For configuration details refer to Chapter 6. An active connection on a serial device is usually indicated by the Data Carrier Detect DCD pin on the serial device being raised. When a connection is detected, the getty program issues a login: prompt, and then invokes the login program to handle the actual system login. Note Selecting Terminal Server mode will disable Port Manager for that serial port, so data is no longer logged for alerts etc. So the two console servers effectively act as a virtual serial cable over an IP network.
One console server is configured to be the Server. For example if the computer attached to serial port 3 should never send anything out on its serial console port, the Administrator can set the Facility for that port to local0 local At this priority, if the console server syslog server does receive a message, it will automatically raise an alert.
This data stream presents as a serial data steam on port 5 on the ACM models. The Common Settings baud rate etc. However you can specify the Fix Frequency i. However for earlier revision ACMG-I units you may need to update the setfset settings from the command line: setfset -r lists all of the current feature set variables.
However any USB console disconnection is auto-detected. USB console re-connection on the same physical USB port will also be auto- detected, but only if the console server has been power cycled. Users can be authorized to access specified services, serial ports, power devices and specified network-attached hosts.
These users can also be given full Administrator status with full configuration and management and access privileges. With firmware V3. Users in this group will have their password stored in clear text. Membership of the admin group provides the user with full Administrator privileges. The admin user Administrator can access the console server using any of the services which have been enabled in System: Services e.
However once logged in they can reconfigure the console server settings e. They can also access any of the connected Hosts or serial port devices using any of the services that have been enabled for these connections. But again the Administrator can reconfigure the access services for any Host or serial port. So only trusted users should have Administrator access 2. Membership of the user group provides the user with limited access to the console server and connected Hosts and serial devices.
These Users can access only the Management section of the Management Console menu and they have no command line access to the console server. They also can only access those Hosts and serial devices that have been checked for them, using services that have been enabled 3. If a user is set up with pptd, dialin, ftp or pmshell group membership they will have restricted user shell access to the nominated managed devices but they will not have any direct access to the console server itself.
To add this the users must also be a member of the "users" or "admin" groups 4. The Administrator can also set up additional Groups with specific power device, serial port and host access permissions. The Administrator can also set up users with specific power device, serial port and host access permissions, who are not a member of any Groups. You may also include information related to the user e. This is more secure than password based authentication. Similarly there are no specific limits on the number of Groups and each user can be a member of a number of Groups in which case they take on the cumulative access privileges of each of those Groups.
A user does not have to be a member of any Groups but if the User is not even a member of the default user group then they will not be able to use the Management Console to manage ports. Only these permitted services will be forwarded through by SDT to the Host. The Administrator can then configure these devices and enable which users have permissions to remotely cycle power etc. This will create the new Host and also create a new Managed Device with the same name 4. However they do not restrict access by the Administrator to the console server itself or to attached hosts.
To change the default settings for this access, you will to need to edit the IPtables rules as described in the Chapter 14 - Advanced. One console server, the Master, controls other console servers as Slave units and all the serial ports on the Slave units appear as if they are part of the Master.
This is done using public key authentication so the Master can access each Slave using the SSH key pair rather than using passwords.
This ensures secure authenticated communications between Master and Slaves enabling the Slave console server units to be distributed locally on a LAN or remotely around the world.
Generating each set of keys will require approximately two minutes and the new keys will destroy any old keys of that type that may previously been uploaded. Also while the new generation is underway on the master functions relying on SSH keys e.
For a more detailed explanation refer the Authorized Keys section of Chapter This once-off step will validate that you are establishing an SSH session to who you think you are. Answer yes and the fingerprint will be added to the list of known hosts. For more details on Fingerprinting refer Chapter The keys should remove any need to supply a password 4.
If the Master console server has 16 ports of its own then ports are pre- allocated to the Master, so the first Slave added will be assigned port number 17 onwards.
So for example if change a User access privileges or edit any serial port setting on the Master, the updated configuration files will be sent out to each Slave in parallel. Each Slave will then automatically make changes to their local configurations and only make those changes that relate to its particular serial ports. You can still use the local Slave Management Console to change the settings on any Slave serial port such as alter the baud rates.
However these changes will be overwritten next time the Master sends out a configuration file update. Also while the Master is in control of all Slave serial port related functions, it is not master over the Slave network host connections or over the Slave console server system itself.
