Date: Sun, 02 Nov 2014 09:16:59 -0600 From: "William A. Mahaffey III" <wam@hiwaay.net> Cc: freebsd-questions@freebsd.org Subject: Re: Minor rpc question .... Message-ID: <54564AEB.2000701@hiwaay.net> In-Reply-To: <20141103012236.X52402@sola.nimnet.asn.au> References: <mailman.69.1414929601.54988.freebsd-questions@freebsd.org> <20141103012236.X52402@sola.nimnet.asn.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On 11/02/14 08:45, Ian Smith wrote:
> In freebsd-questions Digest, Vol 543, Issue 7, Message: 3
> On Sat, 01 Nov 2014 19:04:29 -0500 "William A. Mahaffey III" <wam@hiwaay.net> wrote:
> > .... I have ruptime installed & running on my LAN boxen. When I query
> > from various boxen, such as an Intel Q6600 based server, I see:
> >
> > [wam@Q6600, ~, 6:59:57pm] 1173 % ruptime
> > INDIGO down ??:??
> > Opty165A down 976+08:10
> > Q6600 up 298+09:30, 6 users, load 0.13, 0.07, 0.06
> > V8 down ??:??
> > athloncube up 44+22:38, 4 users, load 0.08, 0.03, 0.05
> > centos-5 up 41+09:48, 3 users, load 0.03, 0.04, 0.01
> > kabini1 up 0:25, 1 user, load 0.02, 0.21, 0.26
> > opty165a up 298+09:30, 0 users, load 0.00, 0.00, 0.00
> > [wam@Q6600, ~, DING!] 1174 %
> >
> > However, when I query from this box, I see:
> >
> > [wam@kabini1, ~, 6:44:52pm] 297 % ruptime
> > kabini1 up 0:25, 1 user, load 0.02, 0.21, 0.26
> > [wam@kabini1, ~, DING!] 298 %
> >
> > i.e. only this box shows up. I expect to see at least other
> > still-running boxen listed, maybe not defunct (such as V8 & INDIGO) ....
> > Config issue ? Bug ? Pilot error ? Please advise ....
> >
> > BTW:
> >
> > [root@kabini1, /etc, 6:51:24pm] 323 % uname -a
> > FreeBSD kabini1.local 9.3-RELEASE-p3 FreeBSD 9.3-RELEASE-p3 #0: Mon Oct
> > 20 15:08:33 UTC 2014
> > root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64
> > [root@kabini1, /etc, 7:04:07pm] 324 %
>
> Just checking: you have 'rwhod_enable="YES"' in /etc/rc.conf, rwhod(8)
> is running, and port 513/udp traffic is open both ways in any firewall?
Yes, yes, & .... not sure. I disabled logging of firewall traffic on
ports 111,137,138 & 513 in my rc.conf (they were swamping my log file).
I just changed that logging to allow port 513. I see no mention of that
port or service-by-name in my ipfw file, which is the box-stock file w/
mods to allow NFS, otherwise supposedly stock workstation. see:
[root@kabini1, /etc, 9:07:35am] 340 % ipfw show
00100 704 110724 allow ip from any to any via lo0
00200 0 0 deny ip from any to 127.0.0.0/8
00300 0 0 deny ip from 127.0.0.0/8 to any
00400 0 0 deny ip from any to ::1
00500 0 0 deny ip from ::1 to any
00600 0 0 allow ipv6-icmp from :: to ff02::/16
00700 0 0 allow ipv6-icmp from fe80::/10 to fe80::/10
00800 2 152 allow ipv6-icmp from fe80::/10 to ff02::/16
00900 0 0 allow ipv6-icmp from any to any ip6 icmp6types 1
01000 0 0 allow ipv6-icmp from any to any ip6 icmp6types
2,135,136
01100 0 0 check-state
01200 11697 679930 allow tcp from me to any established
01300 112670 62773943 allow tcp from me to any setup keep-state
01400 21809 1723308 allow udp from me to any keep-state
01500 127 12036 allow icmp from me to any keep-state
01600 0 0 allow ipv6-icmp from me to any keep-state
01700 0 0 allow udp from 0.0.0.0 68 to 255.255.255.255
dst-port 67 out
01800 0 0 allow udp from any 67 to me dst-port 68 in
01900 0 0 allow udp from any 67 to 255.255.255.255 dst-port
68 in
02000 0 0 allow udp from fe80::/10 to me dst-port 546 in
02100 1 148 allow icmp from any to any icmptypes 8
02200 0 0 allow ipv6-icmp from any to any ip6 icmp6types 128,129
02300 1858 104048 allow icmp from any to any icmptypes 3,4,11
02400 0 0 allow ipv6-icmp from any to any ip6 icmp6types 3
02500 18777 23476935 allow tcp from 192.168.0.0/16 to me
65000 1795 424041 count ip from any to any
65100 1371 269257 deny { tcp or udp } from any to any dst-port
111,137,138,513 in
65200 424 154784 deny { tcp or udp } from 192.168.0.0/16 to me
65300 0 0 deny ip from any to 255.255.255.255
65400 0 0 deny ip from any to 224.0.0.0/24 in
65500 0 0 deny udp from any to any dst-port 520 in
65500 0 0 deny tcp from any 80,443 to any dst-port 1024-65535 in
65500 0 0 deny log logamount 5000 ip from any to any
65535 0 0 deny ip from any to any
[root@kabini1, /etc, 9:10:10am] 341 %
w/ port 513 obviously being denied. However, I don't know where that is
happening :-/ & I thought rule 02500 would let all local traffic through
....
>
> If so, you possibly want to use the -a switch on both ruptime and rwho.
>
> cheers, Ian
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
>
--
William A. Mahaffey III
----------------------------------------------------------------------
"The M1 Garand is without doubt the finest implement of war
ever devised by man."
-- Gen. George S. Patton Jr.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?54564AEB.2000701>