Red Hat Bugzilla – Bug 330741
upsd ignoring ACL in upsd.conf
Last modified: 2007-11-30 17:12:18 EST
Description of problem: The machine has just been updated from FC5 to F7. The config for the ups service was not changed. Now that the machine is running 2.0.5 it rejects all connections on the external interface, but accepts localhost connections. Previously it would accept connections from the list of acceptable addresses in upsd.conf, now that list seems to be ignored. Version-Release number of selected component (if applicable): nut-2.0.5-5 nut-client-2.0.5-5 How reproducible: Every time.
Created attachment 226451 [details] upsd.conf
I've tried to upgrade nut-2.0.3-2.1 (FC-6; FC-5 is EOLed already) to nut-2.0.5-5 and do nothing but service ups restart. Everything works the same as before. Please try to examine your system a bit closer. Are you sure that the IP tables configuration has not been altered during upgrade? What does the upsc output on the client side look like? What does upsd log in /var/log/messages during the unsuccessful connection attempt?
There is no firewall or hosts.[allow|deny] in force. The connection test was done locally with telnet. It was also done against another port which should also have been accepting on both localhost and the ethernet IP address, this was fine. The thing I am worried about is if the ipv6 system is getting in the way. I have no use for it, but it is still there, despite having switched it off in the ifcfg-ethX files. The reason I am wondering about this is the error message: upsd[1992]: Rejecting TCP connection from ::ffff:10.103.15.50
In addition, the telnet session is at first accepted and then emmediately dropped. This suggests that it is the application itself that is doing the dropping. # telnet zebedee nut Trying 10.103.15.50... Connected to zebedee. Escape character is '^]'. Connection closed by foreign host.
Seems that it's indeed the IPv6 support that breaks things. If you don't need IPv6 you may pass the '-4' parameter to upsd on startup: Edit /etc/sysconfig/ups and change the line with upsd options to: UPSD_OPTIONS=-4 Then restart ups service and please let me know whether that solves your problem.
It does indeed. Nagios might even stop bugging me now :) Thanks.
nut-2.0.5-6 has been pushed to the Fedora 7 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update nut'
nut-2.0.5-6 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.