This is covered in Chapter User Manual Data Center and Remote Site Management - User Manual 79 PortShare is supplied free with each console server and you are licensed to install PortShare on one or more computers for accessing any serial device connected to a console server port. A copy can be freely downloaded from the ftp site.
This utility can be freely downloaded from the ftp site. This PortShare serial port redirector allows you to use a serial device connected to the remote console server as if it were connected to your local serial port.
The portshare-serial-client creates a pseudo tty port, connects the serial application to the pseudo tty port, receives data from the pseudo tty port, transmits it to the console server through network and receives data from the console server through network and transmits it to the pseudo-tty port. All users can view but not edit these Managed Device connections by selecting Manage: Devices. This automatically creates a corresponding new Managed Device as covered in Section 4. When you connect a particular Managed Device that draws power from the outlet then the outlet will then take up the name of the powered Managed Device 4.
The VPN allows multiple sites or remote administrators to access the Opengear advanced console server and Managed Devices securely over the Internet. You will need to find out the key to be used on the remote gateway, then cut and paste it into the Right Public Key o If you select Shared secret you will need to enter a Pre-shared secret PSK.
For example This is the same as For example, an OpenVPN tunnel may be established between a roaming windows client and an Opengear advanced console server within a data center.
To authenticate using certificates select PKI X. When running as a server, the advanced console server supports multiple clients connecting to the VPN server over the same port. Upload or browse to relevant authentication certificates and files.
Saved files will be displayed in red on the right-hand side of the Upload button. Console servers with firmware V3. Client server Specify whether this will be a client or server configuration file. In the server configuration file, define the IP address pool and netmask. For example, server The client and server must use the same settings.
This is only useful for UDP if problems occur. Log verbosity level can be set from 0 minimum to 15 maximum. The same CA certificate file can be used by the server and all clients. Each client should have its own certificate and key files. Enter the path to the key with the Diffie-Hellman parameters. This is the case in most client configurations. This must be enabled on both the client and the server.
This information, as well as the time the connection was established, is available anytime by scrolling over the OpenVPN icon. PPTP is typically used for communications over a physical or virtual serial link. Routes to networks can then be defined with these IP addresses as the gateway, which results in traffic being sent across the tunnel.
The strength of PPTP is its ease of configuration and integration into existing Microsoft infrastructure. It is generally used for connecting single remote Windows clients. If you take your portable computer on a business trip, you can dial a local number to connect to your Internet access service provider ISP and then create a second connection tunnel into your office network across the Internet and have the same access to your corporate network as if you were connected directly from your office.
Set up VPN user accounts on the Opengear appliance and enable the appropriate authentication 3. Configure the VPN clients at the remote sites.
Connect to the remote VPN 4. Access is denied to remote users attempting to connect using an authentication scheme weaker than the selected scheme. The schemes are described below, from strongest to weakest. It is not recommended that clients connect using this as it provides very little password protection. When using this type of authentication, the client password is transmitted unencrypted. Access is denied to remote users attempting to connect not using this encryption level.
Note - users in this group will have their password stored in clear text. To create a VPN connection across the Internet, you must set up two networking connections. The steps may vary slightly depending on your network access or if you are using an alternate version of Windows.
More detailed instructions are available from the Microsoft web site. This access is available even when the remote console server is behind a third party firewall or has a private non-routable IP addresses which is often the case when the console server is connected via a cellular modem connection.
These connections are used for monitoring, commanding and accessing the Managed Console Servers and the Managed Devices connected to the Managed Console Server. This ensures secure, authenticated communications and enables Managed Console Servers units to be distributed locally on a LAN, or remotely around the world.
Once the candidate has been accepted on the CMS as outlined in the next section an SSH tunnel to the console server is then redirected back across the Call Home connection.
The console server has now become a Managed Console Server and the CMS can connect to and monitor it through this tunnel.
This password is used solely for accepting Call Home connections from candidate console servers 2. You can click Refresh to update 4. System Password that has been set on this Managed Console Server. It will not be stored o Click Apply. Some models also come standard with an internal modem. The console server will then await an incoming connection from a dial-in at remote site.
You can select any address for the Remote IP Address. However it must be in the same network range as the Local IP Address e. This is the IP address that will be used by the remote client to access console server once the modem connection is established. Strong 40 bit or bit encryption is recommended Note: Firmware V3. The User name and Password to be used for the dial-in PPP link, and any dial-back phone numbers are configured when the User is set up.
