[Nut-upsuser] One little thing not quite correct in my configuration
Charles Lepple
clepple at gmail.com
Wed Sep 9 23:49:19 UTC 2009
On Wed, Sep 9, 2009 at 11:16 AM, James Moody <moody at pfcusa.org> wrote:
> Are there other entries I need to add? All I want to do at this point is
> verify that 'upsc cyber' will work.
I forgot that 2.2.2 still required ACCEPT/REJECT:
'Any IP address which does not match one of your directives will default
to REJECT. This is intended to keep your system safe if you forget to
put "REJECT all" at the bottom.'
cf http://manpages.ubuntu.com/manpages/intrepid/en/man5/upsd.conf.5.html
The LISTEN directive limits connections at the kernel level, and
ACCEPT/REJECT are handled inside the NUT code. (The LISTEN directive
was also phased in after ACCEPT/REJECT.)
If you upgrade, note that current NUT now uses tcp_wrappers instead of
ACCEPT/REJECT. Similar functionality, but provided by a more
widely-known (and hopefully more secure) library.
--
- Charles Lepple
More information about the Nut-upsuser
mailing list