

[Save] button to update the settings. For details about setting TCP/IP, refer to “3.7.1

TCP/IP.”

A dialog box appears to indicate that the primary interface settings of Turbolinux Appliance

Server have been modified.

The LAN client connects to the primary interface and communicates with the

system using the IP address of 192.168.0.1/255.255.255.0. When the IP

address of Turbolinux Appliance Server differs from the client’s IP address,

communication to the system will stop. To reconnect to ATOM Server Desktop,

the client must again be on the same subnet.

3 Site Management

The administrative user can utilize the ATOM Server Desktop to manage all aspects of

Turbolinux Appliance Server. The admin user has full control of Turbolinux Appliance Server

and can access and execute all administrative and management tasks. This chapter explains

how to manage the ATOM Server Desktop and the setup procedures for network services.

The ATOM Server Desktop must be running for all operations, such as the

system management and server settings of Turbolinux Appliance Server. The

ATOM Server Desktop settings, which are kept in a special database, supersede

the setting file of the system. When logged in to the Turbolinux Appliance Server

directly from the console, the settings and consistency of the ATOM Server

Desktop do not change even if changes are made to various services. If system

changes are made, there is a possibility of them being overwritten with the

settings of the ATOM Server Desktop.

3.1 Accessing site management

If the Turbolinux Appliance Server is setup with defaults and the network interface is present,

it is possible to access the ATOM Server Desktop from another client on the local network.

The procedure below allows access to the ATOM Server Desktop.

1. Open the web browser on the client and enter the URL “http://<server name>/login/.”

If accessing a virtual site on a server with host name lookups enabled, DNS

must also point to the correct server.

The login screen of ATOM Server Desktop is displayed.

2. Enter the user name of the site manager in the [User Name] field. To manage the site, it

is necessary to login as an admin user.

3. Enter the site manager password in the [Password] field. To change the password,

please refer to “3.3 Users and groups.”

4. ATOM Server Desktop supports SSL (Secure Sockets Layer) to encode communication

between the client and Turbolinux Appliance Server. When the [Secure Connect] box is

checked, communication between the web browser and Turbolinux Appliance Server is

encoded. When this option is selected, the client web browser must support SSL and

have the feature turned on; most browsers have SSL on by default. If security is a

concern, we recommend selecting this option.

When a secure connection is used, accepting a self-signed certificate is required.

The certificate must be accepted to login.

5. Click the [Login] button.

6. The ATOM Server Desktop screen is displayed. For operation, refer to "3.2 Site

management summary."

3.2 Site management summary

Four tabs are displayed when logged in as site manager in the ATOM Server Desktop.

Administration

Turbopkg

Programs

Personal Profile

Clicking on the different tabs will change the ATOM Server Desktop screen.

3.2.1 Server management

Under the [Administration] tab, the menu below is shown on the left side of the screen.

These are related to the user/group settings and network services for Turbolinux Appliance

Server.

User & groups

Email

File & print

Web

Network

Security

System

Maintenance

Usage information

Active monitor

These are the possible settings within the ATOM Server Desktop. They are explained in

"3.3 Users & Groups.”

3.2.2 Turbopkg

Under the [Turbopkg] tab, the menu below is shown on the left side of the screen. Turbopkg

updates Turbolinux Appliance Server and allows for addition and deletion of Turbolinux and

third party packages.

Package adding

Third party software install

Package updating

Package removing

Auto update

Detail

Package manager log

For more information about Turbopkg, see “4 Updating Turbolinux Appliance Server.”

3.2.3 Programs

The [Programs] menu is shown on the left side of the screen and the options listed below

allow for Email sending and receiving and management of the address book.

WebMail

Address book

The [Programs] menu is the screen used most frequently by a general user on Turbolinux

Appliance Server. For details, refer to “5 User Site.”

3.2.4 Personal Profile

Under the [Personal Profile] tab, the menu below is shown on the left side of the screen. It is

possible to update the Email settings or login password as well as check disk usage.

Account

Email

Disk usage

Personal information

For more information about personal profiles, see “5 User Site.”

3.3 Users & Groups

The [Users & Groups] menu item manages the users and groups on the Turbolinux Appliance

Server system. An administrative user with the permissions to modify users and groups can

utilize this service.

Email/WebMail

When the mail service is started on Turbolinux Appliance Server, a system user can send

and receive mail on the Internet with an optional Email client. Additionally, if WebMail on

Turbolinux Appliance Server is enabled, it is possible to send and receive mail through the

client web browser. For details on WebMail, refer to “5 User Site.”

File/Printer sharing

When the file/printer sharing service is started on Turbolinux Appliance Server , a system

user on a Windows network, Macintosh system, or FTP client can access the /home directory

of Turbolinux Appliance Server. The icon for the Turbolinux Appliance Server will appear in

“My Network Places” on Windows network and in the “Chooser” of a Macintosh system. For

details, refer to “3.5.5 Print server” and “3.5 File & Print.”

The home page of each user is created in /home/users/[username].

Publishing a home page

Turbolinux Appliance Server includes a web server which is on by default. When a new user

is created, the web directory for the user is located in /home/users/[username]/web/. The

web page of that user can be published using that directory. When the file sharing function of

Turbolinux Appliance Server is enabled, this directory can be accessed by the user through a

client from Windows and Macintosh computers.

The sub menu shown below appears when the [Users & Groups] option is clicked on the

[Administration] tab:

User list

Group list

LDAP directory

Import users

3.3.1 User List

With the [User List] option, Turbolinux Appliance Server users can be added, edited, and

deleted.

The users on the Turbolinux Appliance Server are displayed in a list on the [User List] table.

Users created during the setup wizard appear in this list.

3.3.1.1 Edit user defaults

It is possible to set the default disk capacity per user by clicking on the [Edit User Defaults]

button.

The default value is 100MB per user. If necessary, edit the field to reflect the desired default

value for new users. It is not possible to set the size to 0MB, but when the field is left blank,

there are no size restrictions.

The default value here is superseded by the value assigned in each user.

3.3.1.2 Add new user

To add a user, click the [Add] button. The table below is displayed.

The settings for the [Add New User] table are shown below. After completing the settings,

click the [Save] button to update the information and return to the user list.

Full name

Enter the full name of the new user. (i.e. John Smith)

User name

Enter the user name used in order to login into the ATOM Server Desktop. The user name

can be up to 12 characters long and may be made up of upper- and lower-case letters,

numbers, hyphen (-), the underscore (_), with the first character being a letter. The user

name must be unique to the Turbolinux Appliance Server system.

Password

Enter the password to be used to login to ATOM Server Desktop. The password must be

entered twice in order to prevent typing errors.

The password should be between 3 and 16 characters long. Passwords are

case sensitive. Accents can not be used, but the characters #*.; : _-+! $%&\|?

{[ () ] can be used.

Maximum allowed disk space (MB)

Enter the maximum allowed disk space of the user as a MB unit.

The value entered here overwrites the user default value. Please refer to

“3.3.1.1 Edit user defaults.”

Group membership (optional)

It is also possible to assign users to groups with this field. The group(s) can be added or

removed to the user by using the or buttons. Click the buttons to move groups

between [Groups Not Affiliated] and [Groups Affiliated]. For details on groups, refer to "3.3.2

Group List."

Email aliases (optional)

Enter Email aliases for the user. For example, if the domain name of a virtual site is

atom.mydomain and the Email address of the user John is john@atom.mydomain, Email

aliases can be entered so that the user also receives Email to john.smith@atom.mydomain

and smith@atom.mydomain. Multiple Email addresses can be used. If entering multiple

aliases, enter one per line or separate them with a space.

Names already entered as aliases for a user cannot be used as the user name

for another user of Turbolinux Appliance Server. For example, when the Email

alias smith@atom.mydomain for the user John is entered, it is not possible to

add the user Smith.

Remarks (optional)

Enter additional user information.

When adding a new user, there is also a tab for [Capabilities] to assign authority

for various management tasks. For details, refer to "3.3.1.5 Capabilities."

The home directory of each user is drawn up /home/users/[username]/.

3.3.1.3 Modify user settings

To edit the information of an existing user, click the icon. The [Modify User Settings]

table is displayed below.

The [Modify User Settings] table consists of three tabs:

Account

Email

Capabilities

Account settings

The settings on the [Account] tab are similar to that of the [Add New User] table. It is

possible to modify the settings according to the needs. For more information, refer to “3.3.1.2

Add new user."

Email setting

When the [Email] tab is clicked, the table below is displayed.

The settings of the [Email] tab are shown below. After completing the settings, click the

[Save] button to update the information and return to the [User List] table.

Email aliases (optional)

This option is similar to the setting on the [Add New User] table. For details, refer to “3.3.1.2

Add new user."

Email forwarding

Check this option to forward all Email that is sent to this user’s Email account to the

account(s) specified in the text box. When entering multiple Email addresses, enter one per

line.

Check the [Save Copy] box to keep a copy of all Email that has been forwarded in the

mailbox on the Turbolinux Appliance Server. Uncheck the [Save Copy] box to make the

forwarded Email be deleted off of the server.

Vacation message

This is useful when a user will not be able to reply to or read new Emails for a long period of

time. Once this feature has been enabled, fill in the text box to the right with the message

that will be sent as an automatic reply Email to any user who sends an Email to the user on

vacation.

The vacation message will be sent only once a week to any one Email sender.

Capabilities

For details on capabilities, refer to "3.3.1.5 Capabilities.”

3.3.1.4 Deleting a user

Users can be deleted from the [User List] table by selecting the user account to be deleted

and then clicking on the icon. After the icon has been clicked, a confirmation dialog box

will appear. By clicking the [OK] button, the user is deleted and the table is refreshed with the

user removed from the list.

Once a user has been deleted, all files and directories for that user are also

permanently deleted. It is not possible to undo the delete process.

3.3.1.5 Capabilities

The system manager (admin) user of Turbolinux Appliance Server has the ability to entrust

authority to general users for system and server management tasks.

To set authority for particular tasks, click the icon to display the user settings. Click the

[Capabilities] tab to display the table below.

The options here can also be set during the time of a new user setup. Click the

[Capabilities] tab at that time to grant authorities.

As the system administrator, it is possible to entrust authority to the general users. The

delegation can be assigned and removed per user and per service. It is convenient to assign

access and control to network services such as the web server, mail server, and file sharing

from this management table.

When the user entrusted with the authority to manage those specified services logs into the

ATOM Server Desktop, they can see the controls for those services to which they have been

granted access and control. When the [Manage Active Monitor] option or any other system

management option is selected, the corresponding menu becomes available for that user.

When the [Manage Packages] option is selected, the tab for that service becomes available

for that user.

On the ATOM Server Desktop, the icon (Management of Active Monitor) and

icon (Turbopkg) are displayed according to the permissions given in this table.

For example, when the [Manage Users and Groups] option is selected for user “john,” the

[Administration] tab becomes available to that user and the [Users & Groups] menu is

displayed when “john” logs in. Because of this, the user “john” can manage the adding,

editing, and deleting of users from the ATOM Server Desktop.

In addition, the [Manage Users and Groups] authority may also be granted to other users by

users who have that permission. For example, when [Manage Users and Groups], [Manage

Email], and [Manage Mailing Lists] are selected for user “john,” that user can also entrust

those services to others. The [Capabilities] tab only displays the authorities which are

permitted from that user’s login, like the table below.

3.3.2 Group List

A Group List contains a group of users. When a group is created or edited, the services

Turbolinux Appliance Server offers can be extended to the users in that particular group. For

example, the mailing list and web site permissions can be selected so everyone in that group

has access and control of those features.

In the [Group List] table, groups can be added and the users of that group assigned.

The default groups in the Group List of Turbolinux Appliance Server are listed in the table

below.

guest-share When guest share is enabled, the guest users belonging to this group

can share files with other users belonging to the group. The directory for

the guest users is located in /home/groups/guest-share/. When the file

sharing function of Turbolinux Appliance Server is enabled, this directory

can be accessed by members of this group from Windows and

Macintosh computers. For details on guest joint ownership, refer to 3.5.3

Guest Share.”

home Users belonging to this group have the authority to edit the default web

page of Turbolinux Appliance Server. The default web page is located in

the /home/groups/home/web directory. When the file sharing function of

Turbolinux Appliance Server is enabled, this directory can be accessed

by members of this group from Windows and Macintosh computers.

restore This group is granted the authority for making and restoring backups.

For details in backing up and restoring data in Turbolinux Appliance

Server, refer to "3.10 Maintenance."

If a group was created during the setup wizard, it will also be listed.

3.3.2.1 Editing Group Defaults

When the [Edit Group Defaults] button is clicked, it is possible to edit the disk capacity value

which is permitted by members of that group.

The default value is 300MB. If necessary, edit the field to reflect the desired default value for

new groups. It is not possible to set the size to 0MB, but when the field is left blank, there are

no size restrictions.

The default value here is superseded by the value assigned in each group.

3.3.2.2 Adding a Group

To add new group, click the [Add] button. The [Add New Group] table is displayed below.

The settings for the [Add New Group] table are shown below. After completing the settings,

click the [Save] button to update the information.

Group name

Enter the name of the new group. The group name can be up to 12 characters long and may

be made up of upper- and lower-case letters, numbers, hyphen (-), the underscore (_), with

the first character being a letter.

Maximum allowed disk space (MB)

Enter the maximum allowed disk space of the group as a MB unit.

The value entered here overwrites the group default value. Please refer to

“3.3.2.1 Editing Group Defaults.”

User membership (optional)

It is possible to assign users to groups with this field. The user(s) can be added or removed

to the group by using the or buttons. Click the buttons to move users between

[Users Not Affiliated] and [Users Affiliated].

Remarks (optional)

Enter additional group information.

The home directory of each group is drawn up /home/groups/[groupname]/.

3.3.2.3 Modifying a Group

Settings for existing groups can be modified by clicking the icon on the [Group List] table.

The [Modify Group Settings] table is displayed below.

Items in this table are similar to the [Add New Group] table. Here it is possible to modify

which users belong to a group. For details, refer to "3.3.2.2 Adding a Group."

3.3.2.4. Deleting a Group

To delete a group that has been added, click the icon next to the group name on the

[Group List] table. A message will appear to verify the deletion of the group. When the [OK]

button is clicked, the group is removed and the [Group List] table is refreshed with the deleted

group eliminated from the list.

The default groups in Turbolinux Appliance Server cannot be deleted.

3.3.3 LDAP directory

Turbolinux Appliance Server can operate as an LDAP (Lightweight Directory Access

Protocol) server. An LDAP server offers directory services in a TCP/IP network.

3.3.3.1 LDAP server summary

The LDAP server offers a directory service to the network—much like a telephone directory—

made up of a database that speeds frequent search processing, comparing, and gathering

information. With the directory service, information such as Email address, user address,

telephone number, FAX number, etc. are managed and offered to the client upon request. In

addition, there is some information utilized for network management.

With the LDAP server of Turbolinux Appliance Server, it is possible to manage the user

information such as Email address and telephone number of each user. With LDAP clients

like Microsoft Outlook, NETSCAPE Mail, and Mozilla, it is possible to search for information

on the server for registered users of the server.

3.3.3.2 LDAP Directory

The [LDAP Directory] table displayed below allows the administrative user to start and stop

the LDAP server and manage its information.

The [LDAP Directory] table settings are shown below. When changes are completed, click

the [Save] button to update the information and refresh the table.

Turbolinux Appliance Server denies the access to the LDAP server from Internet

by default. If access to the LDAP server is to be permitted from the secondary

interface (eth1), port 389 in TCP and UPD protocols, which the LDAP server

uses, it is necessary to set the basic firewall permission to ACCEPT. For details

on the basic firewall, refer to "3.8.1 Basic Firewall."

Enable

Check this box to enable or disable the LDAP server.

Base DN

Enter the base DN (Distinguished Name) of the user directory. The base DN is used to

identify the directory to the client. When the DN is entered on the client, Turbolinux

Appliance Server becomes the retrieval object. For example:

o=organizational name (i.e. o=turbolinux)

Email domain name (optional)

Enter the domain name to be appended to the user name when a request for an Email

address is made to the directory. For example, when the host name is “mail.mydomain,” the

Email address of a user becomes username@mail.mydomain. When “mydomain” is entered

in this field, the Email address returns as username@mydomin.

3.3.3.3 Setting up LDAP client

Here are some examples for setting up the user directory on Turbolinux Appliance Server

with standard optional client software.

NETSCAPE

1. Select the Address Book.

2. Select [File] > [New Directory] > [LDAP Directory] to display the [Directory Server

Properties] window.

3. Enter the necessary items and click the [OK] button to complete.

Name

Enter the optional identifier of the directory service in the Address Book.

Hostname

Enter the hostname or IP address of Turbolinux Appliance Server.

Base DN

Enter the base DN in order to identify the user directory of Turbolinux Appliance Server. Use

the value entered on the server. For details, refer to "3.3.3.2 LDAP Directory."

4. The Address Book defined in NETSCAPE is displayed.

It is possible to search the user information from the LDAP server of Turbolinux Appliance

Server by entering a search string.

Microsoft Outlook Express

1. Select [Tools] > [Accounts].

2. Click the [Directory Service] tab to display the existing services.

3. Click the [Add] button on the right side and select [Directory Service] from the options.

The [Internet Directory Server Name] is displayed.

4. Enter the domain name or IP of the Turbolinux Appliance Server in the [Internet directory

(LDAP) server] field. Click the [Next] button.

5. Select the option to [Check addresses using this service] if desired. Click the [Next]

button.

6. Click the [Finish] button to complete the settings and return to the [Directory Service] tab.

The new service should be listed.

7. Double-click the directory service to display the [Properties] window.

8. The host name of Turbolinux Appliance Server should already be in the [Server name]

field.

9. Click the [Advanced] tab.

10. Enter the base DN into the [Search base] field. For details, refer to "3.3.3.2 LDAP

Directory" for the base DN. Click the [OK] button to save the new settings.

11. User information is searched from the LDAP server of Turbolinux Appliance Server by

clicking the [Find People] button.

12. Select the host name of Turbolinux Appliance Server in the [Look in] field and enter the

[Name] and/or [Email] address to be searched for.

13. Click the [Find Now] button to start the search. Turbolinux Appliance Server will return

and display any matches.

3.3.4 Import

There is a lot of time and labor needed when many users are added to Turbolinux Appliance

Server. With the [Import Users] menu, it is possible to quickly import users and information

from an LDAP server or user list file into Turbolinux Appliance Server. This makes adding

users quick and convenient.

On the [File Import] table, choose the [Select Import Method] to select one of the following:

File Import

LDAP Import

3.3.4.1 File Import

Using the [File Import] table, it is possible to add users from a file prepared beforehand. The

user file is a simple text file with the following information:

Username

Full name

Password

Email alias (optional)

The format of the text file is as follows:

User name [tab] Full name [tab] Password [tab] Email alias (optional) [Return]

Divide each piece of information with a tab, entering one user per line. When entering

multiple Email addresses, use a comma or space to divide them. When not using Email

aliases, it is not necessary to put a tab after the password.

