[Nut-upsuser] Help with failing Nut slave/client connection

Jonah Naylor jonahnaylor at gmail.com
Sat Oct 15 15:02:13 UTC 2016


HI again, Sorry I didn't mean to cause a security debate.

I'd like things to be secure of course, but I've got a dilema that I don't
use DHCP and instead have a block of static IPs from my ISP.

So my nut server has 68.68.452.02 for example

and my two slave clients have 68.68.452.03 and .04

ideally I'd like to allow access for the whole static IP block to access
the nut server machine.

I've tried all sorts in the nut.conf upsd.users and other config files but
just can't get it to work.

Any advice or help would be really appreciated.

Thank you :)

On 14 September 2016 at 03:34, Tim Dawson <tadawson at tpcsvc.com> wrote:

> Tough to get a spoofed IP to actually route back to it's host though, so
> other than those unfortunate to be on a flat network, still not too much of
> an issue . . .
>
> - Tim
>
> On 09/12/2016 04:46 PM, Stuart D. Gathman wrote:
>
>> On Mon, 12 Sep 2016, Tim Dawson wrote:
>>
>> Or just set up sane firewall rules to allow the two to talk, but block
>>> external traffic. I have run this way for years - all add'rs ar IANA in a
>>> subnet block, and just that block is open locally, and all other external
>>> IP's severely restricted, and NUT works great . . .
>>>
>>
>> Yeah, but IANA ips are easy to spoof.  With cjdns, you allow just the
>> cjdns IPs to connect to nut (or whatever) and they can't be spoofed.
>> You can even use telnet over cjdns ips.  :-)
>>
>>
> --
> Tim Dawson
>
> 972-567-9360
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/nut-upsuser/attachments/20161015/ac1c867c/attachment.html>


More information about the Nut-upsuser mailing list