I am running a logstash shipper, rsyslog sends logs to logstash on port 5140, I can confirm the packets are arriving with:
tcpdump -vvv -A -i any port 5140
I have logstash configured like so:
input {
udp {
type => "syslog"
port => 5140
}
}
filter { }
output {
stdout {
codec => rubydebug
}
redis {
host => "172.30.114.151"
key => "logstash"
port => "6379"
data_type => "list"
}
}
I have also tried the following on for the input:
input {
syslog {
port => 5140
}
}
Which netstat shows tcp Listen but not udp.
I have disabled ipv6 for logstash with the following flag:
_JAVA_OPTIONS: -Djava.net.preferIPv4Stack=true
When I run:
netstat -tulpan
I get:
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1191/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2135/master
tcp 0 0 0.0.0.0:514 0.0.0.0:* LISTEN 7593/rsyslogd
tcp 0 0 172.26.33.182:22 172.30.230.152:47975 ESTABLISHED 2260/sshd:
tcp 0 0 172.26.33.182:22 172.30.230.151:42811 ESTABLISHED 6781/sshd:
tcp6 0 0 :::22 :::* LISTEN 1191/sshd
tcp6 0 0 :::4440 :::* LISTEN 1296/java
tcp6 0 0 ::1:25 :::* LISTEN 2135/master
tcp6 0 0 :::514 :::* LISTEN 7593/rsyslogd
udp 0 0 0.0.0.0:5140 0.0.0.0:* 8499/java
udp 0 0 0.0.0.0:37934 0.0.0.0:* 653/avahi-daemon: r
udp 0 0 0.0.0.0:5353 0.0.0.0:* 653/avahi-daemon: r
Process 8499 is logstash. I have tried running as root and as well as other ports. I cannot seem to get logstash to "listen" on udp
I have also confirmed that the port is open and working with:
telnet <ipaddress> 5140
Selinux is disabled:
sestatus
SELinux status: disabled
I need some help with this. I have searched and searched. I have looked into every other solution I have come across with no luck. This may seem like a duplicate. However, the other solutions are not working for me. This is a centos installation. Have also tried ports 514, 10514 to no avail.
You have to allow the port in firewall as centos comes up with default firewall which doesn't allow traffic to get to logstash input
Allow traffic on a specific port by following command:
firewall-cmd --zone=public --add-port=2888/tcp
disable firewall or stop service with following command:
systemctl disable firewalld
systemctl stop firewalld
**Disabling firewall can be a security concern but for experimental purposes you can give it a try
Related
My kube-controller-managerkeeps staying on CrashLoopBackOff status.
I found this upon looking in the logs of the pod:
failed to create listener: failed to listen on 0.0.0.0:10252: listen tcp 0.0.0.0:10252: bind: address already in use
Then I stumbled upon this article who fortunately was able to find a fix for it. Where he killed the process using the port and restarted his kube-controller-manager pod. https://medium.com/#deepeshtripathi/kubernetes-controller-pod-crashloopbackoff-resolved-16aaa1c27cfc
So I did follow the steps he made. When I have tried to get into the master node to find which process is using this port, I can't see anything that uses it.
root#ip:/# netstat -tunlp | grep 1025
tcp6 0 0 :::10250 :::* LISTEN 1598/kubelet
tcp6 0 0 :::10251 :::* LISTEN 7472/kube-scheduler
tcp6 0 0 :::10255 :::* LISTEN 1598/kubelet
tcp6 0 0 :::10256 :::* LISTEN 5629/kube-proxy
Is there anyone else know any solution on how to fix this?
failed to create listener: failed to listen on 0.0.0.0:10252: listen tcp 0.0.0.0:10252: bind: address already in use
According to the error message port 10252 is in use. So need to stop listening on this port. You can do that by running
fuser -k 10252/tcp
I am trying to allow remote connections to postgresql on ubuntu 19, I first edited postgresql.conf, specifically the parameter listen_addresses, like this:
listen_addresses = '*' # what IP address(es) to listen on;
# comma-separated list of addresses;
# defaults to 'localhost'; use '*' for all
# (change requires restart)
port = 5432 # (change requires restart)
max_connections = 100 # (change requires restart)
as this tutorial says https://blog.bigbinary.com/2016/01/23/configure-postgresql-to-allow-remote-connection.html,
then I restarted the psql server with the following command:
$ service postgresql restart
Following, I edited pg_hba.conf file too adding these two lines at the very end:
host all all 0.0.0.0/0 md5
host all all ::/0 md5
restarted again the psql server. The tutorial says that this should be all but when I do the netstat -nlt command to see if it is already working, netstat shows the following information:
$ netstat -nlt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:1883 0.0.0.0:* LISTEN
tcp6 0 0 ::1:42545 :::* LISTEN
tcp6 0 0 ::1:631 :::* LISTEN
tcp6 0 0 :::1883 :::* LISTEN
when it shoudl be showing something like this, specifically on port 5432:
$ netstat -nlt
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 127.0.0.1:11211 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:5432 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:2812 0.0.0.0:* LISTEN
tcp6 0 0 ::1:11211 :::* LISTEN
tcp6 0 0 :::22 :::* LISTEN
tcp6 0 0 :::5432 :::* LISTEN
tcp6 0 0 ::1:25 :::* LISTEN
I have done some research and it might be something related with postgresql.auto.conf file overwriting the postgresql.conf file, but i could not get further since postgresql.auto.conf only shows this:
