Hi, On Wed, May 21, 2008 at 09:14:42PM -0400, Charles Lepple wrote: > On Wed, May 21, 2008 at 7:43 PM, Forest Bond <[EMAIL PROTECTED]> wrote: > > On Wed, May 21, 2008 at 07:39:26PM -0400, Charles Lepple wrote: > >> On Wed, May 21, 2008 at 7:28 PM, Forest Bond <[EMAIL PROTECTED]> wrote: > >> > Hi, > >> > > >> > On Wed, May 21, 2008 at 06:37:43PM -0400, Charles Lepple wrote: > >> >> On Wed, May 21, 2008 at 1:31 PM, Forest Bond <[EMAIL PROTECTED]> wrote: > >> >>> Hi, > >> >>> > >> >>> I upgraded nut on one of my servers, and now the upsmon on a different > >> >>> server can't connect. I see errors like this: > >> >>> > >> >>> May 21 13:29:27 devserver upsmon[877]: Set username on [EMAIL > >> >>> PROTECTED] failed: Server disconnected > >> >>> May 21 13:29:32 devserver upsmon[877]: Poll UPS [EMAIL PROTECTED] > >> >>> failed - Write error: Bad file descriptor > >> >>> > >> >>> I have Ubuntu 8.04 on the server hosting the UPS, and Ubuntu 7.10 on > >> >>> the > >> >>> server that is unable to connect. I've upgraded nut on both machines > >> >>> to > >> >>> 2.2.1. > >> >> > >> >> What do the server logs say? > >> > > >> > May 21 19:22:50 logicserver upsd[28316]: Rejecting TCP connection from > >> > 192.168.2.251 > >> > >> Do you have ACL statements in upsd.conf? > > > > -------------------------------------------------------------------------------- > > # Network UPS Tools: example upsd configuration file > > # > > # This file contains access control data, you should keep it secure. > > # > > # It should only be readable by the user that upsd becomes. See the FAQ. > > > > ACL all 0.0.0.0/0 > > ACL localhost 127.0.0.1/32 > > > > ACCEPT localhost > > ACCEPT all > > #REJECT all > > Ah. A bug with /0 netmasks was fixed in 2.2.2: > > http://boxster.ghz.cc/projects/nut/changeset/1269
Ah, indeed. I was just on my way to build a 2.2.2 .deb. > This may look a bit odd, but I just successfully tested this syntax: > > ACL all0 0.0.0.0/1 > ACL all128 128.0.0.0/1 > ACCEPT all0 > ACCEPT all128 > > (Starting upsd with "-DDD" shows ACL matching rules.) > > Note that we are planning on dropping the ACL functionality after > v2.2.x in favor of the LISTEN directive (with finer ACL granularity > being handled by the OS firewall rules). I can look into this. Is it supported in my version? Thanks, Forest -- Forest Bond http://www.alittletooquiet.net http://www.pytagsfs.org
signature.asc
Description: Digital signature
_______________________________________________ Nut-upsuser mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/nut-upsuser
