Actions
Bug #747
closedsrv_firewalling: invalid port/service `ircd-aux'/`ircd-ssl' specified (Toushirou)
Start date:
2021-12-14
Due date:
% Done:
100%
Estimated time:
Patch Available:
Yes
Confirmed:
Yes
Branch:
dc-irconweb_define_ircd_services
Entity:
DuckCorp
Security:
Help Needed:
Description
This errors seem unexpected:
Dec 13 13:18:38 Toushirou srv_firewalling[1148]: iptables v1.8.7 (nf_tables): invalid port/service `ircd-aux' specified Dec 13 13:18:38 Toushirou srv_firewalling[1148]: Try `iptables -h' or 'iptables --help' for more information. Dec 13 13:18:38 Toushirou srv_firewalling[1152]: iptables v1.8.7 (nf_tables): invalid port/service `ircd-ssl' specified Dec 13 13:18:38 Toushirou srv_firewalling[1152]: Try `iptables -h' or 'iptables --help' for more information.
Updated by Pierre-Louis Bonicoli almost 2 years ago
- Category set to System :: Base
- Status changed from New to In Progress
- % Done changed from 0 to 50
- Confirmed changed from No to Yes
ircd-aux
and irc-ssl
services are defined within dc-irc
role for irc_servers
Ansible group only.
Updated by Pierre-Louis Bonicoli almost 2 years ago
- % Done changed from 50 to 70
- Patch Available set to Yes
- Branch set to dc-irconweb_define_ircd_services
Updated by Pierre-Louis Bonicoli almost 2 years ago
- Assignee set to Marc Dequènes
@Marc Dequènes Does this patch look ok to you?
On second thoughts, should not the ircd-aux
and ircd-ssl
firewall INPUT
rules be removed from toushirou:/etc/mp-admin/firewalling
instead?
Updated by Anonymous almost 2 years ago
- Status changed from In Progress to Resolved
- % Done changed from 70 to 100
Applied in changeset duckcorp-infra|27c9761f004ed130be440578fae7ac772bc26dbc.
Updated by Pierre-Louis Bonicoli almost 2 years ago
duckcorp-infra|2220b907b64361551874297ca1b627a9f063c9de applied using:
$ ansible-playbook -l Toushirou playbooks/common.yml --diff -vv --tags firewalling [...] TASK [dc-base : Install firewalling configuration] *** task path: /srv/share/src/duckcorp/duckcorp-infra.git/ansible/roles/dc-base/tasks/firewalling.yml:57 Wednesday 15 December 2021 09:55:13 +0100 (0:00:00.649) 0:00:14.571 **** NOTIFIED HANDLER dc-base : Restart Firewalling for Toushirou --- before: /etc/mp-admin/firewalling +++ after: /home/lilou/.ansible/tmp/ansible-local-2576352j085r4eo/tmpylpmovr1/Toushirou @@ -21,7 +21,7 @@ # Services available on the Hivane interface only, IPv4/IPv6 declare -A HIVANE=( ["IFACE"]="eth-wan-hivane" - ["SRV_TCP"]="smtp smtps submission imap2 imaps pop3 pop3s sieve ircd ircd-aux ircd-ssl ftp http https git ldap ldaps dict ${FTP_PASSV} ${LXD} ${PROM_EXP_EXP}" + ["SRV_TCP"]="smtp smtps submission imap2 imaps pop3 pop3s sieve ircd ftp http https git ldap ldaps dict ${FTP_PASSV} ${LXD} ${PROM_EXP_EXP}" ["SRV_UDP"]="" ) changed: [Toushirou] => changed=true checksum: c29567c5da98ae2c1aefd254aebfc988199db5bd dest: /etc/mp-admin/firewalling gid: 0 group: root md5sum: 2c7480cf34d4db87bb8b5a2ccc325658 mode: '0640' owner: root size: 2490 src: /tmp/.ansible-root/tmp/ansible-tmp-1639558513.5854077-2577692-18704628854307/source state: file uid: 0 [...] RUNNING HANDLER [dc-base : Restart Firewalling] *** task path: /srv/share/src/duckcorp/duckcorp-infra.git/ansible/roles/dc-base/handlers/main.yml:21 Wednesday 15 December 2021 09:55:22 +0100 (0:00:00.093) 0:00:23.157 **** changed: [Toushirou] => changed=true name: dc_firewalling state: started [...] PLAY RECAP *** Toushirou : ok=13 changed=2 unreachable=0 failed=0 skipped=2 rescued=0 ignored=0 Playbook run took 0 days, 0 hours, 0 minutes, 24 seconds Wednesday 15 December 2021 09:55:23 +0100 (0:00:01.518) 0:00:24.675 ****
Actions