Earlier firmware only supported one PPP dial-in account Note Chapter 13 Advanced Configurations has examples of Linux commands that can be used to control the modem port operation at the command line level 5.
OOB access uses an alternate path for connecting to the console server to that used for regular data traffic. Starting an OOB connection in SDT Connector may be achieved by initiating a dial up connection, or adding an alternate route to the console server.
SDT Connector allows for maximum flexibility is this regard, by allowing you to provide your own scripts or commands for starting and stopping the OOB connection. Refer Chapter 6. Note: Only SSH access is enabled on the failover connection. However in firmware versions later than 3. The advanced console server continually pings probe addresses whilst in original and failover states.
The original state will automatically be set as a priority and reestablished following three successful pings of the probe addresses during failover. The failover state will be removed once the original state has been re-established.
Network 2 will automatically and transparently take over the work of Network 1, in the event Network 1 becomes unavailable for any reason. So the administrator can then SSH or HTTPS connect to the console server and fix the problem By default, the advanced console server supports automatic failure-recovery back to the original state prior to failover V3.
Note: For firmware pre V3. It is possible to use this script to implement automatic failure recovery, depending on your network setup. These modems first need to be installed as described below in 5. They then can be configured for operation in Always- on cellular router or OOB mode, or in Failover mode as detailed in next section 5.
Both will connect to the Verizon network in North America. After creating an account with the CDMA carrier some carriers require an additional step to provision the Internal Cellular Modem, referred to as Provisioning. These values are specific to your carrier and for manual activation you will have to investigate what values your carrier uses in each field.
It is generally expressed in dBm and the best throughput comes from placing the device in an area with the highest RSSI. When powered it will go ON and while searching for service it will flash off briefly every 5sec. This service will periodically ping a configurable IP address.
If a threshold number of consecutive attempts fail, the service will cause the unit to reboot. This can be used to force a clean restart of the modem and its services to work around any carrier issues.
This IP address is used to ping test the status of the cell modem connection and to determine if SIM failover or failback is to take place. DDNS, when configured, will be applied to the cell modem dial out connection regardless of which SIM is currently in use.
Be aware that when the console server is failing over to the cell modem interface and the primary SIM fails, total time to fail over to the cell modem and then for the cell modem to failover to its secondary SIM can take several minutes - be patient. In this case a dial-out cellular connection is only established in event of a ping failure - Circuit Switched Data CSD mode.
In this dial-in mode the cellular modem can receive incoming calls from remote modems who dial a special Data Terminating number. This is a 3G mode only. There is a low level of keep alive and management traffic going over the cellular network, however generally the status reports and alerts etc from the site can be carried over the main network.
This mode is used typically for out of band access to remote sites, and as above to be directly accessed the appliance needs to have a Public IP address and it must not have SSH access firewalled. Out-of-band access is enabled by default and the cellular modem connection is always on. To be directly accessed the console server needs to have a Public IP address and it must not have SSH access firewalled.
These plans often have a service fee attached. Once this is done you can then also try accessing the console server using the allocated domain name By default most providers offer a consumer grade service which provides dynamic Private IP address assignments to 3G devices.
This IP address is not visible across the Internet but generally it is adequate for home and general business use. The alternative is to set up Failover mode on the console server as detailed in the next section.
The cellular connection normally remains idle - in a low power state - and is only activated in event of a ping failure. This standby mode can suit remote sites with expensive power or very high cellular traffic costs. In this mode, the appliance continually pings nominated probe addresses over the main network connection and in the event of ping failure it dials out and sets up a dial-out ppp over the cellular modem and access is switched transparently to this network connection.
Then when the main network connection is restored, access is switched back. Once you have configured carrier connection, the cellular modem can be configured for failover. This will tell the cellular connection to remain idle in a low power state. If the primary and secondary probe addresses are not available it will bring up the cellular connection and connect back to the cellular carrier.
Only HTTPS and SSH access is enabled on the failover connection which should enable the administrator to connect and fix the problem Note: By default, the advanced console server supports automatic failure-recovery back to the original state prior to failover V3. This requires setting up forwarding and masquerading - as detailed in Chapter 5. CSD uses a single radio time slot to deliver 9. CSD is provided selectively by carriers and it is important you receive a Data Terminating number as part of the mobile service your carrier provides.
