perfSONAR User Q&A and Other Discussion

["Roderick Mooi" <>]

Greetings again

I noticed 2 changes to bwctld.conf (from my previous configuration at least):
1. facility local5 - commented out and now defaults to daemon. Not sure what 
that means?
2. owamp_port 5601-5900. This is new. Though I understand it (similar to the 
other port ranges) I wasn't expecting it in bwctld.conf. Be sure to add it to 
yours if you want the increased port range...

Thanks!

Regards,

Roderick


>>> On 2014-02-05 at 14:27, "Roderick Mooi" 
>>> <>
>>>  wrote:
> Hi
> 
> Just upgraded two of my servers and looking good so far (test are running 
> ;)). Some quirks though:
> 1. reboot after upgrading (this may be obvious but if you don't it's 
> unhappy...)
> 2. toolkit/gui/psTracerouteViewer/index.cgi:
> Software error:
> Cannot determine local time zone
> ~]$ date
> Wed Feb  5 14:16:18 SAST 2014
> 
> Things I like:
> 1. The security improvements: iptables, fail2ban and NTP vulnerability fix 
> - 
> great work!
> 2. bwctl got updated to v1.5.1. - hopefully that will make some of my 
> previous problems disappear...
> 
> Thanks!
> 
> Roderick
> 
>>>> On 2014-02-03 at 22:25, Andrew Lake 
>>>> <>
>>>>  wrote:
>> Hi all,
>> 
>> A new version of the perfSONAR-PS Toolkit is now available. perfSONAR-PS 
>> Toolkit v3.3.2 is primarily a bug fix release with a few new 
>> security-related 
> 
>> enhancments. Full release notes are available here:  
>> http://psps.perfsonar.net/toolkit/releasenotes/pspt-3_3_2.html 
>> 
>> Notable additions this release are the following security updates:
>> - The Toolkit now installs a default set of iptables rules. For a full 
>> list 
>> of details including the allowed ports see the release notes. If you are 
>> already running iptables, you may need to manually add back some rules 
>> from 
>> an automatic backup the update will create.
>> - We have included the package fail2ban by default which will log 
>> suspicious 
>> activity such as brute force attempts to gain SSH access to a host
>> - We have updated the default NTP configuration to prevent amplification 
>> attacks. This automatically adds configuration changes detailed by Jason 
>> Zurawski in his January 9, 2014 email to the perfsonar users lists 
>> detailing 
> 
>> this issue.
>> 
>> Those upgrading from a previous version of the NetInstall (including 3.3.2 
>> release candidates) may run 'yum update' to get the latest changes. For 
>> first-time NetInstall users, LiveCD users, and LiveUSB users disc images 
>> may 
>> be downloaded at the following link: 
>> http://software.internet2.edu/pS-Performance_Toolkit/ 
>> 
>> Full installation and configuration instructions can be found here: 
>> http://code.google.com/p/perfsonar-ps/wiki/pSPerformanceToolkit33 
>> 
>> As a reminder, we are dropping support for versions older than 
>> perfSONAR-PS 
>> Toolkit 3.3 on March 28, 2014. It is highly recommended you upgrade to the 
>> latest version of the Toolkit before then. Special instructions for 
> upgrading 
>> from 3.2.2(or older) to version 3.3.X can be found at the following link 
>> since the migration from CentOS 5 to CentOS 6 requires additional steps: 
>> http://code.google.com/p/perfsonar-ps/wiki/pSPerformanceToolkit33UpgradeGuide
>>  
> 
>> 
>> Please let us know if you have any questions and we look forward to 
>> everyone's continued feedback and support!
>> 
>> Thank you,
>> The perfSONAR-PS Development Team
>> -- 
>> This message is subject to the CSIR's copyright terms and conditions, 
>> e-mail 
>> legal notice, and implemented Open Document Format (ODF) standard. 
>> The full disclaimer details can be found at 
>> http://www.csir.co.za/disclaimer.html.
>> 
>> This message has been scanned for viruses and dangerous content by 
>> MailScanner, 
>> and is believed to be clean.
>> 
>> Please consider the environment before printing this email.
> 
> 
> -- 
> This message is subject to the CSIR's copyright terms and conditions, 
> e-mail 
> legal notice, and implemented Open Document Format (ODF) standard. 
> The full disclaimer details can be found at 
> http://www.csir.co.za/disclaimer.html.
> 
> This message has been scanned for viruses and dangerous content by 
> MailScanner, 
> and is believed to be clean.
> 
> Please consider the environment before printing this email.

-- 
This message is subject to the CSIR's copyright terms and conditions, e-mail 
legal notice, and implemented Open Document Format (ODF) standard. 
The full disclaimer details can be found at 
http://www.csir.co.za/disclaimer.html.

This message has been scanned for viruses and dangerous content by 
MailScanner, 
and is believed to be clean.

Please consider the environment before printing this email.