From owner-freebsd-questions@FreeBSD.ORG Sun Nov 2 15:10:48 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C6EFCB1C for ; Sun, 2 Nov 2014 15:10:48 +0000 (UTC) Received: from fly.hiwaay.net (fly.hiwaay.net [216.180.54.1]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8D8FFEED for ; Sun, 2 Nov 2014 15:10:48 +0000 (UTC) Received: from kabini1.local (rbn1-216-180-76-94.adsl.hiwaay.net [216.180.76.94]) (authenticated bits=0) by fly.hiwaay.net (8.13.8/8.13.8/fly) with ESMTP id sA2FAiis013319 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO) for ; Sun, 2 Nov 2014 09:10:46 -0600 Message-ID: <54564AEB.2000701@hiwaay.net> Date: Sun, 02 Nov 2014 09:16:59 -0600 From: "William A. Mahaffey III" User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0 MIME-Version: 1.0 CC: freebsd-questions@freebsd.org Subject: Re: Minor rpc question .... References: <20141103012236.X52402@sola.nimnet.asn.au> In-Reply-To: <20141103012236.X52402@sola.nimnet.asn.au> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Nov 2014 15:10:48 -0000 On 11/02/14 08:45, Ian Smith wrote: > In freebsd-questions Digest, Vol 543, Issue 7, Message: 3 > On Sat, 01 Nov 2014 19:04:29 -0500 "William A. Mahaffey III" wrote: > > .... I have ruptime installed & running on my LAN boxen. When I query > > from various boxen, such as an Intel Q6600 based server, I see: > > > > [wam@Q6600, ~, 6:59:57pm] 1173 % ruptime > > INDIGO down ??:?? > > Opty165A down 976+08:10 > > Q6600 up 298+09:30, 6 users, load 0.13, 0.07, 0.06 > > V8 down ??:?? > > athloncube up 44+22:38, 4 users, load 0.08, 0.03, 0.05 > > centos-5 up 41+09:48, 3 users, load 0.03, 0.04, 0.01 > > kabini1 up 0:25, 1 user, load 0.02, 0.21, 0.26 > > opty165a up 298+09:30, 0 users, load 0.00, 0.00, 0.00 > > [wam@Q6600, ~, DING!] 1174 % > > > > However, when I query from this box, I see: > > > > [wam@kabini1, ~, 6:44:52pm] 297 % ruptime > > kabini1 up 0:25, 1 user, load 0.02, 0.21, 0.26 > > [wam@kabini1, ~, DING!] 298 % > > > > i.e. only this box shows up. I expect to see at least other > > still-running boxen listed, maybe not defunct (such as V8 & INDIGO) .... > > Config issue ? Bug ? Pilot error ? Please advise .... > > > > BTW: > > > > [root@kabini1, /etc, 6:51:24pm] 323 % uname -a > > FreeBSD kabini1.local 9.3-RELEASE-p3 FreeBSD 9.3-RELEASE-p3 #0: Mon Oct > > 20 15:08:33 UTC 2014 > > root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64 > > [root@kabini1, /etc, 7:04:07pm] 324 % > > Just checking: you have 'rwhod_enable="YES"' in /etc/rc.conf, rwhod(8) > is running, and port 513/udp traffic is open both ways in any firewall? Yes, yes, & .... not sure. I disabled logging of firewall traffic on ports 111,137,138 & 513 in my rc.conf (they were swamping my log file). I just changed that logging to allow port 513. I see no mention of that port or service-by-name in my ipfw file, which is the box-stock file w/ mods to allow NFS, otherwise supposedly stock workstation. see: [root@kabini1, /etc, 9:07:35am] 340 % ipfw show 00100 704 110724 allow ip from any to any via lo0 00200 0 0 deny ip from any to 127.0.0.0/8 00300 0 0 deny ip from 127.0.0.0/8 to any 00400 0 0 deny ip from any to ::1 00500 0 0 deny ip from ::1 to any 00600 0 0 allow ipv6-icmp from :: to ff02::/16 00700 0 0 allow ipv6-icmp from fe80::/10 to fe80::/10 00800 2 152 allow ipv6-icmp from fe80::/10 to ff02::/16 00900 0 0 allow ipv6-icmp from any to any ip6 icmp6types 1 01000 0 0 allow ipv6-icmp from any to any ip6 icmp6types 2,135,136 01100 0 0 check-state 01200 11697 679930 allow tcp from me to any established 01300 112670 62773943 allow tcp from me to any setup keep-state 01400 21809 1723308 allow udp from me to any keep-state 01500 127 12036 allow icmp from me to any keep-state 01600 0 0 allow ipv6-icmp from me to any keep-state 01700 0 0 allow udp from 0.0.0.0 68 to 255.255.255.255 dst-port 67 out 01800 0 0 allow udp from any 67 to me dst-port 68 in 01900 0 0 allow udp from any 67 to 255.255.255.255 dst-port 68 in 02000 0 0 allow udp from fe80::/10 to me dst-port 546 in 02100 1 148 allow icmp from any to any icmptypes 8 02200 0 0 allow ipv6-icmp from any to any ip6 icmp6types 128,129 02300 1858 104048 allow icmp from any to any icmptypes 3,4,11 02400 0 0 allow ipv6-icmp from any to any ip6 icmp6types 3 02500 18777 23476935 allow tcp from 192.168.0.0/16 to me 65000 1795 424041 count ip from any to any 65100 1371 269257 deny { tcp or udp } from any to any dst-port 111,137,138,513 in 65200 424 154784 deny { tcp or udp } from 192.168.0.0/16 to me 65300 0 0 deny ip from any to 255.255.255.255 65400 0 0 deny ip from any to 224.0.0.0/24 in 65500 0 0 deny udp from any to any dst-port 520 in 65500 0 0 deny tcp from any 80,443 to any dst-port 1024-65535 in 65500 0 0 deny log logamount 5000 ip from any to any 65535 0 0 deny ip from any to any [root@kabini1, /etc, 9:10:10am] 341 % w/ port 513 obviously being denied. However, I don't know where that is happening :-/ & I thought rule 02500 would let all local traffic through .... > > If so, you possibly want to use the -a switch on both ruptime and rwho. > > cheers, Ian > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > -- William A. Mahaffey III ---------------------------------------------------------------------- "The M1 Garand is without doubt the finest implement of war ever devised by man." -- Gen. George S. Patton Jr.