Note: Network forwarding allows the network packets on one network interface i. So locally networked devices can IP connect through the console server to devices on a remote network. IP masquerading is used to allow all the devices on your local private network to hide behind and share the one public IP address when connecting to a public network.
This type of translation is only used for connections originating within the private network destined for the outside public network, and each outbound connection is maintained by using a different source IP port number. By default, all console server models are configured so that they will not route traffic between networks. IP Masquerading performs Source Network Address Translation SNAT on outgoing packets, to make them appear like they've come from the console server rather than devices on the internal network.
When response packets come back devices on the external network, the console server will translate the packet address back to the internal IP, so that it is routed correctly. This allows the console server to provide full outgoing connectivity for internal devices using a single IP Address on the external network.
By default IP Masquerading is disabled for all networks. Manual Configuration: Manually set a static gateway address being the address of the console server and set the DNS server address to be the same as used on the external network i. To reserve an IP addresses for a particular host. Once applied, devices on the internal network will be able to access resources on the external network. This should describe the target and the service that the port forward is used to access Input Interface: This allows the user to only forward the port from a specific interface.
This may be left blank. These will be the port s specified when accessing the port forward. These ports need not be the same as the output port range. Protocol: The protocol of the data being forwarded. This is an address on the internal network where packets sent to the Input Interface on the input port range are sent. Output Port Range: The port or range of ports that the packets will be redirected to on the Output Address.
Ranges use the format start-finish. This can be used to allow custom on- box services, or block traffic based on policy. This name should describe the policy the firewall rule is being used to implement e. This may be left blank for any.
So rule placement is important. The Managed Devices being accessed can be located on the same local network as the console server or they can be attached to the console server via a serial port. Opengear recommends you use the SDT Connector client software that is supplied with the console server for this. SDT Connector is simple to install and auto-configure and it will provides all your users with point-and-click access to all the systems and devices in the secure network. With one click SDT Connector sets up a secure SSH tunnel from the client to the selected console server, then establishes a port forward connection to the target network connected host or serial connected device, then executes the client application that will be used in communicating with the host.
Only these permitted services will be forwarded through by SSH to the host. Users can be authorized to access the console server ports and specified network-attached hosts. To simplify configuration, the Administrator can first set up Groups with group access permissions, then Users can be classified as members of particular Groups.
Each of these remote console servers have an embedded OpenSSH based server which can be configured to port forward connections from the SDT Connector client to hosts on their local network as detailed in the previous chapter.
The SDT Connector can also be pre-configured with the access tools and applications that will be available to be run when access to a particular host has been established. It can also access the console server itself and access devices connected to serial ports on the console server. If there is already a config file on the Windows PC then it will not be overwritten. Solaris platforms are also supported however they must have Firefox installed.
SDT Connector can run on any system with Java 1. SDT Connector can also be set up to make an out-of-band connection to the console server refer Section 6. The SSH tunnel to the gateway is then automatically established, the appropriate ports redirected through to the host, and the appropriate local client application is launched pointing at the local endpoint of the redirection: User Manual Data Center and Remote Site Management - User Manual Note The SDT Connector client can be configured with unlimited number of Gateways.
Each Gateway can be configured to port forward to an unlimited number of locally networked Hosts. Similarly there is no limit on the number of SDT Connector clients who can be configured to access the one Gateway. Nor are there limits on the number of Host connections that an SDT Connector client can concurrently have open through the one Gateway tunnel. So for a site with a CM gateway you can have, at any time up to 50 users securely controlling an unlimited number of network attached computers and appliances servers, routers etc at that site.
However it may consist of several redirections; some or all of which may have clients associated with them.
The first redirection is for the HTTPS connection to the RAC server - it has a client associated with it web browser that is launched immediately upon clicking the button for this service. It is automatically loads in a Java client served through the web browser, so it does not need a local client associated with it.
It is not usually necessary to change this from "localhost". If this is left blank, a random port will be selected. This will be an arbitrary TCP port that is not in use on the gateway. An example of this is the SOL Proxy service. SDT Connector typically launches a client using command line arguments to point it at the local endpoint of the redirection. There are three special keywords for specifying the command line format.
If this port is unspecified i. For example SDT Connector is preconfigured for Windows installations with a HTTP service client that will connect with whichever local browser the local Windows user has configured as the default. With V3. Simply browse to the console server and select the Service Access tab on the System: Firewall menu.
