CO-trecv.cnf configuration file

The CO-trecv.cnf file resides in the same directory as the CO-trecv.exe program and provides the following directives.

ListenPort 

This is the standard TCP port number of 51462, that must agree with the DestinationPort directive of the CO-tsend.cnf file (as discussed ). For the CO-tsend.exe program to communicate with the CO-trecv.exe program, this port number must be the same for both programs, and any intermediate firewall or filtering router must have this TCP port number open. There is generally no need to change this value.

TrapDestPort     

This is the UDP port number that the CO-trecv.exe program relays SNMP traps on the local platform. By default, this is the standard port number of UDP 162. The value must agree with the ListenPort value of the CO-systrap.cnf file in the system directory of the BMC Defender Server. There is generally no need to change this value.

SyslDestPort

This is the UDP port number that the CO-trecv.exe program relays syslog messages to on the local platform. By default, this is the standard port number of UDP 514. The value must agree with the udp_port_number value of the Syslog.cnf file in the system directory of the BMC Defender Server. There is generally no need to change this value.

MatchAddress

This directive is an IP address or wildcard in the form *.*.*.*, that can limit the location of CO-tsend.exe programs that send messages to the CO-trecv.exe program. You can leave the default value (to match all IP addresses) or specify a subnet such as 10.30.*.*, 10.15.8.*, or can specify a precise IP address. This provides extra security by limiting the range of devices that can access the TCP tunnel.

Note

This is the IP address of the CO-tsend.exe program, and not the IP address of the devices actually sending messages.

ErrorSeverity

This directive indicates the severity of any authentication error generated by the program, due to a fault encryption key, or failure of a program to match the MatchAddress directive. The value can be set to disable to prevent any syslog messages from being generated by the CO-trecv.exe program. However, authentication errors are extremely useful for detecting security breaches, and this value should normally be set to Error or above. The authentication message, generated by the CO-trecv.exe program reports the IP address of the CO-tsend.exe program, or other program attempting to send a message to the CO-trecv.exe program.

LogLocal

This value is set to either True or False. If the value is True, then all messages sent by the CO-trecv.exe program are also logged in the CO-tsend.log file (along with any error messages encountered by the program). This provides a simple way to verify whether UDP messages drops.

Note

The CO-trecv.log file is restarted each time the service is started. Hence, the file does not grow without bounds. If this directive omits, it is interpreted to be False.

EncryptKey

This value is the encryption key used to encrypt message. It can contain any alphanumeric characters, including spaces (but all spaces are ignored). The value must agree with the EncryptKey value specified in the CO-tsend.exe program. The value of default is the initial key, configured in both CO-tsend.exe and CO-trecv.exe. If the value is modified in one location, it must be modified in all locations.

Note

The CO-trecv.cnf file and CO-trecv.exe program are not found within the WTS package. Rather, these two files exist as standard part of the BMC Defender Server installation, within the installationDirectory\system folder, at the main server platform. (The information on how to install and configure this program was discussed in a previous section of this space, and is not documented within the BMC Defender User Manual.)

Related topic

CO-tsend-Tunnel-Sender-Service

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*