Enter the user file path into the [Source File] field. Click the [Browse] button to locate the file

on the client computer. After the file is selected, click the [Import Now] button to import the

users into Turbolinux Appliance Server.

The processing time for a user file may be considerable. After the users are

imported, it is possible to modify them from the [User List] menu. For details,

refer to “3.3.1 User List.”

3.3.4.2 LDAP Import

Server network address

Enter the IP address or host name of the LDAP server where the data to be imported is

stored.

Base DN

Enter the base DN which identifies the directory of the import object. (i.e. o=turbolinux)

Binding DN

Enter the binding DN (Distinguished Name) for the directory record manager (i.e. cn=admin

and o=turbolinux).

Password

When importing the data, the password is checked for the binding DN. Enter the password of

the manager of the binding DN here. With Turbolinux Appliance Server, the default password

is “secret.” To change the default password, edit the secret line in the

/etc/openldap/slapd.conf through a terminal:

Rootpw secret

Run the following command to restart the LDAP server after updating the password:

# /etc/init.d/ldap restart

User filter/Group filter (optional)

Enter the object class of the users and groups to be imported. The values to be input for the

users and group are default (objectClass=cobaltAccount), (objectClass=posixAccount),

(objectClass=cobaltGroup) (objectClass=posixGroup). It is not necessary to input a filter

when importing from another Turbolinux Appliance Server. When importing from some other

LDAP server, there are times when entering an object class becomes necessary.

After completing the settings, click [Import Now] to begin the process.

When the import process is finished, the results are displayed in the table below. If a user

already exists on the system, the import for that user is not completed and an error message

is listed.

3.4 Email

Turbolinux Appliance Server can operate as a mail server on the Internet, sending and

receiving messages. Additionally, it can create mailing lists and retrieve mail from a remote

server.

Click the [Email] menu on the left side under the [Administration] tab to display the Email

options. The following sub menu is displayed:

Email servers

Mailing list

Remote retrieval

3.4.1 Email server

3.4.1.1 Summary of Email server

SMTP (Simple Mail Transfer Protocol) is the sending protocol used to transfer Email from a

client to the mail server. If the mail server receives mail for a domain on the server it can

route it directly. However, a mailbox usually exists on another machine, so the server again

uses SMTP to route the mail to the appropriate place. In this case, the mail server refers to

the MX record of the DNS server to determine the server it needs to route the mail to. The

program which handles this function is called the MTA (Mail Transfer Agent) which uses the

SMTP function of the mail server. The mail which the SMTP server receives is housed in the

mailbox of each user MDA (Mail Delivery Agent) by a similar function. The mail is routed to a

file in the /var/spool/mail/ directory of the recipient user name. This file is kept in this

directory until the user downloads it to their client software.

A user accesses the mail server through an Email client and receives the mail which comes

from its own mailbox file. Once the mail is received by the user, it is deleted from the mailbox

file on the mail server. The Email client, POP3 (Post Office Protocol Version3) or IMAP4

(Internet Message Access Protocol Version4), is used to receive mail at the client side. The

server transfers the mail to the Email client through the POP3 or the IMAP4 server. The

SMTP server and the POP3 server or the IMAP4 server make up the "mail server.” Although

only one word is used for both servers, their roles are different.

Turbolinux Appliance Server can be used as an SMTP server to transfer Email on the

Internet. It can also operate as a POP3 or IMAP4 server for retrieving mail through client

software.

Verification of MX record

This is a vital part of the way in which SMTP transmits Email. Concerning the DNS server,

please refer to "3.7.3 DNS.” When mail is transmitted, the SMTP server queries the MX

record from the DNS server to determine the destination for the message. For example, the

host name and domain name of Turbolinux Appliance Server might be mail.atom.mydomain,

so an Email is sent to an address @mail.atom.mydomain. However, many mail servers use

the domain name of the Email address in order to have an address @atom.mydomain, so the

name is changed to not include a host name. Therefore, in this example, mail cannot be

routed to a host because it is unknown. When rewriting the domain name for transmission,

the server does not know that @atom.mydomain is really @mail.atom.mydomain. The DNS

record that resolves this issue is the MX record. For example, in the zone file of the DNS

server shown below, the MX record which defines the SMTP server that really receives the

Email transmission and the A record which shows the IP address of that SMTP server are

defined.

Atom.mydomain. IN MX 10 mail.atom.mydomain.

Mail.atom.mydomain. IN A 192.168.0.3

In this case, the SMTP server at the sending end refers to the MX record of the DNS server

when sending the mail of the @atom.mydomain address. It refers to the MX record of the

DNS server and knows that the SMTP server who delivers the mail is mail.atom.mydomain.

Please note that, depending upon the network environment being used, it may be necessary

to have an Internet Service Provider update the DNS server appropriately.

About relaying third party mail

There is no process of user identification in the basic SMTP server, unlike POP and IMAP.

Therefore, the default settings of the SMTP server allow it to transmit mail of domains that

exist on the server, but it is not usually possible to transmit mail for domains that do not exist

on the server. This setting allows only the client with the same domain name to transmit

Email through the server. The SMTP server where this setting permits the relay of the mail

by the third party is called the "open relay server" and may allow SPAM to get through.

SPAM, which is really the mass annoyance mail which is sent undiscriminatingly to individual

and corporate users, generally uses open relay servers to appear legitimate. An SMTP

server that actually relays SPAM may not be involved in the malicious activity, but

nevertheless becomes a conduit for unwanted Email. SMTP servers that relay unwanted

Email are investigated by several organizations, of which two popular ones are listed below.

ORDB (Open Relay Database): http://www.ordb.org/

MAPS (Mail Abuse Prevention System): http://mail-abuse.org/

The manager of the SMTP server that is blacklisted has the responsibility to secure the

server and try to get off the list.

The default SMTP setting of Turbolinux Appliance Server allows only mail

transmitted by the domain to pass through but does not block outside users from

“spoofing” the domain.

3.4.1.2 Email Server Settings

The [Email Servers Settings] table has two tabs. The [Basic] tab allows control for starting

and stopping the Email server. The [Advanced] tab has more detailed options, like setting

and enabling of a POP-before-SMTP function, masquerading domains, and third party relay

of the mail. After using the [Basic] or [Advanced] tab, click the [Save] button to apply the

settings and update the table.

Basic

With the default installation of Turbolinux Appliance Server, only the SMTP server is started.

If a user will be using the Email client to download messages from the mail file, it is

necessary to enable the POP server or the IMAP server. Selecting or deselecting a service

and then clicking the [Save] button starts or stops the service.

WebMail, the browser based Email client included in Turbolinux Appliance

Server, can be used for sending and retrieving messages. Because WebMail

uses the IMAP server, it is necessary to start the IMAP server before using

WebMail. For details on WebMail, refer to "5 User Site."

Advanced

The [Advanced] table items are listed below. After completing the settings, click the [Save]

button to update the settings.

Delivery schedule

This is the selection of the frequency whereby the SMTP server transmits mail. Options

include: [Immediate], [Every 15 minutes], [Every 30 Minutes], [Every Hour], [Every 6 Hours],

and [Every Day].

Maximum Email size (MB) (optional)

It is possible to define the maximum size of Email which the SMTP server of Turbolinux

Appliance Server can handle at the MB unit. It is possible to prohibit the sending and

receiving of Email which exceeds the size defined here. When this field is left blank, there is

no restriction in size.

Catch all Email (optional)

When Turbolinux Appliance Server receives an Email for an address that does not exist in

the user list, the SMTP server replies to the original sender with an error message. When an

Email address is entered in this field, any unresolved recipients are forwarded to that Email

address and an error message is not transmitted to the original sender.

Force sender’s domain (optional)

The domain name of the Email which the user of Turbolinux Appliance Server sends is

rewritten during transmission. This is generally called “domain masquerading.” For example,

the host name of Turbolinux Appliance Server in our example of mail.atom.mydomain,

transmits mail from this SMTP server as @mail.atom.mydomain. But, if we would like to use

the address @atom.mydomain, atom.mydomain is entered into this field.

Smart relay server (optional)

In a network environment where a firewall exists and an SMTP server is in the DMZ

(demilitarized zone), it may be necessary for access to be granted to an outside source to

transfer mail to the SMTP server which sits inside the LAN. With this kind of setup, the

SMTP server inside the LAN processes the mail of the host address by transferring to the

SMTP server the mail of the external address for outside delivery. Because the mailbox does

not exist in the SMTP server on the Internet, security risks are reduced.

When the host name of another SMTP server is defined in this field, Turbolinux Appliance

Server can act as an SMTP server even if it does not have direct access to the Internet.

POP authenticated relaying (optional)

When POP authenticated relaying is turned on, it is possible to use the POP-before-SMTP

function. As stated, the SMTP server of Turbolinux Appliance Server has the default setting

which denies third party relay other than our default domain. Therefore, it is not possible to

utilize the SMTP server of Turbolinux Appliance Server from outside. But, for example, if a

user would like to transmit the mail through the SMTP server of the company from home, the

server manager can permit the mail to be relayed by the third party if it meets certain

specifications. In order to accomplish this, the technique which is utilized widely is POPbefore-

SMTP. POP-before-SMTP it is the technique which limits the host which permits relay

by utilizing the user identification with POP. The IP address of the host which succeeds in

login with POP is retained for a short period of time, so the server will allow SMTP from that

host.

Relay Email from hosts/domains/IP addresses (optional)

Host names, domain names, or IP addresses which are permitted third party relay can be

entered in this field. For example, when “turbolinux.co.jp” is entered, relay from the host

which has this domain name is permitted.

By default, the SMTP server only allows mail sent from the domain of the server.

Block Email from hosts/domains (optional)

The server will reject mail from host names, domain names, or IP addresses listed here. For

example, when ”spam.mail.com” is entered, the mail from the host which has this domain

name is denied.

Block Email from users (optional)

The Email address of a user can be entered. An error message will be transmitted to a user

trying to send mail from a blocked address.

3.4.2 Mailing Lists

The [Mailing Lists] table shows the mailing lists that have already been created on the

Turbolinux Appliance Server.

When a group is created, the users of that group are added to a mailing list with

the group name by default.

3.4.2.1 Add Mailing List

Click the [Add] button on the [Mailing Lists] table to create a new list. The [Add Mailing List]

table is displayed. The table consists of two tabs, [Basic] and [Advanced]. After completing

the settings, click the [Save] button to update the mailing list.

Basic

The [Basic] tab settings are shown below.

List name

Enter the name of the new mailing list.

The mailing list name can be up to 12 characters long and may be made up of

upper- and lower-case letters, numbers, hyphen (-), the underscore (_), with the

first character being a letter.

Local subscribers

Users created on Turbolinux Appliance Server are displayed here. Users can be added to

the mailing list by clicking the or buttons to move them between the [Users

Subscribed] and [Users Not Subscribed] fields.

Remote subscribers

It is also possible to include recipients who are not users in Turbolinux Appliance Server in

the mailing list. Enter the full Email address of the remote subscribers in this field.

Remarks

Enter any additional information regarding the mailing list in this field.

Advanced

Click the [Advanced] tab to display the table below.

Owner/Moderator

Enter the user name of the mailing list manager. The default is “admin.”

Password

Enter the password for managing the mailing list via Email. If Email will not be used to

manage the list, leave the password field blank. Refer also to “3.4.2.5 Approval by the

mailing list manager.”

Posting policy

These policies indicate how messages can be posted to the mailing list. Please see the table

below for a brief description of the policies. Refer also to “3.4.2.4 Subscribing or

unsubscribing to a mailing list” and “3.4.2.5 Approval by the mailing list manager.”

Only Subscribers Can

Post Messages

Only subscribed members can send mail to the mailing list.

All Users Can Post

Messages

Any user, even if they are not a subscribed member, can post to

the mailing list.

Moderator Confirms All

Messages

Only Emails that have been approved by the moderator can be

sent out to the list.

Subscription policy

This details how users can be added to the mailing list. Please see the table below for a brief

description of each of the policies. Refer also to “3.4.2.4 Subscribing or unsubscribing to a

mailing list” and “3.4.2.5 Approval by the mailing list manager.”

Open: Any user may

subscribe.

A user can subscribe to the mailing list without any restrictions.

Confirm: Email

confirmation is required

for subscription.

In order for a user to subscribe to the mailing list, the user must

reply via Email to the verification Email that was originally sent

to the user (applicant).

Closed: List owner

approval is required for

subscription.

Only the list moderator can subscribe users to the mailing list.

Maximum message length

This indicates the total length (size) of the Email that will be transmitted to the mailing list.

You can select from the following different length restrictions from the drop down menu: [5KB],

[50KB], [500KB], [10MB], and [100MB]. The default is [50KB]. If an Email exceeds the limits,

a warning message will be sent from the mailing list to the original sender and also to the list

manager.

Reply policy

This policy determines how replies to Emails are handled. If [Reply to Sender] is selected, all

replies to a message are sent directly to the original poster. If [Reply to List] is selected, all

replies to all messages are sent directly to all users on the list.

Enable archive

Check this box to enable the archiving function of the mailing list. If a user has an account on

Turbolinux Appliance Server, it is possible to access the mailing list archive through WebMail.

For details about using WebMail, refer to “5 User Site.”

Keep period (days)

Enter the number of days messages are to be kept in the archives. The default is 30 days.

Enter 0 for unlimited number of days.

3.4.2.2 Editing a mailing list

Once a mailing list has been set up and saved, it can be modified. Clicking the [Mailing Lists]

option will display a list of the mailing lists that have been created, as shown below. Select

the list that you want to modify and click the icon.

Clicking the modify icon displays a table similar to the one used to originally set up the

mailing list. Refer to “3.4.2.1 Add mailing list.”

3.4.2.3 Deleting a mailing list

A mailing list(s) can be deleted easily. Once in the virtual site, click the [Mailing Lists] option.

Select the mailing list to delete and click on the icon. Click the [OK] button in the

confirmation dialog box that pops up. The [Mailing Lists] table will refresh and that mailing list

will no longer exist.

A mailing list which was created automatically by creating a group has the delete

icon grayed out and cannot be deleted. The only way to delete the mailing list is

to delete the group it belongs to.

3.4.2.4 Subscribing or unsubscribing to a mailing list

Users can join or be removed from a mailing list by a server manager or site manager

through the virtual site management, but it is also possible for a user to perform those

subscription functions.

Subscribing

To subscribe to a list, a user can send an Email which does not have a subject, as shown in

the table below.

Address majordomo@domainname (i.e. majordomo@turbolinux.co.jp)

Text subscribe mailing list name (i.e. subscribe atom-ml)

The mail is sent to the manager of the mailing list. Depending on the settings of the mailing

list, it may be possible for the sender of the Email to join the mailing list.

When the subscription policy is set to set to [Open], the list manager does not need to do

anything for the system to automatically send a welcome message to the requesting user and

add them to the list.

When the subscription policy is set to [Confirm], the system automatically sends a

confirmation request message to the requesting user. When the user replies to the message

and it is received successfully by the system, a welcome message is sent back and the user

is added to the list.

When the subscription policy is set to [Closed], the manager must review the Email

requesting subscription to the mailing list. If the mailing list manager approves the user, the

user receives a welcome message. If the mailing list manager does not approve the user,

then the user will not be joined to the list.

Unsubscribing

To unsubscribe to a list, a user can send an Email which does not have a subject, as shown

in the table below.

Address Majordomo@domainname (i.e. majordomo@turbolinux.co.jp)

Text unsubscribe mailing list name (i.e. unsubscribe atom-ml)

3.4.2.5 Approval by the mailing list manager

Approval of contribution contents

When the posting policy is set to [Moderator Confirms All Messages], any Email sent to the

list must be approved by the mailing list manager before being sent to the subscribers. The

manager goes through the approval process on messages in the following manner:

1. The manager receives a message from the address "(mailinglistname)@(domainname)”

with the subject “Approval required” to which they can reply to verify the contents of the

message.

2. When the message is approved, the password which was set in the mailing list is entered

into the password field on the first line and the message is sent back to the mailing list

address (i.e. Approved: Password).

Approval of user subscription

When the subscription policy is set to [Closed], the permission of the list manager is needed

to add a new user to the mailing list. When a new user requests to be subscribed to the

mailing list, a message is sent to the mailing list manager. The manager goes through the

approval process for users in the following manner:

1. The manager receives a message with the subject “APPROVE mailing list name” to

which they can reply to verify and add the user.

2. When the user is approved, the password which was set in the mailing list is entered into

the password field on the first line and the message is sent back to the mailing list

address. The line will need to be entered in the format “approval password \ subscribe

mailing list \ Email address of subscription user.”

Under the subscription policy, the [Open] option allows any user to subscribe

freely to a mailing list while the [Confirm] option sends an automatic response to

the requesting user. An Email is sent to the list manager with these options, but

additional approval by the list manager is not necessary.

3.4.3 Remote Retrieval

This function—also referred to as “multidrop”—retrieves Email which has the same domain

name that is being retained in one mailbox file. This function is useful to receive mail for a

group of users from an Internet Service Provider where the mail service has been contracted.

When remote retrieval is enabled, Turbolinux Appliance Server downloads the multidrop

mailbox file from a remote server and distributes it to local user accounts. Unresolved

recipients are delivered to the system administrator (admin).

The settings for the [Remote Retrieval] table are shown below. After completing the settings,

click the [Save] button to update the information.

Enable remote retrieval

Select this option to enable remote retrieval.

Remote Email server

Enter the host name or IP of the remote mail server.

Email domain name

Enter the domain name of the Email address used and delivered by the remote system. For

example, when the Email address is “john@mydomain,” enter “mydomain.”

User name

Enter the user name of the account on the remote server.

Password

Enter the password which corresponds to the user name of the account for remote retrieval.

To prevent mistakes, the password must be entered twice.

Message retrieval protocol

Select the protocol for retrieving the remote mail. The options are [POP3], [IMAP4], and

[ETRN]. The default is [POP3]. When ESMTP is used, select [ETRN].

Retrieval frequency

Enter the interval at which the remote retrieval should take place.

3.5 File & Print

Turbolinux Appliance Server allows file and print sharing for Windows and Macintosh clients.

Click the [File & Print] menu on the left side under the [Administration] tab to display the [File

& Print] options. The following sub menu is displayed:

Windows

Apple

Guest share

FTP

Print server

3.5.1 Windows

When this function is enabled, a user on Turbolinux Appliance Server can view and access

their home directory (/home/users/) through an icon displayed in “My Network Places.” It is

also possible to set Turbolinux Appliance Server to operate as a WINS (Windows Internet

Naming Service) server and PDC (Primary Domain Controller).

