[BlueOnyx:17621] Re: dFix/dFix2 problems
Chris Gebhardt - VIRTBIZ Internet
cobaltfacts at virtbiz.com
Sun May 17 16:57:16 -05 2015
Hi Alberto,
On 5/17/2015 1:58 PM, Alberto Paglino wrote:
> I have problems activating SNMP on a 5208 BO server.
>
> As soon as PRTG network monitor starts to check my BO server, dfix2 puts
> the scanning host in IPtables as blocked and I can’t monitor my BO server.
> I tried to add the ip in hosts.allow, without success. I tried also to
> logon using ssh into BO server from SNMP scanner, hoping in the auto
> white list feature, one more time without success.
dfix does not use or reference /etc/hosts.allow (at least, not to my
knowledge) so it is logical that placing the IP into /etc/hosts.allow
did not solve your trouble.
> How can I do?
I'm not a dfix user myself, but perhaps someone can weigh in on the
recommended method to whitelist an IP with dfix.
I am aware of another user who received some advice last year, which is
archived here:
https://www.mail-archive.com/blueonyx@mail.blueonyx.it/msg08578.html
This portion of the post from Michael Stauber may help you:
Usually DFIX2 uses access deny, but yours interfaces with the APF
firewall to dynamically generate (and remove) blocks for offending IP
addresses.
The rules for DFIX2 are located in /etc/sec/ and it logs events to
/var/log/sec
So you might want to do two things:
a.) Check /var/log/sec to see which rule triggered to block you. Then
you can either adjust the rule, or can see if the blocking happened for
more or less good reasons.
b.) Edit /etc/apf/allow_hosts.rules and (following the examples in it)
add your IP to the whitelisted IP address range.
Changes in the DFIX2 config files require DFIX2 to be restarted:
/sbin/service sec restart
Changes in the APF config files require that APF is restarted:
/sbin/service apf restart
--
Chris Gebhardt
VIRTBIZ Internet Services
Access, Web Hosting, Colocation, Dedicated
www.virtbiz.com | toll-free (866) 4 VIRTBIZ
More information about the Blueonyx
mailing list