[Nut-upsuser] Client behind firewall

Arjen de Korte nut+users at de-korte.org
Mon Dec 11 17:21:15 CET 2006


> Only if you do something like broadcasting server status via UDP and don't
> listen for replies, it might make a difference. In that case, one might
> place the UPS master on the internal network and forward the broadcast
> packets to the DMZ. There would be no communication from DMZ to internal
> network, so security is not compromized in any way. But in that case, it
> would be impossible to wait for slaves to shutdown before the master takes
> the UPS down. And on a network with multiple UPS'es, the traffic would
> explode, since you would have to broadcast the full server state (and all
> variables) as there is no way to know when slaves start listening.
>
> To facilitate configurations like the one mentioned, we might add a
> 'ups.status' broadcast mode in upsd and provide an additional
> 'listen-only' mode in upsmon, but I certainly wouldn't recommend such a
> setup.

s/broadcast/multicast/g

Best regards, Arjen




More information about the Nut-upsuser mailing list