PDC (Primary Domain Controller)

When the Windows File Sharing server function is enabled, the operations of adding, deleting,

and managing users can require a lot of time. With Windows, the time required of the

network administrator is reduced with the “domain” functionality (which is different from the

“domain” definition of DNS). This manual does not go into the specific details regarding the

Windows domain, either the NT domain or the advanced capabilities of Active Directory in

Windows 2000. However, it is possible to operate Turbolinux Appliance Server as the PDC

(Primary Domain Controller) for an NT domain. There can only be one PDC for a domain,

and that system manages the user information for the domain. It is possible to register

servers to be members of a domain. In this scenario, user information managed by the PDC

is available to all members, and it is not necessary to define the users and passwords on

every member server.

When a client with Windows NT/2000/XP is registered to Turbolinux Appliance

Server as a member, it is necessary to certify the account with the following

information:

Username: Root

Password: (use the admin/root password for the system)

Additionally, when Windows XP is registered as a member of the domain, it is

necessary to modify the local security policy of the client. Go to [Control Panel] >

[Administrative Tools] > [Local Security Policy]. From there the [Local Policy] >

[Security Options] > [Domain member: Require strong (Windows 2000 or later)

session key] must be disabled.

WINS server

With a WINS server, the Windows network environment NetBIOS name (computer name)

corresponds to an IP address. In Windows, when NetBIOS and TCP/IP are used together,

the NetBIOS name and IP address are linked. This is the function of a WINS server; each

client registers its own NetBIOS name and IP address to the WINS server when starting. By

querying the WINS server, the IP address is derived from the NetBIOS name and

communication is done quickly. This is particularly efficient when clients have received IP

addresses from a DHCP server. It is possible to specify the name of a computer even when

the IP address has changed.

3.5.1.1 Windows File Sharing Settings

The [Windows File Sharing Settings] table consists of [Basic] and [Advanced] tabs. If

Windows File Sharing is not enabled, it is not necessary to modify anything in the [Advanced]

tab. The [Advanced] tab includes options for using Turbolinux Appliance Server as a WINS

(Windows Internet Naming Service) server or a PDC (Primary Domain Controller. For details

on setting Turbolinux Appliance Server as a PDC, refer to “3.5.1.2 Windows Domain

Controller Settings.” For details on setting Turbolinux Appliance Server as a WINS Server,

refer to “3.5.1.3 WINS Server Settings.”

The [Basic] tab settings are shown below. After completing the settings, click the [Save]

button to update and refresh the table.

Enable server

Check or uncheck this box and click the [Save] button to enable or disable the Windows File

Sharing selection.

Maximum simultaneous users

Enter the number of simultaneous users of the Windows File Sharing server. The default is

25 users.

Workgroup

Enter the workgroup name or NT domain name of the Windows network Turbolinux

Appliance Server belongs to. By default, “WORKGROUP” is entered. When using a name

other than “WORKGROUP” on an existing Windows network, it is necessary to modify this

value to match.

When Windows File Sharing is enabled, a Windows user can access the home

directory (/home/users/) of Turbolinux Appliance Server by browsing “My

Network Places” and selecting the icon for the name of the Turbolinux Appliance

Server.

It is necessary to login to Windows with the user name and password of the

Turbolinux Appliance Server in order to access the shared files.

3.5.1.2 Windows Domain Controller Settings

To operate Turbolinux Appliance Server as a PDC (Primary Domain Controller), click the

[Advanced] tab to display additional settings.

Check the [Windows Domain Controller] box and click the [Save] button to enable Turbolinux

Appliance Server to operate as a PDC. The domain name is indicated in the [Workgroup]

field on the [Basic] tab.

When Windows Domain Controller is enabled, the [Domain Members] button appears at the

top of the [Windows File Sharing Settings] table. A Windows client computer is added as a

domain member by clicking the [Domain Members] button.

Click the [Add] button to display the [Create Domain Member] table.

Enter the name of the computer to be added as a member of the domain which Turbolinux

Appliance Server controls in the [Machine Name] field. Add any comments in the [Remarks]

field if necessary.

After completing the settings, click the [Save] button.

The new domain member is displayed in the [Domain Members] table.

3.5.1.3 WINS Server Settings

To set Turbolinux Appliance Server as a WINS server, click the [Advanced] tab in the

[Windows File Sharing Settings] table.

To use Turbolinux Appliance Server as the WINS server on the network, select the [Use As

WINS Server] option. If another WINS server already exists in the network, select [Use The

Following Address As WINS Server] and enter the IP address of the WINS server in the [IP

Address] field. After completing the settings, click the [Save] button to update and refresh the

table.

3.5.2 Apple

It is possible to use Turbolinux Appliance Server to share files with Macintosh computers

through AppleShare. When this function is enabled, the host name Turbolinux Appliance

Server is displayed in the “Chooser” on a Macintosh client as an AppleShare volume.

3.5.2.1 Apple File Sharing Settings

The settings for the [Apple File Sharing Settings] table are shown below. After completing

the settings, click the [Save] button to update and refresh the table.

Enable server

Select this box and click the [Save] button to enable or disable Apple File Sharing selection.

Maximum simultaneous users

Enter the number of simultaneous users of the Apple File Sharing server. The default is 25

users.

When Apple File Sharing is enabled, a user can access their directory on

Turbolinux Appliance Server (/home/users) through AppleShare. The icon of the

Turbolinux Appliance Server is selected in the “Chooser” and the user name and

password are entered. If the authentication is correct, the user can select the

volume to mount through the “Chooser.”

3.5.3 Guest Share

When the [Guest Share] function is enabled, a user who does not have a Turbolinux

Appliance Server account can access the guest directory using a Windows network or

AppleShare. Additionally, the FTP server can allow guest access (Anonymous FTP).

If a user on Turbolinux Appliance Server needs to share files with the guest

user(s), it is necessary to join the user to the “guest-share” group. For details,

refer to “3.3.2 Group List."

The directory for guest user access is /home/groups/guest-share. Entry into the

/home/groups/group-share/incoming directory is possible when Windows File

Sharing, Apple File Sharing, or FTP access is permitted to the guest user.

3.5.3.1 Setting up Guest Share

The settings for the [Guest Share Settings] table are shown below. After completing the

settings, click the [Save] button to update and refresh the table.

Enable guest access

Select this box and click the [Save] button to enable or disable Guest Share selection.

Incoming file access

To grant authority to a guest user to upload files, click the [Enable] button and enter a value

for the incoming file capacity in MB in the [Maximum Allowed Disk Space (MB)] field. When

incoming file access is permitted, a guest user can upload files into the /home/groups/guestshare/

incoming directory by way of FTP, Windows File Sharing, or AppleShare. These users,

however, cannot view or download items from this directory. Only users belonging to the

“guest-share” group can view the contents of that directory. Additionally, when shell access

is permitted through SSH or telnet, users can access that directory. For details on shell

access, refer to “3.7.6 Shell.”

3.5.4 FTP

It is possible to use Turbolinux Appliance Server as an FTP server. The FTP server can be

started and stopped through this menu.

3.5.4.1 FTP server summary

FTP (File Transfer Protocol) is used for clients to transfer files to and from the host computer

on the network. When the FTP server is started, a user with an optional FTP client can

access their home directory on Turbolinux Appliance Server to upload or download files.

3.5.4.2 FTP Settings

The settings for the [FTP Settings] table are shown below. After completing the settings, click

the [Save] button to update and refresh the table.

Enable server

Check or uncheck this box and click the [Save] button to enable or disable the FTP server.

Maximum simultaneous users

Enter the maximum number of simultaneous users. The default is 25.

3.5.5 Print Server

It is possible to use Turbolinux Appliance Server as a print server.

3.5.5.1 Print server summary

It is possible to manage a local or network printer through the print server and offer printer

sharing to Windows and Macintosh clients but not to Linux clients.

The print server in Turbolinux Appliance Server supports PostScript printers only.

PostScript is page description language developed by Adobe Systems. The file

which is created by PostScript is called the PS file. Only a printer capable of

PostScript can interpret the PS file. The printer whose printing the PS file is

possible is the PostScript printer. Refer to the printer manufacturer’s manual to

determine if a printer is PostScript compatible.

3.5.5.2 Print Server Settings

The [Print Server Settings] table consists of two tabs: [Basic] and [Advanced]. The [Basic]

tab controls the starting and stopping of the print server. The [Advanced] tab controls the

sharing settings of the printer(s).

Check or uncheck the [Enable] box and then click the [Save] button to start or stop the print

server. For setting up the printer, refer to “3.5.5.3 Adding a printer."

Printer sharing for Windows and Macintosh clients is controlled through the [Advanced] tab.

Check the [Enable Apple Printing] box to offer the printer share to Macintosh clients. Check

the [Enable Windows Printing] box to offer the printer share to Windows clients.

After completing the settings, click the [Save] button to update and refresh the table.

The printer sharing function is closely related to the file sharing functions. When

[Enable Apple Printing] or [Enable Windows Printing] are checked, the file

sharing function is also enabled for Apple and Windows, respectively.

3.5.5.3 Adding a printer

To add a local or network printer, click the [Manage Printers] button at the top of the [Print

Server] table to display the [Available Printers] table below.

Click the [Add] button to display the [Add a Printer] table below.

The settings for the [Add a Printer] table are shown below.

Name

Enter the printer name.

Type of connection

Choose the type of connection from the available options.

Parallel Selects the printer which is directly connected to the parallel port of

Turbolinux Appliance Server.

USB Selects the printer which is directly connected to a USB port of

Turbolinux Appliance Server.

Network Selects the printer which is on the network with Turbolinux Appliance

Server. When [Network] is selected, the host name or IP must be

entered in the [Host Name] field. The [Queue Name] field is optional

if required by the remote printer.

PPD file (optional)

Enter the path to a PPD file. Click the [Browse] button to select the file from the local client

drive. PPD (PostScript Printer Description) is a type of file which is unique to each printer

and describes the file output to the PostScript printer driver. It is necessary to enter a PPD

file when sharing a printer with AppleShare.

After completing the settings, click the [Save] button to add the printer.

3.5.5.4 Modifying printer settings

Click the icon to modify the settings for a particular printer.

The [Modify Printer] table is displayed and the [Name], [Type of Connection], and [PPD File]

fields can all be edited. Settings on this table are similar to the [Add a Printer] table. For

details, refer to “3.5.5.3 Adding a Printer.” After completing the settings, click the [Save]

button to update the printer.

3.5.5.5 Managing print jobs

To display information regarding print jobs and to manage active print jobs, click the icon

on the [Available Printers] table. The [Current Print Jobs] table is displayed below.

Clear the Print Queue

Click the [Clear the Print Queue] button to clear everything that is being printed or spooled.

Suspend Printing

Click the [Suspend Printing] button to stop printing temporarily. It is possible for the printer to

continue to spool. When the [Resume Printing] button is clicked, the print job is resumed and

the queue continues.

3.5.5.6 Deleting a printer

To delete a printer from the [Available Printers] table, click the icon next to the printer to

be deleted. Click the [OK] button on the verification dialog that appears.

3.6 Web

Turbolinux Appliance Server can operate as a web server. Additionally, it can be used for a

proxy server.

Click the [Web] menu on the left side under the [Administration] tab to display the [Web]

options. The sub menu below is displayed:

Web server

Web caching

Web access

3.6.1 Web Server

3.6.1.1 Web Server summary

The WWW (World Wide Web) service provides the serving of web pages through HTTP

(HyperText Transfer Protocol). When a client application or browser requests a web page

through HTTP, the web service responds with the HTML document indicated by the client.

The settings for the web service of the Turbolinux Appliance Server are done here.

Document path of the web server

The web server of Turbolinux Appliance Server uses the directory below as the file path:

/home/groups/home/web/

In other words, when the host name of Turbolinux Appliance Server is set to atom.mydomain

and the web browser calls “http://atom.mydomain/,” the index.html file which is displayed

actually resides in the /home/groups/home/web/ directory. To update the default home page,

upload a new index.html file to the /home/groups/home/web/ directory over the Windows

network or with an FTP client.

Home page of user

The home page of each user and/or group uses the directory structure below:

/home/users/(user name)/web/

/home/groups/(group name)/web/

To add a file to the home page, upload a new index.html file to the above mentioned

directories over the Windows network or with an FTP client. It is possible to access the

index.html file from those directories with the URL:

http://(server name)/(user or group name)/

CGI script

The web server of Turbolinux Appliance Server supports CGI scripts and the execution of

shell scripts which are written in Perl and C languages. It is possible to upload a CGI script

to the /home/users/(user name)/web directory by a user on a Windows network or with an

FTP client. In addition, execution authority must be granted to the directory where the script

is uploaded. Permission can be granted with an FTP client or by using SSH or telnet on

Turbolinux Appliance Server to execute the following command:

$ chmod 775 (filename).cgi

It is necessary to use the .pl or .cgi extension to run a CGI script. The Perl path

on Turbolinux Appliance Server is /usr/bin/perl.

PHP script

The web server of Turbolinux Appliance Server supports the execution of the PHP script. It

is possible to upload a PHP script to the /home/users/(user name)/web directory by a user on

a Windows network or with an FTP client.

It is necessary to use the .php extension to parse PHP pages correctly.

3.6.1.2 CGI script permissions

With this setting the CGI (Common Gateway Interface) permissions are set.

The [Web Settings] items are shown below. After completing the settings, click the [Save]

button to update and refresh the table.

Do Not Allow Access To Any

User

Only the server administrator can execute CGI

scripts. All other users on Turbolinux Appliance

Server are restricted from executing CGI scripts.

Allow Access to All Users All users are allowed to execute CGI scripts.

Allow Access to Specified Users

Only

It is possible to select which users on the system are

allowed to execute CGI scripts.

3.6.2 Web Caching

It is possible to operate Turbolinux Appliance Server as a proxy server. With this menu, the

proxy server can be started and stopped.

It is possible to operate Turbolinux Appliance Server as a proxy server with the

default settings.

3.6.2.1 Proxy Server summary

A proxy server offers access to the Internet to clients on an internal network. The proxy

server is installed between the gateway and the LAN and represents the Internet to all of the

clients in the LAN, substituting for a direct Internet connection. In other words, when a proxy

server receives an HTTP request from a client, the proxy server connects to the web server

request instead of the client. The response from the web server is returned to the proxy

server and the proxy server returns the request to the client on the LAN.

In this way, a proxy server provides additional security to many clients by acting as a firewall

and also facilitates web caching by reusing web requests that have already been made.

When a client views the web page more than once, the cache from the proxy server—rather

than a response from the actual web server—is used to serve the client. If the requested

web page is renewed, the proxy server will retrieve it again and then serve it to the client.

This process of using the proxy server as a caching server reduces traffic and increases

network performance.

About using a proxy

A standard proxy server setup, as explained in “3.6.2.1 Proxy Server summary,” requires a

user to configure the web browser with the proxy server port number. The web browser

makes an HTTP request to the proxy server which is defined, and the proxy server transfers

the request to a web server outside the LAN. With the usual proxy being set on the user side,

the proxy is able to carry out its role. But it is also possible to make the proxy server

transparent to the client so that no browser settings are necessary. When this type of proxy

is used, the client appears to be connected to the web directly, but is really connected to a

proxy server operating as a gateway.

The proxy server of Turbolinux Appliance Server operates in this way by default. When the

Web Caching function is enabled, the packet the client is using to access the web (TCP port

80) is detected by Turbolinux Appliance Server and forwarded to port 3128 where the proxy

server is waiting for the request. The proxy server receives that request and alternatively

accesses the requested web page. Because of this setup, special settings on the client side

are unnecessary and the client is unaware of the proxy operation.

It is also possible to assign TCP port 3128 in the client web browser to access

and use the proxy server.

For the proxy to work, the TCP port 80 packet is actually forwarded to TCP port

3128 where the proxy server normally expects the request. This processing

uses the Basic Firewall function on Turbolinux Appliance Server. Therefore,

when Web Caching is enabled, the Basic Firewall also operates automatically.

When the Basic Firewall is disabled, the Web Caching function will not operate.

3.6.2.2 Web Caching Settings

The [Enable Server] option turns on or off the proxy server on Turbolinux Appliance Server.

After changing the setting, click the [Save] button to start or stop the proxy server.

3.6.3 Web Access

With the [Web Access] menu, it is possible to operate Turbolinux Appliance Server as a

gateway. When used with Web Caching, it can be used to control a client accessing a web

site via Turbolinux Appliance Server. For detail on proxy servers, refer to “3.6.2 Web

Caching.”

The [Restricted Web Access] table settings are shown below. After completing the settings,

click the [Save] button to update and refresh the table.

Restriction policy

Select the restriction policy which defines access to the web site. Options are listed below:

Unrestricted Access to the web site is permitted to all clients.

Permitted Access The hosts or IPs listed in [Hosts/Domains] or [IP Addresses]

are permitted access to the web site.

Blocked Access The hosts or IPs listed in [Hosts/Domains] or [IP Addresses]

are denied access to the web site.

Hosts/Domains (optional)

Enter the hosts or domain names of the clients to which the restriction policy applies.

IP addresses (optional)

Enter the IP addresses of the clients to which the restriction policy applies.

3.7 Network

This menu is for connecting Turbolinux Appliance Server to the Internet and setting up

network services. Under the [Administration tab], click [Network] on the left side of the screen

and the sub menu is expanded. The sub menu options are:

TCP/IP

Internet

DNS

DHCP

SNMP

Shell

3.7.1 TCP/IP

This option controls settings for IP addresses, host names, and domain names of the

Turbolinux Appliance Server system. In addition, this option allows setting up static routing.

3.7.1.1 TCP/IP Settings

Turbolinux Appliance Server uses up to three network interfaces for different applications.

For more details, refer to “2.1 Network interface specification.”

Below are the options for the [TCP/IP settings] table. Click the [Save] button to update the

settings and refresh the table.

Host name

Enter the host assigned to the Turbolinux Appliance Server (i.e. “www”).

Domain name

Enter the domain name assigned to the Turbolinux Appliance Server (i.e. “mydomain”).

DNS servers (optional)

Enter the IP address(es) of the DNS server(s) that Turbolinux Appliance Server will use to

resolve names and IP addresses. When entering multiple IP addresses, enter one per line.

Use the full IP address of the remote DNS server to avoid errors.

IP address (primary interface)

Enter the IP address of the primary interface (eth0) of Turbolinux Appliance Server in this

field. Generally, this interface is used for a LAN or private IP address. If only using one IP

address, use the primary interface and leave the secondary interface blank.

IP network mask (primary interface)

Enter the subnet mask of the primary interface (eth0) in this field. If only using one IP

address, leave the [IP Network Mask] field for the secondary interface blank.

MAC address (primary interface)

This field displays the MAC address of the network card used for the primary interface (eth0).

MAC addresses are specific identifiers set at the time of manufacturing from the hardware

vendor and are used to identify the network card. This value cannot be modified.

IP address (optional) (secondary interface)

Enter the IP address of the secondary interface (eth1) in this field. The secondary interface is

used to connect to the Internet, so enter the global IP from the Internet Service Provider. If

only using one IP address, leave the [IP Address] field for the secondary interface blank.

When two network interfaces are used, the secondary interface (eth0) connects

to the Internet side, while the primary interface (eth1) connects to the LAN side.