Click Add User. Select Select Edit: Preferences and click the Services tab. Enter in TCP Port. Alternatively, select File: New Host. In Descriptive Name, enter something along the lines of Loopback ports, or Local serial ports. Click OK. Port 2 if the target device is attached to the second serial port. Click Apply. OOB access uses an alternate path for connecting to the gateway to that used for regular data traffic.
OOB access is useful for when the primary link into the gateway is unavailable or unreliable. Typically a gateway's primary link is a broadband Internet connection or Internet connection via a LAN or VPN, and the secondary out-of-band connectivity is provided by a dial-up or wireless modem directly attached to the gateway.
So out- of-band access enables you to access the hosts and serial devices on the network, diagnose any connectivity issues, and restore the gateway's primary link. Starting an OOB connection may be achieved by initiating a dial up connection, or adding an alternate route to the gateway. The status bar will change color to indicate this gateway is now being access using the OOB link rather than the primary link When you connect to a service on a host behind the gateway, or to the console server gateway itself, SDT Connector will initiate the OOB connection using the provided Start Command.
This is known as public key authentication. You may have to restart SDT Connector to shut down any existing tunnels that were established using password authentication. Also if you have a host behind the console server that you connect to by clicking the SSH button in SDT Connector you may also wish to configure access to it for public key authentication as well. SDT with RDP also allows remote Users to connect to Windows XP, Vista, Server, Server computers and to Windows Terminal Servers; and to have access to all of the applications, files, and network resources with full graphical interface just as though they were in front of the computer screen at work.
To set up a secure Remote Desktop connection you must enable Remote Desktop on the target Windows computer that is to be accessed and configure the RPD client software on the client PC. With Windows Server you can have multiple sessions and with Server you have three sessions - the console session and two other general sessions. So more than one user can have active sessions on a single computer.
In the Display section specify an appropriate color depth e. When run, this software allows these older Windows platforms to remotely connect to a computer running current Windows. Redirect sound on remote machine to local device i. There is a Windows server, allowing you to view the desktop of a remote Windows machine on any of these platforms using exactly the same viewer. It has added features such as file transfer, performance improvements, and read-only password support.
They have just recently included a video drive much like UltraVNC. There are Viewers and Servers from a wide selection of sources e. When the Viewer PC is connected to the console server thru a SSH tunnel over the public Internet, or a dial-in connection, or private network connection , enter localhost or When the Viewer PC is connected directly to the console server i. The TCP port will be plus the physical serial port number i.
For Windows XP and computers follow the steps below to set up an advanced network connection between the Windows computer, through its COM port to the console server. By default select COM1. The COM port on the Windows computer should be configured to its maximum baud rate. This should be the same Users who were given Remote Desktop access privileges in the earlier step. For simplicity use the IP address as shown in the illustration above: From: If RRAS has been configured it is a simply task to enable the null modem connection for the dial-in configuration.
For earlier version Windows computers again follow the steps in Section B. PuTTY As covered in the previous sections of this chapter we recommend you use the SDT Connector client software that is supplied with the console server.
Note How secure is VNC? VNC access generally allows access to your whole computer, so security is very important. VNC uses a random challenge-response system to provide the basic authentication that allows you to connect to a VNC server. This is reasonably secure and the password is not sent over the network.
However, once connected, all subsequent VNC traffic is unencrypted. So a malicious user could snoop your VNC session. Also no VNC port is ever open to the internet, so anyone scanning for open VNC ports will not be able to find your computers. The Auto-Response facility extends on the basic Alert facility available in earlier pre V3. With Auto- Response the console server monitors selected serial ports, logins, the power status and environmental monitors and probes for Check Condition triggers.
The console server will then initiate a sequence of actions in response to these triggers. Also all console server models can maintain log records of all access and communications with the console server and with the attached serial devices. A log of all system activity is also maintained as is a history of the status of any attached environmental monitors.
Some models can also log access and communications with network attached hosts and maintain a history of the UPS and PDU power status. Subsequent Resolve Actions can also be performed when the trigger condition has been resolved. Also most serial port checks are not resolvable so resolve actions will not be run 7.
