[Nut-upsuser] Upgraded nut & now remote monitors can't connect.

Forest Bond forest at alittletooquiet.net
Thu May 22 01:22:46 UTC 2008


Hi,

On Wed, May 21, 2008 at 09:14:42PM -0400, Charles Lepple wrote:
> On Wed, May 21, 2008 at 7:43 PM, Forest Bond <forest at alittletooquiet.net> wrote:
> > On Wed, May 21, 2008 at 07:39:26PM -0400, Charles Lepple wrote:
> >> On Wed, May 21, 2008 at 7:28 PM, Forest Bond <forest at alittletooquiet.net> wrote:
> >> > Hi,
> >> >
> >> > On Wed, May 21, 2008 at 06:37:43PM -0400, Charles Lepple wrote:
> >> >> On Wed, May 21, 2008 at 1:31 PM, Forest Bond <forest at alittletooquiet.net> wrote:
> >> >>> Hi,
> >> >>>
> >> >>> I upgraded nut on one of my servers, and now the upsmon on a different
> >> >>> server can't connect.  I see errors like this:
> >> >>>
> >> >>> May 21 13:29:27 devserver upsmon[877]: Set username on [tripplite at logicserver] failed: Server disconnected
> >> >>> May 21 13:29:32 devserver upsmon[877]: Poll UPS [tripplite at logicserver] failed - Write error: Bad file descriptor
> >> >>>
> >> >>> I have Ubuntu 8.04 on the server hosting the UPS, and Ubuntu 7.10 on the
> >> >>> server that is unable to connect.  I've upgraded nut on both machines to
> >> >>> 2.2.1.
> >> >>
> >> >> What do the server logs say?
> >> >
> >> > May 21 19:22:50 logicserver upsd[28316]: Rejecting TCP connection from 192.168.2.251
> >>
> >> Do you have ACL statements in upsd.conf?
> >
> > --------------------------------------------------------------------------------
> > # Network UPS Tools: example upsd configuration file
> > #
> > # This file contains access control data, you should keep it secure.
> > #
> > # It should only be readable by the user that upsd becomes.  See the FAQ.
> >
> > ACL all 0.0.0.0/0
> > ACL localhost 127.0.0.1/32
> >
> > ACCEPT localhost
> > ACCEPT all
> > #REJECT all
> 
> Ah. A bug with /0 netmasks was fixed in 2.2.2:
> 
> http://boxster.ghz.cc/projects/nut/changeset/1269

Ah, indeed.  I was just on my way to build a 2.2.2 .deb.

> This may look a bit odd, but I just successfully tested this syntax:
> 
> ACL all0 0.0.0.0/1
> ACL all128 128.0.0.0/1
> ACCEPT all0
> ACCEPT all128
> 
> (Starting upsd with "-DDD" shows ACL matching rules.)
> 
> Note that we are planning on dropping the ACL functionality after
> v2.2.x in favor of the LISTEN directive (with finer ACL granularity
> being handled by the OS firewall rules).

I can look into this.  Is it supported in my version?

Thanks,
Forest
-- 
Forest Bond
http://www.alittletooquiet.net
http://www.pytagsfs.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/nut-upsuser/attachments/20080521/56ed0bab/attachment.pgp 


More information about the Nut-upsuser mailing list