IP network mask (optional) (secondary interface)

Enter the subnet mask of the secondary interface (eth1) in this field. The secondary interface

is used to connect to the Internet. If only using one IP address, leave the [IP Network Mask]

field for the secondary interface blank.

MAC address (secondary interface)

This field displays the MAC address of the network card used for the secondary interface

(eth1). MAC addresses are specific identifiers set at the time of manufacturing from the

hardware vender and are used to identify the network card. This value cannot be modified.

IP address (optional) (auxiliary interface)

Enter the IP address of the auxiliary interface (eth2) in this field. The auxiliary interface is

used for a DMZ (Demilitarized Zone). If the auxiliary interface is not necessary or does not

exist, leave the [IP Address] field for the auxiliary interface blank.

IP network mask (optional) (auxiliary interface)

Enter the subnet mask of the auxiliary interface (eth2) in this field. The auxiliary interface is

used for a DMZ (Demilitarized Zone). If the auxiliary interface is not necessary or does not

exist, leave the [IP Network Mask] field for the auxiliary interface blank.

MAC address (auxiliary interface)

This field displays the MAC address of the network card used for the auxiliary interface (eth2).

MAC addresses are specific identifiers set at the time of manufacturing from the hardware

vender and are used to identify the network card. This value cannot be modified.

3.7.1.2 Setting the static route

It is possible to set the static routing of certain packets from Turbolinux Appliance Server to

another subnet. From the [TCP/IP Settings] table, click the [Modify Static Routes] button to

display the table below.

There are no static routes defined by default. Click the [Add] button to enter a new static

route.

The options on the [Add Static Route] table are shown below. After competing the settings,

click the [Save] button to update the static route table and refresh the table.

Target subnet

Enter the network address of the subnet which needs a route.

Target network mask

Enter the subnet mask of the subnet which needs a route.

Gateway

Enter the default gateway used to route to the subnet.

Network interface

Select the network interface from the drop down menu to use for the route.

3.7.1.3 Port Forwarding

With port forwarding, when a packet from a certain interface with a defined port number is

detected the port is translated to another interface and/or port number. Generally, packets

originating on the Internet side (secondary interface) need to be forwarded to a server

specified on the LAN. For example, it can transmit a packet for SMTP to a server inside the

LAN sent to port 25 from the Internet.

To define port forwarding, click on the [Port Forwarding] button on the top of the [TCP/IP

Settings] table. The [Port Forwarding Rules] table is displayed.

By default, there are no port transfer settings. Click the [Add] button to display the [Port

Forwarding Record – Create] table below.

The settings of the [Port Forwarding Record – Create] table are shown below. After

completing the settings, click the [Save] button to update and refresh the table.

Protocol

Select the protocol [TCP] or [UDP] for the rule from the drop down menu.

Source IP

Select the network interface for which the port transfer rule will apply.

Source port

Enter the number of the port to be transferred.

Target IP

Enter the IP address of the port to be transferred to.

Target Port

Enter the number of the port to be transferred to.

Comments (optional)

If necessary, enter any comments.

3.7.2 Internet

Generally, the settings needed to connect Turbolinux Appliance Server to the Internet are

completed during the initial setup wizard. Here, the settings to connect Turbolinux Appliance

Server to the Internet can be modified, and several options not available during the wizard

can be defined. There are three connection methods supported by Turbolinux Appliance

Server that can be selected from the drop down menu at the top of the [Internet Settings]

table:

Gateway on LAN

Cable Modem or DSL

Analog Modem or IDSN

3.7.2.1 Gateway on LAN Settings

In order to connect Turbolinux Appliance Server to the Internet through an existing gateway

inside the LAN, the IP address of the existing gateway is entered and Turbolinux Appliance

Server acts only as an access router.

The settings for the [Internet Settings – Gateway on Local Area Network (LAN)] table are

shown below. After completing the settings, click the [Save] button to update and refresh the

table.

Server gateway

Enter the IP address of the computer which Turbolinux Appliance Server will use as a

gateway. If the primary interface of Turbolinux Appliance Server inside the LAN (eth0) is the

only interface used, the existing LAN gateway is entered in this field. With this method, the

client inside the LAN also sets its IP of the default gateway the same and connects to the

Internet in a similar fashion.

If Turbolinux Appliance Server is set up as a gateway separating the Internet from the LAN,

enter the IP of the secondary interface (eth0). In this case, the secondary interface is the

gateway. In many cases, however, this IP address will be the access router connected to the

Internet.

It is necessary to enter this value if Turbolinux Appliance Server communicates

with other network(s).

IP forwarding and masquerading

Whether or not Turbolinux Appliance Server is set as the gateway separating the Internet and

LAN, IP Masquerading can be enabled from the drop down menu. The options are listed

below:

Forward IP Packets With

Masquerading

This option makes it so that the global IP does not

correspond directly to the client inside the LAN making

the request. When enabled, it automatically turns on

port forwarding.

Forward IP Packets Only Only forwarding between the network interface(s) is

enabled.

Do Not Forward IP Packets Disables port forwarding between the interface(s).

IP forwarding and masquerading are not available options during the setup

wizard.

Secondary interface

The settings from [TCP/IP Settings] (refer to “3.7.1.1 TCP/IP Settings”) are entered into these

fields by default. The secondary interface (eth1) is generally used to connect Turbolinux

Appliance Server to the Internet. Therefore, in the secondary interface fields, the global IP

address assigned by the Internet Service Provider is displayed. If the primary interface (eth0)

is the only one used, leave the secondary interface settings blank.

3.7.2.2 Cable Modem or DSL Settings

Turbolinux Appliance Server can utilize a cable modem or DSL to connect to the Internet.

Verify that the cable modem or DSL modem is connected to the secondary

interface (eth1).

The settings for the [Internet Settings – Cable Modem or DSL] table are shown below. After

completing the settings, click the [Save] button to update and refresh the table.

Obtain automatically using DHCP

Use this option when the secondary interface (eth1) obtains network information through a

DHCP server. In other words, the global IP address of the cable modem or DSL is acquired

from the broadband access router. It is the form most commonly seen with home user

Internet connection services.

As for the [Client Host Name] and [Client Identifier] fields, it is not necessary to enter the

information unless it is required by the Internet Service Provider.

Obtain automatically using PPPoE

When using PPPoE to connect to the Internet, enter the [User Name] and [Password] fields

for authentication and access to the Internet Service Provider. The password must be

entered twice to prevent mistakes.

Specify manually

When a static global IP address is assigned by the Internet Service Provider, enter the IP

address, subnet mask, and server gateway into the appropriate fields. By default, the values

from the [TCP/IP Settings] table (refer to “3.7.1.1 TCP/IP Settings”) are entered into these

fields.

IP masquerading

Select this option to make it so that the global IP does not correspond directly to the client

inside the LAN making the request.

3.7.2.3 Analog Modem or ISDN Settings

Turbolinux Appliance Server can also utilize an analog modem or ISDN terminal adapter to

connect to the Internet.

Verify that the modem or ISDN terminal adapter is connected to the serial port.

The settings for the [Internet Settings – Analog Modem or ISDN] table are shown below.

The [Connection Mode] and [Connection Period] settings are not displayed

during the setup wizard.

Connection status

This displays whether or not the modem is currently to the Internet Service Provider.

Connection mode

Select [Connection On Demand Only] or [Connection Always On] from the drop down menu.

If this connection type is not used, [Connection Always Off] is the only option. The default is

[Connection Always On] when using an analog modem or ISDN terminal adapter. When

[Connection On Demand Only] is selected, the connection to the outside network is only

made when necessary, such as when checking Email.

Connection period

By default, the connection to the Internet Service Provider is always enabled. But when the

[Connection Period] is specified, it is possible to restrict the use of the modem to certain

acceptable times. Click the or icons to move available times between the [Connect

Times] and [Do Not Connect] fields.

Phone number

Enter the phone number to the Internet Service Provider when dial-up service is used.

Dial-up account user name

Enter the login ID for the Internet Service Provider.

Dial-up account password

Enter the password for the login ID for the Internet Service Provider The password must be

entered twice to prevent mistakes.

Modem initialization string

Enter the modem initialization string. By default, “ATZ” is entered. Many modems use the

“ATZ” command for initialization, but there are times when using an ISDN terminal adapter

that it differs. Refer to the manual of the attached device.

Local IP address (optional)

Enter an allotted fixed IP if designated by the Internet Service Provider.

Server hostname (optional)

In general, PAP authentication is used by the Internet Service Provider. But in the case of

CHAP authentication, the host name of the dial-up server is entered into this field. If unsure

about this setting, refer to the Internet Service Provider documentation.

Modem speed (baud)

Select the connection speed of the modem. By default, [115200] is selected.

Enable pulse dialing

Select this option if using a pulse dialing system for the telephone circuit. By default, a tone

dialing system is used.

IP masquerading

Select this option to make it so that the global IP does not correspond directly to the client

inside the LAN making the request.

After completing the settings, click the [Save] button to update and refresh the table. When

the [Save and Test] button is clicked, the settings are updated and the connection to the

Internet Service Provider is tested.

3.7.3 DNS

Turbolinux Appliance Server can operate as a DNS (Domain Name System) server. The

DNS server resolves host names and/or domain names to the IP address in TCP/IP network.

3.7.3.1 DNS server summary

When the computer exists in a TCP/IP network, it uses an identifying host name and FQDN

(Fully Qualified Domain Name: the complete domain name which does not abbreviate

domain name and host name) which are easy for a human to remember. For example, when

accessing the web with a web browser, a web site such as http://www.turbolinux.co.jp/ is

entered into the web browser of the client. But because the computer is actually identified

with an IP address, it is not possible to tell whether the host www.turbolinux.co.jp exists

somewhere on the Internet. It is then necessary to resolve the name to an IP address. This

is what the DNS server does. All the computers in the world connected to the Internet are

managed with a unique global IP address. The DNS server answers the request from the

client, searches the IP address of the computer of specification, and then returns that IP

address to the client. This makes it possible for a client computer to access servers by their

host name. The client then calls the correct IP address that has been resolved to that host.

Forward and reverse lookups

There are forward and reverse lookups in name resolution. The conversion from a FQDN to

an IP is a forward lookup. Conversely, the conversion from an IP to a FQDN is a reverse

lookup.

Mechanism of domain cooperation

With the Internet, the record of countless IP addresses and the host names to which they

correspond must be kept. But it is not realistic to manage this with one database system.

The DNS server is arranged in every domain, has a layered structure, keeps the database

regarding the respective domain, and does the name resolution by cooperating with other

DNS servers.

As for domain, the route to a particular DNS server is managed with a tree which makes the

domain accessible. The tree starts with the top-level domains of jp, cn, com, org, etc. Co, gr,

etc., exist under jp domain, turbolinux and the like exist under co. The DNS server that

manages that domain exists in each branch above it.

When the name resolution is requested from a client on the Internet, the query starts with the

top-level DNS server. For example, with www.turbolinux.co.jp the client first queries the IP

address of the DNS server who manages the jp domain. Then the DNS server of jp domain

looks to the DNS server who manages co domain, and then the DNS server of co domain

queries the DNS server of turbolinux domain. The host www is finally called by the DNS

query of the server inside the turbolinux domain. Each time the route makes a query, a

cache is kept of the route to speed future requests. In the case of the reverse lookup, the

domain, in-addr.arpa is utilized. For example, with the network of 192.168.1.0/24, the

opposite numbers are used, like 1.168.192.in-addr.arpa. The name resolution is done

through the DNS server and the in-addr.arpa domain, which has a layered structure just like

the forward lookup.

Zone

The DNS servers for each domain keep a database of the domain which that DNS server

manages and the range which it has control. This range is called the zone. In addition, the

database file of the zone is called the zone file. The association of IP address and host name

is defined in this zone file.

Type of DNS server

As for the DNS server, it can be classified by its role.

Primary name server (primary service)

The primary name server controls the information management of all hosts which exist inside

the domain, defining the MX record and setting the secondary name servers and information

necessary to communicate with them. It is necessary for name resolution.

Secondary name server (secondary service)

The secondary name server backs up the primary name server by copying the zone file

periodically. If/when trouble occurs in the primary name server, it functions like a proxy

server. With this purpose in mind, it is not desirable to have the two DNS servers in the same

network segment. When defining DNS, it is necessary to have a primary and secondary

name server.

Sometimes a secondary name service is offered by an Internet Service Provider.

Cache-only server

This type of DNS server keeps records of name resolutions requested by the client but does

not host records itself. Because host names are cached, it can respond quicker to requests

the second time. With large-scale sites, there is the benefit of load reduction with this server

type.

A DNS server can simultaneously act as many types. For one domain it may be the primary

DNS server, but for another domain it may be the secondary server.

3.7.3.2 DNS Settings

The [DNS Settings] table has three tabs: [Basic], [Advanced], and [Zone Format]. With the

[Basic] tab, it is possible to control starting and stopping the DNS server. With the

[Advanced] tab, the DNS server default SOA (Start Of Authority: authority definition of the

name server in this zone) and the transfer of the database file which is managed by the zone

can be done. Lastly, reverse lookups of the zone are defined in the [Zone Format] tab.

Basic

Checking or unchecking the [Enable Server] box and then clicking the [Save] button starts or

stops the DNS server.

When this option is not checked, the DNS server still operates as a caching-only

server.

Advanced

Items under the [Advanced] tab are shown below. After changing the settings, click the

[Save] button to retain settings.

The SOA (Start Of Authority) value listed here is the default one only. Editing

primary services can define the SOA value per zone.

Default DNS administrator Email address (optional)

Enter the Email address of the DNS server manager. The default manager is “admin.” The

Email address listed here is released with queries to the DNS server.

Default refresh interval (seconds)

This is the amount of time that goes by before the secondary name server checks the

modification of the zone file of the primary name server and renews it if necessary.

Default retry interval (seconds)

In the event the secondary name server fails renewal from the primary name server, this is

the amount of time that goes by before the additional checks happen at the secondary server.

Default expire interval (seconds)

This is the amount of time the record stays on the secondary name server if the primary

name server cannot be reached or the information is no longer available. Information not

updated after the specified time is deleted.

Default time-to-live interval (seconds)

This is the amount of time the DNS information is cached on a secondary server.

Forwarding servers (optional)

The DNS server who transfers the inquiry is assigned an IP address. If there is a problem

accessing the DNS server or the Internet, it transfers the inquiry to the DNS server(s) listed

here.

Zone transfer access by IP address (optional)

The IP address of the DNS server(s) which is allowed zone transfer requests can be entered

here. Zone transfer allows the zone information which the other DNS server manages to be

downloaded. Usually, the primary and secondary DNS servers allow zone transfers. When

this field is left blank there is no restriction in zone transfer, but when it is defined only that

host zone transfer is permitted. When using multiple IPs, enter one per line.

Zone format

Settings under the [Zone] tab are shown below. After changing the settings, click the [Save]

button to keep the settings.

Zone file format settings

This option sets the specification format of the reverse lookup zone file. The types of the

zone files which can be used include: [RFC2317], [DION], [OCN-JT], and [User Defined].

The international standard format is [RFC2317]. Verify settings with the Internet Service

Provider.

IP address classification varies according to use. Those used with the computer

are generally class C to class A. IP addresses are displayed in 32 bits. In class

A, the network section is 8 bits and the host section is 24 bits. In class B, the

network section is 16 bits and the host section is 16 bits. In class C, the network

section is 24 bits and the host section is 8 bits. For example, in a class C like

192.168.1.0/24, there are 256 active IP addresses on the network. In order to

utilize IP addresses more efficiently, there are many times when the address

space is narrower than each class. For example, in the case of

192.168.1.128/26, 26 bits are used to define the network section of the address

rather than the usual 8,16,24 bit structure (This means that only 6 bits are left to

define the host section.). In the case of a classless designation, the divisions are

not always in equal 8 bit blocks as they are in a class space division. This differs

from reverse lookups because lookups are divided by 8 bits each time. If

another zone format must be used, it is possible for the server manager to define

the file with the settings below.

User defined zone file format settings

When [User Defined] is selected as the zone file format, all of the items below must be

entered. When not using the [User Defined] option, these settings are invalid.

Zone file format for > 24-bit

networks (optional)

Zone file format which is used with a network which

has the pause position of 24 bits or more is defined.

Zone file format for > 16-bit

networks (optional)

Zone file format which is used with a network which

has the pause position of 16 bits or more is defined.

Zone file format for > 8-bit

networks (optional)

Zone file format which is used with a network which

has the pause position of 8 bits or more is defined.

Zone file format for > 0-bit

networks (optional)

Zone file format which is used with a network which

has the pause position of 0 bits or more is defined.

The meanings of the designated fields are as follows:

%1 The first 8 bits of IP address. In 192.168.1.128, it is the 192.

%2 The second 8 bits of IP address. In 192.168.1.128 it is the 168.

%3 The third 8 bits of IP address. In 192.168.1.128 it is the 1.

%4 The fourth 8 bits of IP address. In 192.168.1.128 it is the 128.

%n The size of network (bit number). In 192.168.1.128/26 it is the 26.

For example, when the zone format is %4/%n. %3. %2. %1.in-addr.arpa, 192.168.1.128/26

becomes 128/26.1.168.192.in-addr.arpa.

3.7.3.3 Setting of primary service

To modify settings for the primary name server, click the [Edit Primary Services] button from

the [DNS Settings] table.

Add record

Select [Add Record] from the drop down box, and choose an option below to add a record to

the DNS server.

Forward address (A) record

Reverse address (PTR) record

Mail server (MX) record

Alias (CNAME) record

The settings for each item record are described below. When multiple records are added, the

operation is repeated. It is necessary to click the [Apply Changes Now] button when the last

record has been added or modified to save the changes to the DNS server.

Changes to the DNS server will not take effect until the [Apply Changes Now]

button is clicked after records have been added or modified.

Adding a forward address (A) record

The information which performs the name resolution from host name to IP is called the A

record. When creating an A record, click the [Save] button to finish.

When creating a reverse address record and selecting the option to automatically

create a forward address, manually creating the host again in the forward

address option is unnecessary.

Host Name (optional) Host name is assigned.

Domain Name Domain name is assigned.

IP Address IP address which corresponds to the host is assigned.

Adding a reverse address (PTR) record

The information which performs the name resolution from IP address to host name is called

the PTR record. Click the [Save] button after setting the items below.

IP Address IP address is assigned.

Subnet Mask Subnet mask is assigned.

Host Name (optional) Host name which corresponds to the IP address

is assigned.

Domain Name Domain name which corresponds to the IP

address is assigned.

Generate Forward Address (A)

Record

When selected, the forward address (A) record

is registered automatically.

Adding a mail server (MX) record

The mail server of the domain is assigned with an MX record in the DNS Server. Click the

[Save] button after setting the items below.

Host Name (optional) Host name of the mail server which processes the Email is

assigned. When left blank, it points Email to the domain only.

Domain Name Mail server that processes the domain address Email is

assigned.