Send Email or Run Custom Script to select the action type to be taken. You will need to specify the Recipient Email Address in the format specified by the gateway provider e. Leave as 0 for unlimited. Send Email or Run Custom Script to select the action type to be taken Note: Resolve Actions are configured exactly the same as Trigger Actions except the designated Resolve Actions are all executed on resolution of the trigger condition and there are no Action Delay Times set 7.
Before such alert notifications can be sent, you must configure the nominated alert service. Almost all mobile phone carriers provide an SMS gateway service that forwards email to mobile phones on their networks.
Alternately if your console server has an embedded or externally attached cellular modem you will be given the option to send the SMS directly over the carrier connection. Some SMS gateway service providers only forward email to SMS when the email has been received from authorized senders.
Generally the email subject will contain a truncated version of the alert notification message which is contained in full in the body of the email. Setting this option means the console server will send SNMP traps that are compatible with those sent in older firmware before the new MIBS were added ensuring that the firmware upgrade won't upset existing SNMP management a user will already have in place. At a minimum, a community needs to be set for either SNMP v1 or v2c traps to work.
It helps define where information is sent. This is the highest level of security and requires an encryption protocol DES or AES and password in addition to the authentication protocol and password.
This field is mandatory and must be completed when configuring the console server for SNMPv3. The password must contain at least 8 characters to be valid. AES is recommended for stronger security. A password of at least 8 characters must be provided for encryption to work. Console servers with firmware earlier than V3.
Refer Chapter On the trigger condition for matched patterns, logins, power events and signal changes an NSCA check "warning" result will be sent to the central Nagios server. This condition is displayed on the Nagios status screen and triggers a notification, which can then cause the Nagios central server itself to send out an email or an SMS, page, etc. A log of all system activity is also maintained by default, as is a history of the status of any attached environmental monitors.
The User will only see logs for the Managed Devices they or their Group have been given access privileges for Refer Chapter To view the local cache of logged serial port data select Manage: Port Logs 7. To activate and set the desired levels of logging for each serial Section 7.
Serial PDUs invariably can be controlled using their command line console, so you could manage the PDU through the console server using a remote Telnet client.
Also you could use proprietary software tools no doubt supplied by the vendor. This generally runs on a remote Windows PC and you could configure the console server serial port to operate with a serial COM port redirector in the PC as detailed in Chapter 4.
Similarly network-attached PDUs can be controlled with a browser e. IPMI service processors and BMCs can be configured so all authorized users can use the Management Console to remotely cycle power and reboot computers, even when their operating system is unresponsive.
Network UPS Tools NUT is a group of open source programs that provide a common interface for monitoring and administering UPS hardware; and ensuring safe shutdowns of the systems which are connected. NUT is built on a networked model with a layered scheme of drivers, server and clients covered in some detail in Chapter 8.
It can be connected by serial or USB cable or by the network. The console server becomes the master of this UPS, and runs a upsd server to allow other computers that are drawing power through the UPS slaves to monitor the UPS status and take appropriate action such as shutdown in event of low UPS battery. The console server may or may not be drawing power itself through the Managed UPS. All you need to do is choose the password length and what elements you want to include in your password, and click the Generate button.
The system will generate a unique password, and you can copy and paste it wherever you need. Creating a strong password is one of the most important ways to secure your accounts and keep them private. Unfortunately, people have a tendency to reuse passwords or create simple passwords like sequential numbers, birthdates, or their home address.
This makes it easy for cybercriminals to access your account and do with it as they please. You can set the password length, include numbers and symbols, and it will generate a secure password for you. Then, all you have to do is copy and paste it onto the account creation form when setting up your password. These are highly secured password managers with excellent features, including generating secure passwords.
If this is the case it is usually included in the full download archive itself. ScreenShots: Software Description: CutList Plus fx quickly generates optimizedsheet layouts that make the most efficient use of your plywoodpanels and lumber. Calculate exactly how much material to buy foryour project, and what it will cost.
Watch this overview video tosee how it works. Works with glass, metal, granite, fabric—anythingthat comes in rectangular sheets. CutList Plus fx quickly generates optimizedsheet layouts that make the most efficient use of your plywoodpanels and lumber. Just tell the program what sizeparts you need to cut. It will do the heavy lifting to figure outthe best use of the available materials.
Every sheet of material you save is money in your pocket, timeafter timJoin more than 19, woodworkers in over countriessaving money right now with CutList Plus.
0コメント