perfsonar-user - Re: [perfsonar-user] SSH Port and updates override local configuration
Subject: perfSONAR User Q&A and Other Discussion
List archive
- From: Joseph Ghobrial <>
- To: Andrew Lake <>
- Cc:
- Subject: Re: [perfsonar-user] SSH Port and updates override local configuration
- Date: Tue, 12 Sep 2017 11:10:53 -0500
- Ironport-phdr: 9a23:3ERyzhcpJvWzlitJaIISoCKllGMj4u6mDksu8pMizoh2WeGdxcS7Yh7h7PlgxGXEQZ/co6odzbGH4+a4ASQp2tWoiDg6aptCVhsI2409vjcLJ4q7M3D9N+PgdCcgHc5PBxdP9nC/NlVJSo6lPwWB6nK94iQPFRrhKAF7Ovr6GpLIj8Swyuu+54Dfbx9GiTe5Yr5+Ngm6oRnMvcQKnIVuLbo8xAHUqXVSYeRWwm1oJVOXnxni48q74YBu/SdNtf8/7sBMSar1cbg2QrxeFzQmLns65Nb3uhnZTAuA/WUTX2MLmRdVGQfF7RX6XpDssivms+d2xSeXMdHqQb0yRD+v6bpgRh31hycdLzM28m/XhMx+gqxYvRyvuQBwzpXOb42JLvdzZL/Rcc8YSGdHQ81fVzZBAoS5b4YXC+QBOv1YoJflp1sOsBCwBAmsBOT0xT9Sh3/5x6k62PkmHAHE0wwgH9UOv2/OrNX0LqgSVfu4zLPJzTrfcfxawyny55XVch04p/yHQLx+cc3UyUY1FgPFiE2dqZT7MDOP2OQNqG+b7+x6WuK1kWInrR9+oiS3ysc2i4nGmpwaxkra+ipk3YY4I8CzRk1jYdO8Dpddtj2WOolzT8MsQGxnozo2x7gJtJKnYCQF1ZEqyALDZ/OadoWF5wzvWeifLDp+mXlrYqiwhwyo/kil0uD8Vte70FJNriddl9nDrHEN1xjK5sieVvtx4l6t2DmR2w3d5OxIO080la3cK54uxr4/iIAfvljEHi/zgEn2jamWeVs4+uWw9ejqY6nqq52ZOo96iQzxKbgil8mwDOgkLgQBQm2W9vig2LL++ED0RatGg/M4n6XBtZDVP8Ubpqq3Aw9P1YYj7g6yDzWp0NgGg3UKN0hFeBObgIf3IV3BPu33Deqnj1S2jDhr3+zGPqHmApjVNnjMjq3hfbhm605bzgo818pf64tJCrEaPv3zQFT8tNjZDh8iLwy02PjrBM981oMYRWKAHLWZMKXMvl+U+O4jOfeDa5IIuGW1F/9wzvjil3Im0XsUfqThiZIRZGGQE+8gJUiFNynCmNAEREUNpQcmTKTFiFqISz9aYz7mXa084TshCYuiJZ3CTY3rjbCcinToVqZKb3xLXwjfWUzjcJ+JDq8B
Hi Andy, how does that relate to the first jump rule to perfSONAR? Will an update again move that rule to the first rule on the INPUT chain? If so then I'll always run into this. Just wanted to make sure I understand that if I insert something before the perfSONAR jump in the INPUT chain that it will remain where it is and not move up again thus overriding my rules.
Thanks,
Joseph
--
Joseph Ghobrial
Systems Analyst II
Office of Information Technology
Rice University
Joseph Ghobrial
Systems Analyst II
Office of Information Technology
Rice University
jghobrial@ rice.edu
x5190
On Mon, Sep 11, 2017 at 11:10 AM, Andrew Lake <> wrote:
Hi,TL;DR: Leave the perfSONAR chain alone and add your rules in a chain of higher priority.Hope that helps,Andy
On September 11, 2017 at 11:40:42 AM, Joseph Ghobrial () wrote:
Hi, I prefer to have my SSH port accessible to a restricted set of addresses, however the default perfSONAR iptables rules allows ssh from anywhere overriding my rules. How do I change the default behavior such that perfSONAR updates exclude including the builtin SSH rule? Or how do I change the default rule to be the way I want it?Thanks,Joseph
--
Joseph Ghobrial
Systems Analyst II
Office of Information Technology
Rice Universityjghobrial@ rice.edux5190
- [perfsonar-user] SSH Port and updates override local configuration, Joseph Ghobrial, 09/11/2017
- Re: [perfsonar-user] SSH Port and updates override local configuration, Andrew Lake, 09/11/2017
- Re: [perfsonar-user] SSH Port and updates override local configuration, Joseph Ghobrial, 09/12/2017
- Re: [perfsonar-user] SSH Port and updates override local configuration, Andrew Lake, 09/12/2017
- Re: [perfsonar-user] SSH Port and updates override local configuration, Joseph Ghobrial, 09/12/2017
- Re: [perfsonar-user] SSH Port and updates override local configuration, Andrew Lake, 09/11/2017
Archive powered by MHonArc 2.6.19.