Mail Server Name Mail server host and domain name is assigned.

Delivery Priority The delivery priority for when a group of mail servers exists for

the domain is assigned. The options [Very High (20)], [High

(30)], [Low (40)], and [Very Low (50)] are selected from the

drop down box.

Adding an alias (CNAME) record

The use of an alias makes it possible to define additional names for a host. For example, it is

possible to set multiple host names to one IP address. Alias information used for this

purpose is called the CNAME record. Click the [Save] button after setting the items below.

Alias Host Name Alias host name which is defined as an actual host name is

assigned.

Alias Domain Name Alias domain name which is defined as an actual domain name

is assigned.

Real Host Name

(optional)

Actual host name is assigned.

Real Domain Name Actual domain name is assigned.

Modifying settings

When the primary service is set, the table updates with the new information. Settings for

primary name server domains and networks can be modified after they have been added by

clicking on the icon.

The forward lookup list is displayed in the [Select Domain] drop down menu. The reverse

lookup list is displayed in the [Select Network] drop down menu. These options are not

displayed if there are no records registered.

The [Primary Service List] table items are listed below.

Query

This item displays the query contents made to the DNS server.

Record type

This item displays the type of record:

A (forward address record)

PTR (reverse address record)

MX (mail server record)

CNAME (alias record)

Response

This item displays the response of the DNS server to the corresponding query.

Action

Use the to manage or edit the record and the icon to delete a record.

Modify SOA

Each domain or network selected from the drop down box can have individual SOA settings.

The domain or network displayed in the table is the domain or network for which the SOA

settings can be modified. Click the [Modify SOA] button to get to the settings screen.

Settings listed here supersede default SOA settings.

Many of the item settings in this table are similar to the [Advanced] tab in the main [DNS

Settings] table. After completing the settings, click the [Save] button and then the [Apply

Changes Now] button to make them take effect.

Domain authority

The domain name is shown. It cannot be modified.

Primary name server (optional)

This assigns the primary name server for the domain.

Secondary name servers (optional)

This assigns the secondary name server(s) used for the domain. When multiple names are

assigned, enter one per line.

DNS administrator Email address

Enter the Email address of the DNS server manager. The default manager is “admin.” The

Email address listed here is released with queries to the DNS server.

Refresh interval (seconds)

This is the amount of time that goes by before the secondary name server checks the

modification of the zone file of the primary name server and renews it if necessary.

Retry interval (seconds)

In the event the secondary name server fails renewal from the primary name server, this is

the amount of time that goes by before the additional checks happen at the secondary server.

Expire interval (seconds)

This is the amount of time the record stays on the secondary name server if the primary

name server cannot be reached or the information is no longer available. Information not

updated after the specified time is deleted.

Time-to-live interval (seconds)

This is the amount of time the DNS information is cached on a secondary server.

Remove Records

When the [Remove Records] button is clicked, all records displayed in the current table are

deleted from the DNS Server. The [OK] button on the verification dialog box must be clicked

to make the changes permanent. To apply the changes to the server, click the [Apply

Changes Now] button.

Edit Records

To correct a DNS record, click on the icon to the right of the record.

The [DNS Modify Record] table appears with settings similar to the initial setup of the record.

For more information, see "3.7.3.2 DNS Settings." When the [Save] button is clicked, the

settings will update and the new record information will be shown in the table. Settings will

be saved to the server when the [Apply Changes Now] button is clicked.

Delete Records

To delete a specific record from the table click the icon. The [OK ] button on the

verification dialog box must be clicked to make the changes permanent. To apply the

changes to the server, click the [Apply Changes Now] button.

3.7.3.4 Setting of secondary service

To set the secondary name server for a domain, click the [Edit Secondary Services] button on

the main [DNS Settings] table.

Adding secondary service

This drop down menu adds a secondary service. There are options for domain and network

which can be managed by the secondary name server. When multiple secondary services

are added, repeat the operation below. Click the [Apply Changes Now] button to finish.

Changes to the DNS server will not take effect until the [Apply Changes Now]

button is click after records have been added or modified.

To add a secondary service for a domain, select […for a Domain] from the [Add Secondary

Service] drop down menu. The table below is displayed.

The item settings are shown below. Click the [Save] button to finish.

Domain name

Enter the domain name to be managed by the secondary name server.

Primary DNS server IP address

Enter the IP address of the primary name server in this field.

To add a secondary service for a network, select […for a Network] from the [Add Secondary

Service] drop down menu. The table below is displayed.

The item settings are shown below. Click the [Save] button to finish.

Network

Enter the IP network to be managed as the secondary name server.

Network subnet mask

Enter the subnet mask of the network.

Primary DNS server IP address

Enter the IP address of the primary name server of the network.

Modifying settings

When the secondary service is set, the table updates with the new information. Settings for

secondary name server domains and networks can be modified after they have been added

by clicking on the icon. After adding or modifying domains or networks in the list, the

[Apply Changes Now] button must be clicked to make the changes active.

Items from the [Secondary Service List] table are described below.

Secondary service

This column shows the domain name and the network name defined by secondary service.

Primary DNS server

This is the primary name server of the domain/network which provides the information for

secondary service.

Action

In order to manage a record, click the icon to modify or the icon to delete items

listed in the secondary service list.

Edit a secondary service

When the icon is clicked, the [Modify Secondary Service] table is shown in the client

browser and allows updating to all of the secondary name server fields. All of the settings

described above are available when modifying the secondary name service for a network or

domain. Click the [Save] button when finished. The [Secondary Service List] table is

updated, and it is necessary to click the [Apply Changes Now] button to activate the updates.

Delete Secondary Service

A secondary name service can be deleted by clicking the icon. The deletion must be

confirmed through an additional dialog box. Click the [OK] button and then the [Apply

Changes Now] button to update the server.

3.7.4 DHCP

Turbolinux Appliance Server can operate as a DHCP server. In this menu, the DHCP service

can be defined, started, and stopped.

3.7.4.1 DHCP server summary

For a computer which exists in a TCP/IP network, it is necessary to assign an IP address,

network mask, default gateway, and DNS server settings to the client itself. But when DHCP

(Dynamic Host Configuration Protocol) is enabled, the client can acquire these network

settings from the DHCP server.

By using network broadcasting, a client receives network information from the DHCP server

when starting up. The DHCP server transmits necessary information for the client to

participate in the network. This is the biggest advantage of the DHCP server; it automates

the network settings of the client. The client can only receive information from the DHCP

server when the service is started. When many clients exist in the network, it is not

necessary to enter the network settings on each one, and management of the network is

simplified. Additionally, if the network settings of the network change frequently, this is an

especially useful service.

3.7.4.2 DHCP Settings

The settings for the [DHCP Settings] table are shown below. After completing the settings,

click the [Save] button to update.

Enable server

Check or uncheck this box and then click the [Save] button to start or stop the DHCP service.

When another DHCP server exists on the network already, the DHCP server of

Turbolinux Appliance Server does not have to be started.

DHCP server of Turbolinux Appliance Server offers DHCP service through the

primary interface (eth0) only to a client on the same network.

Client domain name (optional)

Enter the domain name which the client(s) will use for name resolution.

Client DNS addresses (optional)

Enter the IP address(es) of the DNS server(s) which will be sent to the client.

Client subnet mask (optional)

Enter the subnet mask which will be sent to the client.

Client default gateway (optional)

Enter the IP address of the default gateway which will be sent to the client.

Maximum lease time (seconds)

Enter the maximum lease time for the IP address in seconds. In other words, the server can

change the IP address of the client when this time limit is reached. The default is 86400

seconds (24 hours).

Modify Address Assignments

Click the [Modify Address Assignments] button to see the IP address assigned to each client.

The [Dynamic Address Assignment List] and [Static Address Assignment List] tables are

displayed.

The [Dynamic Address Assignment List] displays the range of IP addresses assigned to

clients. Click the [Add] button to display the [Add New Dynamic Address Assignment] table

below.

The settings for the [Add New Dynamic Address Assignment] table are shown below.

IP address range (from)

Enter the starting point of the IP address range which the DHCP server allots to the clients.

For example, enter 192.168.0.100 if the range will be from 192.168.0.100 to 192.168.0.200.

IP address range (to)

Enter the ending point of the IP address range which the DHCP server allots to the clients.

For example, enter 192.168.0.200 if the range will be from 192.168.0.100 to 192.168.0.200.

After completing the settings, click the [Save] button to update the settings.

In the [Static Address Assignment List], the DHCP server can allocate a particular IP address

to a client MAC address. Click the [Add] button to display the [Add New Static Address

Assignment] table below.

The settings for the [Add New Static Address Assignment] table are shown below.

IP address

Enter the IP address which is assigned to the client whose MAC address is entered below.

MAC address

The IP address above will be assigned to the network card with the MAC address entered

here.

3.7.5 SNMP

Turbolinux Appliance Server can operate as an SNMP agent. In this menu, the SNMP

service can be defined, started, and stopped.

3.7.5.1 SNMP summary

SNMP (Simple Network Management Protocol) is the management protocol of the network

equipment. It requires an SNMP agent on the side which is managed and an SNMP

manager on the management side. Many network devices such as routers and switching

hubs use SNMP. When operating Turbolinux Appliance Server as an SNMP agent, it is

possible to verify the system information of CPU activity. This is done through monitoring

CPU performance ratio, memory activity ratio, the network traffic, etc. An optional SNMP

manager acquires this information periodically. MRTG is a free and well-known SNMP

manager.

3.7.5.2 SNMP Settings

The item settings of the [SNMP Settings] table are shown below. Click the [Save] button

when finished to apply and review the settings.

Enable server

Check or uncheck this box to enable and start or disable and stop the SNMP server.

Read only SNMP community (optional)

Enter the community name which is permitted to read information from the server. This is

necessary for the SNMP manager agent to read information from the server.

The default name is public, but because the community name is also the

password, it is recommended that this name be changed when activating the

server.

Read and write SNMP community (optional)

Enter the community name which is permitted to read/write information from/to the server.

This is necessary for the SNMP manager agent to read and write SNMP information from/to

the server.

The default name is private, but because the community name is also the

password, it is recommended that this name be changed when activating the

server.

3.7.6 Shell

It is possible to operate Turbolinux Appliance Server as a telnet server and a SSH server.

Telnet is the remote login system which was more commonly used several years ago. Telnet,

does not encode all data, including ID and password, in order to communicate on the network.

When used with the Internet, there is a real security limitation due to hacking attempts.

Therefore telnet should not be used in an environment which connects to the Internet directly.

SSH (Secure Shell) has become more widely used. SSH encodes all data, including

passwords. This is a much safer connection than telnet. The settings here allow telnet and

SSH to be started and stopped if the general users have access to the service.

None of the system settings should be controlled through the shell. The ATOM

Server Desktop controls all of the operations of the Turbolinux Appliance Server

and maintains those settings in a database which supersedes settings made

through the shell.

The SSH and the telnet server of Turbolinux Appliance Server prohibit logging in

as the root user. After logging in as a regular user, enter “su” to get to the root if

it is permitted.

The SSH server of Turbolinux Appliance Server is accessed from the client

system. Linux/Unix command line arguments can be used.

The item settings of the [Shell] table are shown below. Click the [Save] button when finished

to apply and review the settings.

Permit regular user login

When this option is selected, the general user of Turbolinux Appliance Server can log in to

their home directory. When this option is disabled, only the server administrator(s) can log in

and other users are blocked from this service.

Telnet settings

The telnet service is disabled by default and users cannot access Turbolinux Appliance

Server through the telnet service. To enable telnet, select this option.

Enable SSH server

The SSH service is enabled by default. If it is not necessary to access Turbolinux Appliance

Server by remote login with an SSH client, uncheck this option.

3.8 Security

3.8.1 Basic Firewall

Turbolinux Appliance Server does packet filtering through its Basic Firewall function.

The Basic Firewall function is recommended for an advanced user with

knowledge of TCP/IP networking. It is not recommended for beginner users to

modify these settings.

The Basic Firewall function utilizes a service of the Linux 2.4 kernel called

NetFilter which Turbolinux Appliance Server has adopted. Since the NetFilter

management tool uses iptables commands, there are times it is referred to as

“iptables.”

3.8.1.1 Packet filtering summary

When network communications are established between a client and server, the client makes

a request to the server. The IP address of the client and the port number of the request are

included in the IP packet header for the transmission. The port number of the client is not

fixed and is a random number (usually 1024 - 65535). The port number used for the server is

below that (usually 0 – 1023). Each service is assigned a port number. Typical ports to be

forwarded are shown below.

Protocol Port Number Service

TCP 21 FTP

TCP 22 SSH

TCP 23 TELNET

TCP 25 SMTP

TCP 80 HTTP

TCP 110 POP3

TCP 143 IMAP

TCP & UDP 53 DNS

UDP 69 TFTP

UDP 123 NTP

Port forwarding is the mechanism by which processing is chosen for an IP packet based on

the information in the header, namely IP address and port number. Through the input

(INPUT), forward (FORWARD), or output (OUTPUT) tables, process decides whether the

packet passes to and from the network interfaces and is allowed (ACCEPT) or denied

(DENY) permission based on user created rules. Using the Basic Firewall function of

Turbolinux Appliance Server, it is possible to edit these rules through the ATOM Server

Desktop.

Before defining packet filtering rules, it is necessary to understand the route of a packet. The

following rough sketch is a conceptual drawing of the route a packet takes.

The kernel uses three rule lists in order to accomplish packet filtering. These are called the

INPUT, FORWARD, and OUTPUT chains.

INPUT chain

When a packet enters the network interface, the kernel refers it to its destination. This is

referred to as routing. If the destination of the packet is for a process on the local host, the

packet enters the INPUT chain. The packet never goes to the FORWARD chain. The packet

is processed according to the rules of the INPUT chain. If it passes without being denied, the

packet is passed to the local process waiting for it.

FORWARD chain

The packet which is used for relaying to a host enters the FORWARD chain. It is processed

with the rules from the FORWARD chain. When the packet is not destined for a host or when

the destination is unclear, the packet is denied. If it passes without being denied, the packet

is sent out over the other network interface.

OUTPUT chain

The packet which is sent out from a process on the local host enters the OUTPUT chain. It is

processed with the rules from the OUTPUT chain. If it passes without being denied, the

packet is sent out.

Default policy

Several rules can be defined for each chain. Each packet is inspected to determine whether

or not the packet applies to any of the rules. If there is no filtering rule defined for a particular

packet, it is processed using the default policy of each chain. There are two options for

default policies:

ACCEPT – Allows any packet which does not match a rule to pass

DENY – Denies any packet which does not match a rule from passing

Neither is necessarily right for any situation. Use the former to allow all packets, but it may

cause security issues. The latter is better for security, but may block legitimate requests.

However, if security is a concern, it is best to leave the default setting to DENY.

3.8.1.2 Firewall Settings

The [Firewall Settings] table allows the Basic Firewall service to be turned on or off and select

additional functions.

Select Section

Use the [Select Section…] drop down menu at the top of the table to choose which table to

access. The options of the [Select Section…] menu are listed below.

Firewall Settings The Basic Firewall function can be enabled or disabled on

this table. This table is displayed by default.

Input Rule Chain This table displays the input (INPUT) rule chain.

Forward Rule Chain This table displays the forwarding (FORWARD) rule chain.

Output Rule Chain This table displays the output (OUTPUT) rule chain.

Enable Firewall

The Basic Firewall is enabled by default. To stop or start the firewall, uncheck or check this

box and click the [Save] button.

Modifying the application

When editing the settings of the Basic Firewall, the settings are not directly applied to the

firewall in the middle of the procedure. If each rule was applied instantaneously, there is a

possibility that the system may become insecure or inaccessible. After completing all of the

firewall settings, it is necessary to click the [Apply Changes Now] button to update the rule

chain. When changes are made to the Basic Firewall, this button appears.

When the firewall settings are made incorrectly by the sever manager, there is a

possibility of it not being able to access Turbolinux Appliance Server. When the

web browser session of the administrator is cut off for more than 60 seconds, the

safeguard function of Turbolinux Appliance Server is enabled and the firewall

rules will revert to their previous state.

3.8.1.3 Displaying the rules

To display the firewall rules, select the rule chain to view on the [Firewall Settings] table from

the [Select Section…] drop down menu. The table updates to display the rule selected.

Input Rules

Forwarding Rules

Output Rules

The rules set for that chain are displayed in each table. When no rule is set, nothing is

displayed. Since each table only displays 25 entries, additional pages can be selected from a

drop down menu at the top of the table if the number of rules exceeds 25.

The packets are inspected in order starting with the first rule and are accepted or denied to

pass. When there are no filtering rules, the packet is processed with the default policy of the

chain.

3.8.1.4 Setting the default policy

To set the default policy of each chain, select the policy from the drop down menu at the

bottom of each chain table. The options for the menu are listed below.

Accept Allows any packet which does not match a rule to pass.

Deny Denies any packet which does not match a rule from passing.

The default setting of Turbolinux Appliance Server is for the INPUT, FORWARD,

and OUTPUT chains to ACCEPT. When the INPUT chain is changed to DENY,

the default settings allow typical services to pass.

After completing the settings, click the [Save] button to update and refresh the table.

However, the rules will not be applied to the firewall until the [Apply Changes Now] button is

clicked.

3.8.1.5 Adding a rule

Each rule table has an [Add] button for creating new rules for that chain. The [Add New

Firewall Rule] table is displayed.

The settings for the [Add New Rule] table are shown below. After completing the settings,

click the [Save] button to update and refresh the table. However, the rules will not be applied

to the firewall until the [Apply Changes Now] button is clicked.

Source IP address (low and high)

Enter the range of original IP addresses for the packet filtering. Enter the lower number into

the [Source IP Address (Low)] field and the higher number into the [Source IP Address

(High)] field.

When both fields are blank, transmission from any IP address is allowed.

Source port number(s)

Enter the original port range for the packet filtering.

When both fields are blank, transmission from any port is allowed.

Destination IP address (low and high)

Enter the acceptable range of IP addresses that can use the service for the packet filtering.

Enter the lower number into the [Destination IP Address (Low)] field and the higher number

into the [Destination IP Address (High)] field.

When both fields are blank, transmission to any IP address is allowed.

Destination port number(s)

Enter the destination port range for the packet filtering.

When both fields are blank, transmission to any port is allowed.

Network protocol

Select the network protocol used for filtering from the drop down menu. Any of the following

selections may be used:

Any network protocol

TCP

UDP

ICMP

IPIP

Encap

gre

esp

ah

Network interface

The network interface which will be applied to the packet filtering is selected from the drop

down menu. Any of the following selections may be used:

Any network interface

Primary Ethernet interface

Secondary Ethernet interface

Auxiliary Ethernet interface

PPP dial-up interface

Policy

The policy which will be applied to this rule is selected from the drop down menu. Below is a

list of the options:

Accept Allows a packet which matches the rule to pass.

Deny Denies a packet which matches the rule from passing.

