[BlueOnyx:17624] Re: dFix/dFix2 problems
Steve Davis
thezio at gmail.com
Mon May 18 17:29:30 -05 2015
I asked this same question several months ago.
Where are the allow and deny files for dfix?
They are not in /etc/sec on my 5208R . There is no /etc/sec
-----Original Message-----
From: blueonyx-bounces at mail.blueonyx.it [mailto:blueonyx-bounces at mail.blueonyx.it] On Behalf Of Chris Gebhardt - VIRTBIZ Internet
Sent: Sunday, May 17, 2015 4:57 PM
To: blueonyx at mail.blueonyx.it
Subject: [BlueOnyx:17621] Re: dFix/dFix2 problems
Hi Alberto,
On 5/17/2015 1:58 PM, Alberto Paglino wrote:
> I have problems activating SNMP on a 5208 BO server.
>
> As soon as PRTG network monitor starts to check my BO server, dfix2
> puts the scanning host in IPtables as blocked and I can’t monitor my BO server.
> I tried to add the ip in hosts.allow, without success. I tried also to
> logon using ssh into BO server from SNMP scanner, hoping in the auto
> white list feature, one more time without success.
dfix does not use or reference /etc/hosts.allow (at least, not to my
knowledge) so it is logical that placing the IP into /etc/hosts.allow did not solve your trouble.
> How can I do?
I'm not a dfix user myself, but perhaps someone can weigh in on the recommended method to whitelist an IP with dfix.
I am aware of another user who received some advice last year, which is archived here:
https://www.mail-archive.com/blueonyx@mail.blueonyx.it/msg08578.html
This portion of the post from Michael Stauber may help you:
Usually DFIX2 uses access deny, but yours interfaces with the APF firewall to dynamically generate (and remove) blocks for offending IP addresses.
The rules for DFIX2 are located in /etc/sec/ and it logs events to /var/log/sec
So you might want to do two things:
a.) Check /var/log/sec to see which rule triggered to block you. Then you can either adjust the rule, or can see if the blocking happened for more or less good reasons.
b.) Edit /etc/apf/allow_hosts.rules and (following the examples in it) add your IP to the whitelisted IP address range.
Changes in the DFIX2 config files require DFIX2 to be restarted:
/sbin/service sec restart
Changes in the APF config files require that APF is restarted:
/sbin/service apf restart
--
Chris Gebhardt
VIRTBIZ Internet Services
Access, Web Hosting, Colocation, Dedicated www.virtbiz.com | toll-free (866) 4 VIRTBIZ _______________________________________________
Blueonyx mailing list
Blueonyx at mail.blueonyx.it
http://mail.blueonyx.it/mailman/listinfo/blueonyx
More information about the Blueonyx
mailing list