Reject Denies a packet which matches the rule from passing but returns a

“port-unreachable” message to the original sender over ICMP.

3.8.1.6 Editing a rule

To modify a rule in a chain, click the icon for the corresponding rule to be edited. The

[Modify Rule] table is displayed. Settings are similar to the [Add New Firewall Rule] table.

For detail, refer to “3.8.1.5 Adding a rule.”

3.8.1.7 Editing rule order

Several rules can be defined for each chain. The packet is investigated to determine if it

matches a rule or rules in the chains and, when a match is made, the applicable rule or rules

are applied to the packet: ACCEPT, DENY, or REJECT. When no rule can be found for a

packet, the default rule for the chain is applied.

The rules are applied in the order they are listed. To change the order, enter the new order

numbers in the [Order] field corresponding to the rules to be changed.

For example, if you want the 10th rule to be moved to the 7th place in the table, enter 7 in the

[Order] field where the 10 is and click the [Save] button. The rule is moved into the 7th place.

To renumber the rules below, put 8 in the rule that should now be 8th and 9 in the rule that

should now be 9th. The new order will not take effect until the [Apply Changes Now] button is

clicked.

3.8.1.8 Deleting a rule

Click the icon next to a rule to remove it from the chain. The rule is removed from the

table, but the updated chain will not take effect until the [Apply Changes Now] button is

clicked.

3.8.2 Point-to-Point VPN

It is possible to use Turbolinux Appliance Server to create a VPN (Virtual Private Network).

An encoded tunnel is created over a public network to connect two Turbolinux Appliance

Servers.

To enable Point-to-Point VPN, it is necessary to add settings to the Basic

Firewall. In Turbolinux Appliance Server, both ends of the VPN must have UDP

port 500 and ESP protocol set to ACCEPT as a rule on the INPUT chain. In

addition, if the OUTPUT default rule is set to DENY, a rule must be added to

ACCEPT these packets.

3.8.2.1 VPN summary

VPN is a technology which uses a public circuit (i.e. the Internet) to create a network which

responds like a dedicated—or leased—circuit. The packets exchanged between the

computers are encoded in the header of the packet so the information passes virtually from

one system to the other by a route which is not accessible to any other system. This virtual

route is called a tunnel. The systems on both ends of the network can communicate with

each other but are protected from the outside.

3.8.2.2 Tunnel List

The [Tunnel List] table is where tunnels are added, deleted, and disabled. The list of tunnels

is displayed in the table.

Name

This item shows name of the tunnel.

Status

The state of each tunnel is indicated by one of the icons listed below.

The tunnel is enabled and functioning normally.

The tunnel is disabled.

The tunnel is enabled, but a problem exists. It is indicated with a

warning message, “Point-to-Point VPN will not load one or more of the

tunnels associated with this item.”

Action

To perform an action on a tunnel already created, click the icon to modify a tunnel or

icon to remove a tunnel.

3.8.2.3 Add a tunnel

Click the [Add] button in the [Tunnel List] table to display the [Add a Tunnel] table shown

below.

The item settings of the [Add a Tunnel] table are shown below. Click the [Save] button when

finished to apply and return to the [Tunnel List] table.

Connection

Select the link establishment rule from the drop down menu. The options are:

Disable this tunnel

We start the connection

The other end starts the connection

Name

Enter the name of the tunnel.

Connection profile

Select the profile defined beforehand which has the settings for encryption already completed.

When Point-to-Point VPN is used between Turbolinux Appliance Servers, the [PROFILE]

option is selected. When new profiles are created in order to connect to other equipment,

refer to “3.8.2.7 Profile List.” In addition, refer to the manual of the other piece(s) of

equipment.

Remote Point-to-Point VPN host

Enter the IP address of the remote host to which the VPN will connect.

Remote host’s gateway

Enter the default gateway address of the remote host to which the VPN will connect.

Remote subnet (optional)

Enter the starting subnet IP of the remote host to which the VPN will connect.

Remote netmask (optional)

Enter the subnet mask of the remote host to which the VPN will connect.

Keying type

Select which type of key will be exchanged when encrypting and certifying the connection

from the options below.

Automatic Keying with

RSA Authentication

It is necessary to exchange an RSA key with a remote host to

complete the tunnel. When this option is selected, use a safe

connection to retrieve the RSA key from the remote host and

enter the key information into the appropriate field. The RSA

public key of Turbolinux Appliance Server can be retrieved by

clicking the [View Local Information] button and then the [Open

Key Window] button. For details, refer to “3.8.2.6 View Local

Host Information.”

Automatic Keying with

Shared Secrets

It is necessary to exchange an RSA key with a remote host to

complete the tunnel. When this option is selected, a shared

secret pass phrase is entered into both endpoints of the tunnel

in addition to the RSA key. The shared secret is decided in

advance and entered into the appropriate field. Double-quotes

(“) and Returns are not allowed in this field. The RSA public

key of Turbolinux Appliance Server can be retrieved by

clicking the [View Local Information] button and then the [Open

Key Window] button. For details, refer to “3.8.2.6 View Local

Host Information.”

Comment (optional)

Enter any comments for the connection if necessary.

3.8.2.4 Deleting a tunnel

To remove a tunnel, click the icon in the [Tunnel List] table for the corresponding tunnel.

Click the [OK] button on the verification dialog box that appears. The [Tunnel List] table is

refreshed with the deleted tunnel removed from the list.

3.8.2.5 Modify a Tunnel

To modify a tunnel, click the icon in the [Tunnel List] table for the corresponding tunnel.

The [Modify a Tunnel] table is displayed below.

The settings of the [Modify a Tunnel] table are similar to the settings on the [Add a Tunnel]

table. For details, refer to “3.8.2.3 Add a Tunnel.”

3.8.2.6 View Local Host Information

When a tunnel is created, there is information necessary to exchange in advance with a

remote host. In Turbolinux Appliance Server, there is a function which allows the system

manager to view the local host information which will be given to the remote host. On the top

of the [Tunnel List] table, click the [Local Host Information] button. The [Local Host

Information] table is displayed below.

The [Local Host Information] table items are shown below.

Local IP address

This item displays the IP address of the local host

Local subnet

This item displays the subnet of the local host

Local subnet mask

This item displays the subnet mask of the local host

Local host RSA public key

When the [Open Key Window] button is clicked, the [Local RSA Key] window is displayed to

view and verify the RSA public key.

When automatic keying with a shared secret is utilized and security is a priority, it

is not recommended to use Email to transmit the information as it is not encoded

and the potential for security breach is increased. When it is important to control

the security, consider using a floppy disk or other method of transferring

information to the remote host location.

3.8.2.7 Profile List

On the top of the [Tunnel List] table, click the [Manage Connection Profiles] button. The

[Profile List] table is displayed below.

Before creating a tunnel, the method of encoding, such as the key exchange procedures and

key certification, can be defined. This is called an SA (Security Association). When

continuing to use the same cipher keys, the danger of a security breach increases. So the

life of the SA is limited and set to renew at specific intervals. This is called re-keying. With

the [Profile List] table, it is possible to set up and retain a method for encoding and certifying

new connections for these procedures.

3.8.2.8 Add a Profile

Click the [Add] button at the top of the [Profile List] table to display the [Add a Profile] table

below.

The settings for the [Add a Profile] table are shown below. After completing the settings, click

the [Save] buttton to update the profile and return to the [Profile List] table.

Name

Enter the name of the profile.

Comment (optional)

If necessary, enter any comments for the new profile.

Allow automatic keying with RSA authentication

Check this box if the tunnel used with this profile will allow automatic keying with RSA

authentication.

Allow automatic keying with shared secrets

Check this box if the tunnel used with this profile will allow automatic keying with shared

secrets.

Authentication protocol

Select [AH] or [ESP] from the drop down menu. AH (Authentication Header) uses

certification in the header but does not encode the protocol. Select [AH] when using

independent authentication. ESP (Encapsulating Security Payload) encodes the protocol for

certification. Select [ESP] when authenticating as a part of ESP.

PFS (Perfect Forward Security)

Check this box when using PFS (Perfect Forward Security). When PFS is used, the key

used in the certification group is guaranteed not to be a part of any other key.

Key lifetime

Enter the time interval before re-keying is done.

Re-keying delay

Enter the time interval before re-keying after the SA lapses.

Random re-keying delay percent

Enter the maximum random rate in percent unit for the re-keying interval. The interval for rekeying

fluctuates in the range designated here. For a host with multiple connections, this

specification increases security.

Keying attempts

Enter the number of re-keying attempts before the connection fails.

Keying channel lifetime

Enter the length of time for each key to try to connect.

3.8.2.9 Deleting a profile

To remove a profile, click the icon on the [Profile List] table for the corresponding profile.

Click the [OK] button on the verification dialog box to complete the action. The [Profile List]

table is refreshed with the profile removed.

It is not possible to delete the profile named PROFILE used with Point-to-Point

VPN between Turbolinux Appliance Servers.

3.8.2.10 Modifying a profile

To modify a profile, click the icon in the [Profile List] table for the corresponding tunnel.

The [Modify a Profile] table is displayed below.

The settings for the [Modify a Profile] table are similar to the [Add a Profile] table. For details,

refer to “3.8.2.8 Add a Profile.”

It is not possible to modify the profile named PROFILE used with Point-to-Point

VPN between Turbolinux Appliance Servers.

3.8.3 Remote Access VPN

Turbolinux Appliance Server supports PPTP (Point-to-Point Tunneling Protocol) which allows

remote client access. The service makes it possible for a user to access the VPN through a

Windows 2000 or Windows XP client from home or on the LAN.

To enable Remote Access VPN, it is necessary to add settings to the Basic

Firewall. TCP port 1723 and GRE protocol are set to ACCEPT as a rule on the

INPUT chain in Turbolinux Appliance Server. Because there are no ports in

GRE, it is not necessary to enter a port number for this protocol. In addition, if

the OUTPUT default rule is set to DENY, a rule must be added to ACCEPT these

packets.

3.8.3.1 Remote Access Settings

The settings for the [Remote Access Settings] table are shown below.

Access

Select the users which are permitted to access the system with PPTP. The options are

shown below.

Do Not Allow Access To

Any User

PPTP access is not allowed for any user of Turbolinux

Appliance Server.

Allow Access To All Users PPTP access is granted to all users of Turbolinux

Appliance Server.

Allow Access To Specified

Users Only

The user(s) granted access to PPTP is displayed on the

left under [Users Allowed Access]. The users not

allowed to access PPTP are displayed on the right

under [Users Not Allowed Access]. Use the and

icons to move users between the two fields.

Client DNS addresses (optional)

If necessary, enter the IP address of the local DNS server. It will be notified of the client

attempting remote access.

Client WINS addresses (optional)

If necessary, enter the IP address of the local WINS server. It will be notified of the client

attempting remote access. The WINS server will then be able to offer Windows name

resolution for the remote hosts, as requested by the client(s).

Next, it is necessary to set the range of IP addresses that can be assigned to a remote

access client. Click the [Modify Remote Address Assignments] to display the [Remote

Address Assignment List] table.

Click the [Add] button. The [Create Remote Address Assignment Range] table is displayed.

The settings for the [Create Remote Address Assignment Range] table are shown below.

IP address range (from)

Enter the starting IP address for the range allotted to remote access clients. From this IP to

the IP entered below will comprise the acceptable range of IP addresses.

IP address range (to)

Enter the ending IP address for the range allotted to remote access clients. To this IP from

the IP entered above will comprise the acceptable range of IP addresses.

The IP addresses allotted to the remote access clients are generally on the same

subnet as the primary LAN interface (eth0). When the DHCP server is used to

transmit IP address information to a local client, it is important that this range not

overlap with the range defined in DHCP.

After completing the settings, click the [Save] button.

The updated range is displayed in the [Remote Address Assignment List] table. Click the

[Back] button to return to the [Remote Access Settings] table.

Click the [Save] button. When allowing access to a user or group of users, the [Notice] below

is displayed.

It is necessary for each user accessing the PPTP service on Turbolinux Appliance Server

through a PPTP client to set the PPTP connection password individually. In this table, the

administrator selects whether or not to transmit an Email notifying each user of this procedure.

To transmit the message, click the [Yes] button. To skip this message, click the [No] button.

After this, setting up PPTP on the server is complete. For details on setting up the client,

refer to “3.8.3.2 Setting up a Remote Access Client.”

3.8.3.2 Setting up a Remote Access Client

A user who has been allowed to use the remote access VPN must set the password for the

VPN connection. When the user accesses the ATOM Server Desktop, the [Remote Access]

menu can be selected from the [Personal Profile] tab and the table below is displayed.

Enter the password used to access the PPTP server of Turbolinux Appliance Server in the

[Secret Passphrase] fields and click the [Save] button.

The password for remote access VPN on Turbolinux Appliance Server must be

entered twice to prevent mistakes.

After setting the password, the user will be able to connect to the PPTP server of Turbolinux

Appliance Server through a PPTP client using Windows 2000 or Windows XP. As an

example, the steps for Windows 2000 are shown below.

The PPTP server of Turbolinux Appliance Server uses MS-CHAP v2 for the

certification method by default with a 128-bit encryption key. Prior to Windows

2000 Service Pack 3, 128-bit keys are not supported. When using Windows

2000, it is necessary to apply Service Pack 3 or later.

1. In the [Network and Dial-Up Connection] control panel, select [Add New Connection].

The [New Connection Wizard] is displayed.

Click the [Next] button.

2. The [Network Connection Type] window is displayed.

Select [Connect to the network at my workplace] and click the [Next] button. After that,

complete the settings corresponding to the network to be connected to, entering the host

name or IP address of the Turbolinux Appliance Server and the connection name.

3. When the settings are completed, the PPTP server [Connect] window is displayed.

Enter the user name and password which were set in the ATOM Server Desktop for the

PPTP connection to the Turbolinux Appliance Server.

3.9 System

With the [System] menu item, Turbolinux Appliance Server can be rebooted or shut down and

the date and time can be set.

Click the [System] menu on the left side under the [Administration] tab to display the [System]

options. The following sub menu is displayed:

Power

Time

Information

3.9.1 Power

When the [Power] option is selected from the menu on the left, it is possible to reboot or to

shut down the Turbolinux Appliance Server system.

Reboot now

When this button is clicked, a dialog box appears to verify the reboot action. Clicking the

[OK] button begins the reboot procedure on the server.

Shutdown now

When this button is clicked, a dialog box appears to verify the shutdown action. Clicking the

[OK] button begins the shutdown and power-off procedure on the server.

3.9.2 Time

The time and date of the Turbolinux Appliance Server can be set through this menu item.

Clicking the [Time] menu item displays the following table.

The [Time Setting] table items are shown below. After completing the settings, click the

[Save] button to update the time settings and refresh the table.

Date and time

The system date and time can be set by selecting the appropriate drop down menus.

Time zone

The time zone for the system can be set by selecting drop down menus for the continent,

country, and time zone. For example, when Japan standard time is used, select [Asia] from

the continent drop down menu, then select [Japan] from the country drop down menu, and

the Japan standard time is updated automatically.

NTP server address (optional)

By accessing an NTP server, Turbolinux Appliance Server can automatically update its date

and time to match. Enter a host name or IP address into this field. When an NTP server is

not used, it is not necessary to enter anything into this field.

3.9.3 Information

The [Information] option on the menu displays system information pertaining to Turbolinux

Appliance Server. Click the [Information] option on the menu to display the following table.

The [System Information] table items are described below.

Product name

This field displays the product name of Turbolinux Appliance Server.

Serial number

This field displays the serial number of Turbolinux Appliance Server.

Primary interface MAC address

This field displays the MAC address of the primary interface (eth0).

Secondary interface MAC address

This field displays the MAC address of the secondary interface (eth1).

Auxiliary interface MAC address

This field displays the MAC address of the auxiliary interface (eth2).

Hard disk size (GB)

This field displays the hard drive capacity which is installed in the system.

Memory size (MB)

This field displays the memory which is installed in the system.

Product info web site

This button displays the Turbolinux home page.

3.10 Maintenance

With the [Maintenance] menu item, backup and restore functions of Turbolinux Appliance

Server are controlled.

Click the [Maintenance] menu on the left side under the [Administration] tab to display the

[Maintenance] options. The following sub menu is displayed:

Backup

Restore

3.10.1 Backup

When the [Backup] menu item is selected, the settings regarding the backup of the data on

Turbolinux Appliance Server are made. The system manager should backup the data

periodically, thus preventing data loss due to operational error. It is possible to perform a full

backup or incremental backups on a schedule with the backup function of Turbolinux

Appliance Server.

3.10.1.1 Add Scheduled Backup

Click [Backup] from the menu on the left side of the screen to display the [Scheduled Backup

List] table.

When a scheduled backup is created, it appears on the [Scheduled Backup List] table.

To add a new scheduled backup, click the [Add] button on the [Scheduled Backup List] table.

The [Add Scheduled Backup] table is displayed.

The settings of the [Add Scheduled Backup] table are shown below. After completing the

settings, click the [Save] button to update the [Scheduled Backup List] table.

Backup name

Enter the name of the scheduled backup using letters and numbers only.

The backup name must be unique. Enter a name which differs from any existing

backup jobs.

Files to backup

This option defines whether the backup is of all files or only ones modified within a certain

timeframe. Select [All Files], [All Files Modified in the Last 31 Days], [All Files Modified in the

Last 14 Days], [All Files Modified in the Last 7 Days], [All Files Modified in the Last 2 Days],

or [All Files Modified in the Last 1 Day] from the drop down menu.

Method of backup

It is possible to select the backup method from the three options below. For details, please

refer to "3.10.1.2 Backup location.”

Windows file sharing (SMB)

File Transfer Protocol (FTP)

Network File System (NFS)

Backup Interval

Choose the frequency of the backup job. From the drop down menu, select [Backup

Immediately Only Once] to start a backup job, [Backup Once Per Day] to run the job every

midnight, [Backup Once Per Week] to run it at 12 midnight every Saturday, or [Backup Once

Per Month] to run it at 12 midnight starting the day the job is defined.

3.10.1.2 Backup location

The location to send the backup must be defined in the [Add Scheduled Backup] table.

There are options and settings for sending the backup to [Windows File Sharing (SMB)], [File

Transfer Protocol (FTP)], and [Network File System (NFS)].

To create a backup, there must be sufficient space and access to the place

where the backup will be sent. If the entries are not made correctly, the backup

will fail.

The backup location must consist of English letters and numbers only.

The settings for each backup location are shown below.

Windows File Sharing (SMB)

Use this option to save the backup data in a Windows share. The settings are listed below.

Location Enter the directory for the Windows share in the following format:

\\servername\sharename\directory1\directory2...

User Name Enter the user name which has permission to the shared directory.

Password Enter the password of the user.

File Transfer Protocol (FTP)

Use this option to save the backup data to an FTP server. The settings are listed below.

Location Enter the FTP server information in the following format:

Servername/directory1/directory2...

User Name Enter the user name which has permission to the shared directory.

Password Enter the password of the user.

When FTP server is used, the hard disk of Turbolinux Appliance Server must

have at least 1GB of space available in the /home directory. This is because

data is retained on the hard disk of Turbolinux Appliance Server during the

transfer process.

Network File System (NFS)

Use this option to save the backup data to an NFS server. The settings are listed below.

Location Enter the NFS server information in the following format:

Servername/directory1/directory2...

3.10.1.3 Deleting a scheduled backup

To remove a scheduled backup, click the icon on the [Scheduled Backup List] table

corresponding to the backup job to be deleted. Click the [OK] button on the verification dialog

box. The [Scheduled Backup List] table is refreshed with the backup job removed.

3.10.1.4 Scheduled Backup Details

To display the details of a backup job, click the icon on the [Scheduled Backup List] table

corresponding to the backup job to be reviewed. The [Scheduled Backup Details] table is

displayed.

Click the [Back] button to return to the [Scheduled Backup List] table. Click the [Remove]

button to display the verification dialog box and remove the backup job.

3.10.1.5 Backup data directory name

When the backup job is executed, the time appointed for the backup to start in the [Add

Scheduled Backup] table is the name of the directory created for the backup files. The

directory name is made up of the year, month, day, and time in which the backup job starts.

For example, the directory named 20040201234510 refers to a backup started 2004

February 1st at 23:45 and 10 seconds. The backup data and files are stored in that directory.

3.10.2 Restore

The [Restore] menu allows data from a backup job to be reconstructed. For details on

backup, refer to “3.10.1 Backup.”

After resetting the system to factory defaults, it may be necessary to restore files.

3.10.2.1 Restoration from historical backup

When [Restore] is clicked on the menu on the left, the [Backup File List] table is displayed.

The table lists all past completed backups.

Backup name

This item displays the name defined in the backup job.

Backup started

This item displays when the backup job was started in [Day, Month, Year, Time].

Status

This item displays if the backup job has ended normally or is still running.

Action

Three icons for backup record management are displayed.

Displays details of the backup job.

Restores the backup data.

Removes the record of the past backup.

To restore a past backup, click the icon. The [Restore a Backup] table is displayed.

If a backup job is listed as currently running, the [Restore a Backup] icon is

grayed out and cannot be clicked.

The following information regarding the past backup is displayed. After completing the

settings, click the [Restore] button.

Backup name

This item displays the name defined in the backup job.

Backup started

This item displays when the backup job was started in [Day, Month, Year, Time].

Destination

This item displays the path of the sever name and backup directory where the backup files

are located.

Location to restore files

Choose the restore location for the files. Select [Restore to restore fileshare] or [Replace

existing files] from the drop down menu. The [Restore to restore fileshare] option places all

of the restored files in the /home/groups/restore/(backupdirectory) folder. The [Replace

existing files] option will overwrite any file on the system with the same name as the file being

restored.

[Restore to restore fileshare] also allows individual files to be selected manually

for restore.

When [Replace existing files] is selected, the file system will be restored

automatically.

Make sure not to do any administrative work on Turbolinux Appliance Server

while data is restoring. Also, if a restore process is cancelled, some data may be

destroyed.

3.10.2.2 Manual Restore From Directory

When restoring a backup manually, it is necessary to first mount the share where the backup

data exists or copy the backup file to the local hard disk of Turbolinux Appliance Server.

Click the [Restore Manually] button on top of the [Backup File List] to display the [Manual

Restore From Directory] table.

The settings for the [Manual Restore From Directory] table are shown below. After

completing the settings, click the [Restore] button.

Directory

Enter the path for the local directory which is the location of the backup files. When the

backup file exists in a share, be sure to enter the backup directory after the share name.

Location to restore files

Choose the restore location for the files. Select [Restore to restore fileshare] or [Replace

existing files] from the drop down menu. The [Restore to restore fileshare] option places all

of the restored files in the /home/groups/restore/(backupdirectory) folder. The [Replace

existing files] option will overwrite any file on the system with the same name as the file being

restored.

When [Replace existing files] is selected, the file system will be restored

automatically.

Make sure not to do any administrative work on Turbolinux Appliance Server

while data is restoring. Also, if a restore process is cancelled, some data may be

destroyed.

3.10.2.3 Deleting a historical backup record

To remove a record of a backup, click the icon on the [Backup File List] table

corresponding to the backup record to be deleted. Click the [OK] button on the verification

dialog box. The [Backup File List] table is refreshed with the backup job removed.

The record is removed, but the backup data itself is not deleted.

3.10.2.4 History Item Details

To display the details of a backup record, click the icon on the [Backup File List] table

corresponding to the backup job to be reviewed. The [History Item Details] table is displayed.

Click the [Back] button to return to the [Backup File List] table. Click the [Restore] button to

display the [Restore a Backup] table. Click the [Remove] button to display the verification

dialog box and remove the backup record.

3.11 Usage information

In the [Usage Information] menu, statistics regarding the Turbolinux Appliance Server web

service, disk usage, and network statistics are displayed. Usage information can be

accessed under the [Server Management] tab. Reports can be created based on the

following options.

Web

Disk

Network

3.11.1 Web

The environmental data for the web server usage can be displayed for the server. Click the

[Web] sub menu under [Usage Information] in the menu on the left side to display the [Web

Usage – Summary] table.

Select Statistics

From the [Select Statistics…] drop down menu, it is possible to select various data to display.

By default, the [Web Usage - Summary] table is displayed.

Summary

When the [Summary] option is selected, the table displays the items as shown below.

Usage Last Checked Day and time when the report was created

Report Coverage Period

(From)

Start day and time of statistics

Report Coverage Period

(To)

End day and time of statistics

Total Number of Requests Total number of requests to the web service on Turbolinux

Appliance Server

Number of Bad Requests Number of error requests which could not be processed

normally through the web server

Number of Unique

Computers Making

Requests

Number of individual clients requesting web service

(without repetition) on Turbolinux Appliance Server

Number of Unique Pages

Requested

Number of individual pages requested (without repetition)

on Turbolinux Appliance Server

Number of Unique Referring

Pages

Number of referring pages to the web server (without

repetition) on Turbolinux Appliance Server

Number of Bytes

Downloaded

Number of bytes of data which were throughput by the

web server

Most Active Requestors

This page displays information regarding the hosts which access the Turbolinux Appliance

Server. The table displays the items below.

Requester Name The host names of the systems accessing Turbolinux

Appliance Server the most

Requests The number of requests made by those hosts

Referrer The referring web page

Most Requested Pages

This page displays information regarding the web pages most frequently requested from

Turbolinux Appliance Server. The table displays the items below.

Page The page names most requested on Turbolinux

Appliance Server

Requests The number of requests for those pages

Most Frequent Referring Pages

This page displays information regarding referring pages most frequently logged by

Turbolinux Appliance Server. The table displays the items below.

Referrer The page names referring the most to Turbolinux

Appliance Server

Requests The number of hits from those referrals

Hourly Requests

This page displays the number of requests in every hour graphically. On the left, the graph

starts at time [00] and extends to [23] on the right. The number of requests per hour is

displayed below the bar graphs.

Daily Requests

This page displays the number of requests per day. The table displays the items below.

Date Displays a date

Requests The number of requests for those dates

3.11.1.1 Reset Statistics

When the [Reset Statistics] button is clicked on the top of the [Web Usage] table, the current

information is reset and current information is collection.

It may take several minutes to renew the environmental data.

3.11.2 Disk

With the [Disk] option, the disk usage report of Turbolinux Appliance Server can be displayed.

Click [Disk] on the menu to display the [Disk Usage] table.

The day and time that the usage information was updated is displayed in the top [Disk Usage]

table.

From the [Select Usage…] drop down menu, it is possible to select various data to display.

Select one of the following options to display disk usage:

Summary

Users

Groups

The items are displayed according to the items below depending on the option selected.

Partition

This item displays the partition name and what it is used for.

Used (MB)

This item displays the total amount of disk space used in MB.

Free (MB)

This item displays the total amount of unused disk space used in MB.

Total (MB)

This item displays the entire capacity of the disk in MB.

Percentage used

This item displays the percentage of the total disk space that is being used as a percentage.

When a user is assigned unlimited disk space, it is normal for the report to

indicate 0 usage for that user.

3.11.2.1 Check Usage Now

Click the [Check Usage Now] button to renew the environmental data and display current

information.

It may take several minutes to renew the environmental data.

3.11.3 Network

With the [Network] option, the network usage report of Turbolinux Appliance Server can be

displayed. Click [Network] on the menu to display the [Network Usage] table.

The display items of the [Network Usage] table are shown below.

Network interface

This item displays the name of the network interface(s).

Sent (Bytes)

This item displays the entire number of bytes which were transmitted from the interface.

Received (Bytes)

This item displays the entire number of bytes which were received by the interface.

Errors

This item displays the number of errors which occurred on the interface.

Collisions

This item displays the number of collisions which were detected on the interface.

3.12 Active Monitor

With the [Active Monitor] option, service states of Turbolinux Appliance Server are monitored

and information is updated every 15 minutes. Click the [Active Monitor] option on the menu

to display the sub menu below.

Status

Settings

The [Active Monitor Status] table can also be accessed by clicking the icon on the

ATOM Server Desktop.

When a serious problem is detected in the Turbolinux Appliance Server system

or service, the active monitor icon on the ATOM Server Desktop is displayed in

red.

3.12.1 Status

Under the [Status] option, the states of each component of the system and service which are

being monitored are displayed. When the [Status] option is clicked from the menu under

[Active Monitor], the summary tables are displayed below.

The [System Status] table shows information regarding the CPU load, memory usage, disk

state, and network state. The [Service Status] table displays the state of the parent object for

each system or service.

Status

The status overview tables display the status of the parent object for each component. To

display detailed information for each component, click on the status icon.

(Gray) No information is available, or monitoring is not enabled.

(Green) Normal operation

(Yellow) Problem

(Red) Serious problem

Component name

The name of the parent system and the service objects are listed.

Action

When the icon is clicked, detailed information for each component is displayed.

3.12.1.1 Displaying up-to-date information

When the [Check Status Now] button is clicked, up-to-date information regarding the systems

and services is acquired and the table is refreshed.

It may take several minutes to refresh the status of all components.

3.12.1.2 Status Details Table

When the icon is clicked for a component on the [System Status] or [Service Status]

tables, the corresponding details table is displayed. It is possible to verify details of a

component, as shown in the table below.

When the [Back] button is clicked, the display returns to the [System Status] and [Service

Status] tables.

3.12.2 Settings

The active monitor functions are controlled by the [Active Monitor Settings] table. When the

[Settings] button is clicked on the menu on the left, the table below is displayed.

Setting items for the [Active Monitor Settings] are listed below. After completing the settings,

click the [Save] button to update and refresh the table.

Enable monitoring

Check this box to enable monitoring on Turbolinux Appliance Server.

Alert notification Emails (optional)

Enter the Email address(es) of the user(s) who will receive a message when the active

monitor detects a problem. “Admin” is entered by default. If multiple addresses are used,

separate them with a comma or enter one per line.

Monitored components (optional)

It is possible to define the components the active monitor watches from the list below.

Apple file sharing server

CPU usage

DHCP server

Disk integrity

Disk usage

DNS server

Email servers

FTP server

JSP and Servlets

Memory usage

Network status

Server desktop

SSH server

SNMP server

System power

Telnet server

UPS

Web server

Web cache server

Windows file sharing server

Use the or icons to move options between [Components Monitored] and

[Components Not Monitored] fields.

4 Updating Turbolinux Appliance Server

It is possible to update Turbolinux Appliance Server from the Turbolinux company FTP site

using the Turbopkg package management tool which operates from the ATOM Server

Desktop. Turbopkg investigates to find whether or not there are newer packages than what

is installed on the system and indicates needed packages in the ATOM Server Desktop. The

server manager can execute a package update, so it is easy to maintain an up-to-date

system. It is also possible to see installed packages or delete packages.

To get to the package management of Turbopkg in ATOM Server Desktop, it is necessary to

login as a server manager. The screen below appears when the [Turbopkg] tab is clicked.

The menu below is displayed on the left side of the screen.

Package adding

Third party software install

Package updating

Package removing

Auto update

Detail

Package manager log

Each menu item displays a different function of Turbopkg.

The icon is displayed at the top of ATOM Server Desktop for Turbopkg.

Clicking the icon takes the server manager user to the [Turbopkg] tab. The icon

will only display for a server manager. When an update package exists, the

icon is displayed in yellow.

4.1 Package Adding

The [Package Adding] feature can install a new package which is presently not on the system.

The installation procedure of the package is shown below.

When the use of the HTTP proxy server is necessary in order to access outside

the firewall, refer to the HTTP proxy server settings in "4.6 Detail.”

1. Click the [Package Adding] button on the menu.

2. The available packages are displayed in the table. When a package is not available, the

update package is not displayed.

It is possible to sort the packages in ascending or descending order by clicking

on the column headers.

3. When the [Read Additional Packages] button is clicked, Turbopkg connects to the FTP

site, acquires the information about packages which are not installed on the present

system, and updates the table. Check the box of the package(s) to install.

4. After completing the selection, click the [Install] button.

5. After installation is complete, the table is renewed and the package(s) which was

installed is removed from the table.

When the [Package Management Log] button on the left menu is clicked,

installation is verified.

4.2 Third Party Software Install

The [Third Party Software Install] feature can manually install an RPM package made by a

third party. Below is the installation procedure.

When the use of the HTTP proxy server is necessary in order to access outside

the firewall, refer to the HTTP proxy server settings in "4.6 Detail.”

1. Click the [Third Party Software Install] button on the menu. The [Third Party Software

Install] table appears.

2. Select the location of the RPM package.

URL When this check box is selected, enter the URL where the RPM

package exists with http:// or ftp:// in field to the right.

Upload When this check box is selected, use the browse button to find an RPM

file on a local disk of the client computer.

3. After selecting the file, click the [Prepare] button to get it ready for installation.

4. Turbolinux Appliance Server searches the system to determine whether the package is

already installed or if a newer package exists. If a package already exists, it is not

installed.

5. When the [Update] button is clicked, installation is started.

The update button will not appear for an installation of a package when the same

or newer package is already installed on the system. If the system detects that

the package is installed, click the [Cancel] button to return to the [Third Party

Software Install] table.

6. The verification dialog box is displayed after completing the installation, and then the user

returns to the [Third Party Software Install] table.

4.3 Package updating

The [Package Updating] feature can update packages which are currently installed on the

system. The update procedure is shown below.

When the use of the HTTP proxy server is necessary in order to access outside

the firewall, refer to the HTTP proxy server settings in "4.6 Detail.”

1. Click the [Package Update] button on the menu.

2. [Read Update Packages] finds packages installed on the system. When the [Read

Update Packages] button is clicked, the server connects Turbopkg to the FTP site,

acquires the update information for packages which are installed on the system, and

renews the table. When a package does not exist, the update package is not displayed.

Check the box of the package(s) to be updated.

It is possible to sort the packages in ascending or descending order by clicking

on the column headers.

3. After completing the selection, click the [Update] button to start the package updating.

4. After installation is complete, the [Package Updating List] table is renewed, and the

packages which were updated are removed from the table.

When the [Package Manager Log] button on the left menu is clicked, installation

is verified.

When the kernel is updated, in order to make the new kernel effective, it is

necessary to restart the system.

4.4 Package removing

The [Package removing] feature can un-install a package from the current system. The

package un-installation procedure is shown below.

When a package is deleted carelessly, there is a possibility of the system

ceasing to operate normally. Please do not delete the packages unless

necessary.

When packages are deleted, it is necessary to select all dependent packages by

hand. Packages needed for other packages are not automatically removed. The

log of the package deletion which includes the dependent packages can be

verified with the package management logs. For details, please refer to "4.7

Package Manager Log.”

1. Click the [Package Removing] button from the menu.

2. Packages which are installed on the current system are displayed in the [Package

Removing List] table.

It may take some time for the summary table to be displayed in the browser.

It is possible to sort the packages in ascending or descending order by clicking

on the package name column header.

Information for each package can be displayed by clicking the icon.

3. Check the box of the package(s) to be deleted.

4. After un-installation is complete, the [Package Removing List] table is renewed and the

package which was deleted is removed from the table.

When the [Package Manager Log] button on the left menu is clicked, removal is

verified.

4.5 Auto Update

The [Auto Update] feature can update Turbopkg automatically at the time appointed for the

package categories. The system manager does not install the update package by hand,

making it possible to always maintain Turbolinux Appliance Server and keep packages up-todate.

There are three package classifications:

Security update package

Bug fix update package

Enhancement update package

When the use of the HTTP proxy server is necessary in order to access outside

the firewall, refer to the HTTP proxy server settings in "4.6 Detail.”

The [Auto Update Settings] table is shown below. Following are descriptions of the settings.

When the kernel is updated, in order to make the new kernel effective, it is

necessary to restart the system.

Enable auto update

When selected, the automatic operation update is enabled.

Enable security update

When selected, the packages which include the security fixes are updated.

Security priority level

This option selects when the security update is executed. The security update packages

have a level of recommendation from high to low. From the pull-down menu, select which

level of packages that are to be installed. When [High] is selected, the packages which

include the security holes which have the possibility of gaining root authority from remote are

updated. When [Medium] is selected, the packages which have the possibility of gaining root

authority in the local user—in addition to high—are updated. When [Low] is selected, all

packages in which holes exist are updated.

Enable bug fix update

When selected, the packages which have new releases are updated.

Enable enhancement update

When selected, updated packages such as the upgrade version of the software are installed.

Day of the week

Select the day of the week when the automatic operation update is executed. Select the day

of the week by clicking the or icons to move days between the [Enable] and

[Disable] boxes.

Time

Select the hour and minute when the update feature executes.

Administrator’s Email address

Enter the Email address to which to transmit the execution result of the automatic operation.

Now execute

When the [Save] button is clicked, the automatic update operation is immediately started.

4.6 Detail

When Turbolinux Appliance Server is situated inside a firewall, it may be necessary to access

outside by way of a proxy. A proxy can be defined with the [Details] button on the menu.

The [Detail] table is shown below. See the following descriptions of settings.

The settings for the [Detail] table are shown below. Click the [Save] button to update the

information and refresh the table.

Server access

Choose the access method used for updating the server. The options are: [https], [http], and

[ftp].

HTTP proxy: port

Enter the host name and port number of the HTTP proxy server when designation of the

HTTP proxy server is necessary in order to access outside the firewall (i.e.

Proxy.mycompany.com:8080).

FTP proxy: port

Enter the host name and port number of the FTP proxy server when designation of the FTP

proxy server is necessary in order to access outside the fire wall (i.e.

Proxy.mycompany.com:8080).

4.7 Package Manager Log

The [Package Manager Log] feature can verify the functions of Turbopkg.

5 User Site

A general user can change the login password, transfer Email settings, and verify disk usage

on Turbolinux Appliance Server by accessing the ATOM Server Desktop. This chapter

describes how a general user—one that is not an administrator—accesses and controls the

User Site for several functions.

5.1 Access to User Site

Follow the procedure below to access the User Site.

1. From the client web browser, enter the following URL:

http://(host name or IP)/login/.

2. The login screen to ATOM Server Desktop is displayed below.

3. Enter the user name and user password on Turbolinux Appliance Server.

4. If SSL (Secure Socket Layer) is checked, the server supports encoding communication

between the client and Turbolinux Appliance Server. To use this function, SSL must be

enabled in the web browser, but many browsers have this function on by default. If

security is an issue, we recommend that secure connection be used.

When a secure connection is used, the dialog box which verifies the acceptance

of the self signature certificate appears. To log in, please accept the self

signature certificate.

5. Click the [Login] button.

6. Atom Server Desktop appears.

5.2 User Site summary

The User Site of ATOM Server Desktop consists of two tabs:

Programs

Personal profile

It is possible to change the screen displayed in ATOM Server Desktop by clicking each tab.

5.2.1 Programs

The [Programs] menu is displayed on the left side of the screen and allows access to mail

sending and receiving and address management through two programs:

WebMail

Address book

The [Programs] screen is what a general user with a Turbolinux Appliance Server account

will utilize most frequently. For details, refer to "5.3 WebMail" and "5.4 Address Book.”

5.2.2 Personal profile

The [Personal Profile] menu is displayed on the left side of the screen and allows modifying

Email account settings, password, and viewing the disk usage. The following options are

available:

Account

Email

Disk usage

Personal information

For details, refer to “5.5 Account information,” “5.6 Email,” “5.7 Disk usage,” and “5.8

Personal information”

5.3 WebMail

With the [WebMail] feature, it is possible to send and receive Email messages using a web

browser. To access WebMail, click the [Programs] tab and select [WebMail] from the menu

on the left. A message is displayed that reads, “Click here to open the WebMail window.”

Click the hyperlink to open the window and display the screen below.

Depending on the settings in the client web browser, security warnings may

appear in a dialog box. Click the [OK] button on the messages to continue.

The [Messages] menu is displayed on the left side of the screen:

Compose

Folder List

Manage Folders

To close the [Messages] screen, click the button.

5.3.1 Compose

When the [Compose] menu option is clicked, the [Compose] table below is displayed.

Enter the following items to create an Email message.

To

Enter the Email address of the message recipient. If mail is sent to another user on the same

Turbolinux Appliance Server system, then only the user name is necessary.

CC (Carbon Copy) (optional)

Enter the Email address of a user who is to receive a carbon copy of the message.

BCC (Blind Carbon Copy) (optional)

Enter the Email address of a user who is to receive a blind carbon copy of the message. It is

possible to transmit mail to an address appointed in the BCC field without the recipient or CC

seeing the address it was sent to.

A comma should be use to separate Email addresses in the [To], [CC], or

[BCC] fields when using multiple recipients. When the [Import From Address

Book] icon is clicked, it is possible to select Email addresses from the

individual and global Address Books. For more details about the Address

Book, refer to “5.4 Address Book.”

Attachments

Enter the file(s) to be attached to the message, if any. For details, refer to “5.3.1.1 Attaching

files.”

Subject

Enter the message subject.

Message

Enter the message text.

After entering the information, click the [Send] button to send the message. When the mail is

transmitted, a message will appear that the transmission was successful.

5.3.1.1 Attaching files

It is possible to attach a file or multiple files when transmitting or replying to a message with

the following steps.

1. Click the [Attach] icon on the [New Mail] table. The screen below will appear indicating

what file is to be uploaded.

2. Enter the path to the file to be attached. Alternatively, select the [Browse] button to find

the file through a dialog box.

3. After selecting the file, click the [Submit] button. The file is displayed in the [New Mail]

table. When selecting multiple files, repeat the operation.

4. If necessary, select the file and click the [delete] icon to remove it from the attachment list.

5.3.2 Folder list

The [Folder List] feature contains a list of the folders used for organizing Email. By clicking

on a folder in the list, a user can view the mail in that folder.

The default folders are listed below. It is not possible to delete these folders.

Inbox

This folder displays mail sent to the Turbolinux Appliance Server user’s address.

Sent-mail

Mail sent from this user account on Turbolinux Appliance Server is displayed in this folder.

It is possible to house mail in additional folders created by a user. For details on folder

management, refer to "5.3.3 Managing folders."

5.3.2.1 Viewing folders

1. The [Folder List] contains a list of all the available folders for that user. The default

folders, [Inbox] and [Sent-mail], as well as any other user created folders are displayed in

the sub menu.

2. When the folder is clicked, the corresponding folder is displayed and its contents listed

with the name of the folder appearing at the top of the table.

Check box

Use the check box to select messages to be deleted or moved. It is possible to select

multiple messages to perform the same operation on. When the check box at the top of the

folder list is clicked, all messages in the folder will be selected for the desired operation.

Status

The status of the mail messages is displayed by an icon, as represented below.

Message is new or unread.

Message has been read.

Message has been replied to or forwarded.

Subject

This item displays the subject of a message. It is a hyperlink that, when clicked, displays the

contents of the message. Attached files are also shown as hyperlinks.

Sender

In the case of received Email, this item displays the sender’s address. When viewing sent

mail, this item displays the recipient’s address.

Date

The sending or receiving date of the mail message is displayed in this item.

5.3.2.2 Reading mail

1. Click the subject line of the mail to be read in the [Inbox] or other folder.

2. The message is displayed completely, including the sender, CC, subject, and message

body.

3. When a file is attached, click the hyperlink listed in the [Attachments] field to download

the attachment. The message stays up while the file is being downloaded or viewed. If

the attachment is a message, the message is displayed completely, including the sender,

CC, subject, and message body.

5.3.2.3 Replying to Email

1. From the folder list, click the message subject line of the message to be replied to.

2. The message is displayed completely, including the sender, CC, subject, and message

body.

3. When the [Reply] button is clicked, a new table appears where it is possible to compose

a reply to the message. The recipient is entered automatically into the [To] field.

When the [Reply All] button is clicked, the users and recipients are drawn from

the [To] and [CC] fields. It is possible to edit the fields independently.

4. After completing the reply message, click the [Send] button to transmit the message. For

details on the operation of mail transmission, refer to "5.3.1 New mail."

5.3.2.4 Forwarding Email

1. From the folder list, click the message subject line of the message to be forwarded.

2. The message is displayed completely, including the sender, CC, subject, and message

body.

3. When the [Forward] button is clicked, a new table appears where it is possible to enter

the recipients to forward the message to.

4. The subject and text of the original message are separated from the new text with a

boundary line. It is possible to edit the message or add to it.

5. After completing the forwarded message, click the [Send] button to transmit the message.

For details on the operation of mail transmission, refer to "5.3.1 New mail.”

5.3.2.5 Deleting Email

Without displaying the messages to be deleted

1. In the [Inbox] or other folder, click the check box next to the mail to be deleted.

2. Click the [Remove] button to delete the checked message(s).

3. Click the [OK] button on the verification dialog box to complete the process.

While displaying the messages to be deleted

1. Click the subject line of the message to open it.

2. The message is displayed completely, including the sender, CC, subject, and message

body.

3. Click the [Remove] button.

4. Click the [OK] button on the verification dialog box to complete the process.

5.3.2.6 Moving Email

It is possible to move a message to another folder where it can be stored.

1. In the [Inbox] or other folder, click the check box next to the mail to be moved.

2. Select the folder to send the message to from the [Move To…] drop down menu.

3. The message(s) that were checked are moved to the folder selected.

5.3.3 Managing folders

With the [Manage Folders] feature, a user can create, manage, and delete folders for storing

messages.

It is not possible to delete or modify the default [Inbox] and [Sent-mail] folders.

5.3.3.1 Creating a new folder

1. Click on the [Manage Folders] menu on the left. The [Folder List] table is displayed. The

[Inbox] and [Sent-mail] folders, as well as any other folders the user has created, are

shown in the list. The total number of folders is indicated at the top of the table.

2. Click the [Add] button in the [Folder List] table to display the [Add Folder] table.

3. Enter the name of the folder to be created in the [Name] field and click the [Save] button

to complete.

4. The [Folder List] is refreshed and the new folder is displayed in the list.

To modify the folder name, click the icon next to the folder to be modified.

To delete a folder, click the icon next to the folder name to be deleted. The

default folders cannot be modified and it is not possible to select these icons for

those folders.

5.3.3.2 Modification of folder name

The names of the default folders cannot be modified. Only folders created by a user may be

modified.

For folders that can be modified, the icon is displayed next to them.

1. Click the icon next to the folder to be modified in the [Folder List] table. The [Modify

Folder] table is displayed below.

2. Enter the new name of the folder in the [Name] field and click the [Save] button to

complete.

3. The [Folder List] is refreshed and the modified folder is displayed in the list.

5.3.3.3 Deletion of folder

The default folders, [Inbox] and [Sent-mail], cannot be deleted. Only folders created by a

user may be deleted.

For folders that can be deleted, the icon is displayed next to them

1. Click the icon next to the folder to be deleted in the [Folder List] table.

2. Click the [OK] button on the verification dialog box to complete the process.

5.3.4 Mailing List

With the [Mailing List] menu, it is possible to replay to mail in the archive for mailing lists that

the user belongs to. The mailing list name which includes the archive is displayed in the sub

menu.

To use the mailing list function, a user must be assigned to a mailing list by the

Turbolinux Appliance Server administrator. When a user has not been registered

to a mailing list, the [Mailing List] menu is not displayed. To enable the mailing

list archive function, refer to “3.4.2 Mailing Lists.”

5.3.4.1 Archive List

1. The mailing lists the user belongs to are displayed in the [Mailing List] sub menu. Click

the mailing list archive to view. The [Mailing List Archive] table is displayed.

The [Mailing List Archive] table items are shown below.

Subject

This item displays a link to the message.

Contributor

The contributor’s name or e-mail address is displayed in this item

Date

This item displays the date the message was received.

2. Click the subject line to display the complete corresponding message.

3. Click the [Back] button to return to the [Archive List] table.

5.3.4.2 Reply to archive

1. When viewing a message in the archive, click the [Reply to Sender] button to send a

message to the original sender. To send a message to everyone in the list, click [Reply

All].

2. The [New Mail] table is displayed. Enter the necessary items. For details, refer to “5.3.1

New Message.”

3. After completing the reply, click [Send]. The [Transmission Complete] page will display

and then return to the original message.

5.4 Address Book

The [Address Book] feature displays information about the users and groups created on

Turbolinux Appliance Server and can be used by a user to send mail or get information.

To access the Address Book, click the [Address Book] left-hand menu in the [Programs] tab.

The expanded sub menu is as follows:

Users

Groups

Personal

5.4.1 Users

All users registered in Turbolinux Appliance Server are displayed in this list. A user can

browse the information of other users, compose messages to those users, and view the web

page of those groups.

The [Users Address Book] table is displayed below when [Users] is clicked in the menu.

The [Users Address Book] table items are shown below.

Full name

This item displays the name of the user.

User name

This item displays the account name of the user.

Remarks

This item displays any supplemental information that has been entered for the user.

Actions

Three icons are display in this field.

Displays the full information for the user.

Displays the [Compose] table for creating a new Email message to the user.

Displays the user’s web page.

5.4.1.1 View contact information

1. Click the icon to display the user information for a particular user.

2. The [View Contact Information] table is displayed for that user.

The user information below is displayed in the table:

Name

Email address

Phone number

Fax number

Web page address

Address

Remarks

3. Click the [Back] button to return to the [User Address Book] table.

5.4.1.2 Send message to user

1. Click the icon to send a message to a particular user.

2. The [Compose] table is displayed. Enter the necessary items to transmit a message.

For details on sending Email, refer to "5.3.1 New mail."

3. After the message is completed, click the [Send] button to transmit the message and

return to the [User Address Book] table.

5.4.1.3 Display a user’s web page

1. Click the icon to view the web page of a particular user.

2. A new window opens and the user’s web page is displayed.

The user’s web page can also be displayed by following the hyperlink after

clicking the icon in the [View Contact Information] table.

5.4.2 Groups

All groups registered in Turbolinux Appliance Server are displayed in this list. A user can

browse the information of groups, compose messages to those groups, and view the web

page of those groups.

The [Groups Listing] table is displayed below when [Groups] is clicked in the menu.

The [Groups Listing] table items are shown below.

Name

This item displays the name of the group on Turbolinux Appliance Server.

Members

This item displays the names of the users which belong to the group.

Remarks

This item displays any supplemental information that has been entered for the group.

Actions

Two icons are display in this field.

Displays the [Compose] table for creating a new Email message to the group.

Displays the group’s web page.

5.4.2.1 Send message to group

It is possible to send an Email message to all users in a group.

1. Click the icon to send a message to a particular group.

2. The [Compose] table is displayed. Enter the necessary items to transmit a message.

For details on sending Email, refer to "5.3.1 New mail."

3. After the message is completed, click the [Send] button to transmit the message and

return to the [Groups Listing] table.

5.4.2.2 Display a group’s web page

1. Click the icon to view the web page of a particular group.

2. A new window opens and the group’s web page is displayed.

5.4.3 Personal Address Book

The Personal Address Book can be used individually by each user to store addresses for

sending and receiving Email. Each user has complete control over their address book. All

contact information for a user may be entered, and when an Email address is entered, it

becomes possible to send messages from the Address Book.

All groups registered in Turbolinux Appliance Server are displayed in this list. A user can

browse the information of groups, compose messages to those groups, and view the web

page of those groups.

The [Personal Address Book] table is displayed below when [Personal] is clicked in the menu.

The [Personal Address Book] table items are shown below.

Full name

This item displays the full name of the contact.

Email address

This item displays the Email address of the contact.

Phone number

This item displays the telephone number for the contact.

Actions

Three icons are displayed in this field.

Modify the user information.

Delete the user.

Displays the [Compose] table for creating a new Email message to the user.

5.4.3.1 Adding a contact

1. To add a new contact to the Personal Address Book, click the [Add] button on the table.

2. The [Add Contact] table is displayed.

The [Add Contact] table items are shown below.

Full name

Enter the identifying name of the contact in this necessary field.

Email address (optional)

Enter the Email address of the contact in the form of user@domain (i.e. john@mydomain).

Phone number (optional)

Enter the telephone number of the contact.

Fax number (optional)

Enter the fax number of the contact.

Web page address (optional)

Enter the web page address of the contact.

Address (optional)

Enter the address of the contact.

Remarks (optional)

If necessary, enter any supplemental information for the contact.

3. After completing the table, click the [Save] button to update the contact and return to the

[Personal Address Book] table.

5.4.3.2 Modifying a contact

1. To modify the information for a contact, click the icon for that contact in the [Personal

Address Book] table. The [Modify Contact] table is displayed.

2. Modify items as necessary.

3. After completing, click the [Save] button to update the contact and return to the [Personal

Address Book] table.

5.4.3.3 Deleting a contact

1. To delete a contact, click the icon for that contact in the [Personal Address Book]

table.

2. Click the [OK] button on the verification dialog box to complete the process.

5.4.3.4 Send message to contact

1. Click the icon to send a message to a particular user in the [Personal Address Book]

table.

2. The [Compose] table is displayed. Enter the necessary items to transmit a message.

For details on sending Email, refer to "5.3.1 New mail."

3. After the message is completed, click the [Send] button to transmit the message and

return to the [User Address Book] table.

4. 5.5 Account information

Under the [Account] menu item, the user can manage the account details.

When [Account] is selected from the menu on the left on the [Personal Profile] table, the

following table appears.

The settings for the [Account Settings] screen are shown below.

Full name

This is the identifying name of the account.

Language preference

The language of ATOM Server Desktop can be selected from this drop-down menu.

Japanese and English are supported. By default, the language setting of the browser is used.

Style

The style of ATOM Server Desktop can be selected from this drop-down menu. [True Blue]

and [Merlot] are the options.

New password

It is possible to change the password for login. In order to avoid typing mistakes, the

password must be entered twice.

5.5.1 Updating account information

1. Enter the updated information in the [Account] table as necessary.

2. Click the [Save] button to update the information.

5.6 Email

Under the [Email] menu item, Email forwarding and defining the automatic vacation message

can be done.

When the forwarding function of Email is enabled, an Email which is sent to the user address

can be forwarded to one or more Email addresses. It is also possible to leave a copy of the

mail on Turbolinux Appliance Server.

The vacation message is used for an automated response to incoming Emails. For example,

when someone is on vacation, an extended business trip, etc. and Email cannot be read, an

automated reply is generated.

When the [Email] option is selected from the left-hand menu on the [Personal Profile] tab, the

following table is displayed.

5.6.1 Turn on Email forwarding

1. In the [Email Settings] table, check the box to enable forwarding.

2. Enter the address(es) to be used for forwarding in the format: user name @ domain

name (i.e. John@turbolinux.co.jp and Bob@mail.turbolinux.co.jp). When multiple Email

addresses are used, addresses should be separated with a comma or one address

entered per line.

3. Check the box to leave a copy in the mailbox, if desired.

4. After completing the setup, click the [Save] button. Forwarding settings then become

effective.

5.6.2 Turn off Email forwarding

1. In the [Email Settings] table, uncheck the box to enable Email forwarding

2. After completing the setup, click the [Save] button. Forwarding settings are then disabled.

5.6.3 Turn on vacation message

1. In the [Email Settings] table, check the box to enable the vacation message.

2. Enter a message in the text box.

3. After completing the setup, click the [Save] button. Vacation message settings then

become effective.

Note: Only one vacation message is transmitted per week to a person sending

multiple messages to the mailbox.

5.6.4 Turn off vacation message

1. In the [Email Settings] table, uncheck the box to enable the vacation message.

2. After completing the setup, click the [Save] button. Vacation message settings are then

disabled.

5.7 Disk usage

Under the [Disk Usage] menu item, it is possible to view the information regarding user disk

usage and condition.

When the [Disk Usage] option is selected from the left-hand menu on the [Personal Profile]

tab, the following table is displayed.

The [Disk Usage] table items are described below.

Disk space used (MB)

The disk space which the user has used is indicated in the MB unit.

Disk space free (MB)

The total space which is available to the user is indicated in the MB unit.

Percentage used

Percentage of the disk space used is indicated at the percent unit.

5.8 Personal information

Under the [Personal Information] menu item, it is possible for a user on Turbolinux Appliance

Server to add and update private information themselves.

When the [Personal Information] option is selected from the left-hand menu on the [Personal

Profile] tab, the following table is displayed.

The [Personal Information] table items are described below.

Web page address (optional)

Enter the URL of the user’s web page.

Phone number (optional)

Enter the user’s telephone number.

Fax number (optional)

Enter the user’s fax number.

Address (optional)

Enter the user’s address.

Remarks (optional)

If necessary, enter supplemental information.

5.8.1 Updating personal information

1. Enter the updated information in the [Personal Information] table as necessary.

2. Click the [Save] button to update the information.