# Do not edit this file manually!
# It will be overwritten by the ALTER SYSTEM
I would appreciate some help about this issue, thanks.
Having a time trying to connect to a PostgreSQL database on Ubuntu 18.04 server.
Here is my:
postgresql.conf file:
port=5432
listen_addresses='*'
pg_hba.conf:
host all all 0.0.0.0/0 md5
firewall is currently disabled
here is the output when I did the command (saw in another thread to do this...):
sudo netstat -ltpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN 608/systemd-resolve
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 842/sshd
tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN 2922/postgres
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 1055/master
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 867/nginx: master p
tcp6 0 0 :::22 :::* LISTEN 842/sshd
tcp6 0 0 :::25 :::* LISTEN 1055/master
tcp6 0 0 :::80 :::* LISTEN
I have restarted postgresql each when making a change using the command:
sudo service postgresql restart.
I have tried to access the db using the python library psycopg2 on macOS and getting this error
could not connect to server: Connection refused
Is the server running on host "<ip_address>" and accepting
TCP/IP connections on port 5432?
What am I missing?
From the netstat output it is obvious that you didn't restart PostgreSQL after changing listen_addresses.
I'm struggling to configure Kafka's JMX to be exposed only on localhost. By default, when I start Kafka, it exposes three ports, whereas two of them are automatically bound to 0.0.0.0, meaning that they're accessible to everyone.
I managed to bind the broker itself to 127.0.0.1 (because I only need it locally), but the JMX ports are really giving me headaches.
I have to following env vars defined:
export JMX_PORT=${JMX_PORT:-9999}
export KAFKA_JMX_OPTS="-Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.rmi.port=$JMX_PORT -Dcom.sun.management.jmxremote.port=$JMX_PORT -Dcom.sun.management.jmxremote=true -Djava.rmi.server.hostname=127.0.0.1 -Djava.net.preferIPv4Stack=true"
If I now look at the bound ports/ips, I see this:
$ netstat -tulpn | grep 9864
tcp 0 0 0.0.0.0:9999 0.0.0.0:* LISTEN 9864/java
tcp 0 0 0.0.0.0:44895 0.0.0.0:* LISTEN 9864/java
tcp 0 0 127.0.0.1:9092 0.0.0.0:* LISTEN 9864/java
meaning that JMX listens on 0.0.0.0, and there's even another open port 44895 which I don't know its purpose.
What I'd like to achieve is that Kafka ports are only opened on 127.0.0.1. Can anybody give a hint? Thanks in advance!
EDIT:
I was partially successful by adding -Dcom.sun.management.jmxremote.host=localhost, but there's still one open port exposed on 0.0.0.0:
$ netstat -tulpn | grep 12789
tcp 0 0 127.0.0.1:9999 0.0.0.0:* LISTEN 12789/java
tcp 0 0 0.0.0.0:43513 0.0.0.0:* LISTEN 12789/java
tcp 0 0 127.0.0.1:9092 0.0.0.0:* LISTEN 12789/java
I just managed to make Kafka only listen to the defined broker port, and disabling JMX altogether:
export KAFKA_JMX_OPTS="-Djava.rmi.server.hostname=localhost -Djava.net.preferIPv4Stack=true"
When starting a fresh Kafka 1.1.0 broker on Ubuntu, I initially saw two open ports:
$ netstat -tulpn | grep 19894
tcp6 0 0 :::40487 :::* LISTEN 19894/java
tcp6 0 0 127.0.0.1:9092 :::* LISTEN 19894/java
After setting the above environment variable in the kafka-server-start.sh file, the second port is no longer opened:
$ netstat -tulpn | grep :9092
tcp 0 0 127.0.0.1:9092 0.0.0.0:* LISTEN 20345/java
$ netstat -tulpn | grep 20345
tcp 0 0 127.0.0.1:9092 0.0.0.0:* LISTEN 20345/java
just
export KAFKA_JMX_OPTS="-Djava.rmi.server.hostname=localhost"
is enough
I have postgreSQL runiing on my google cloud instance and i added firewall rule "tcp 5432" on Google cloud firewall but still i am unable to connect, even telnet is not working.
officetaskpy#instance-1:/etc/postgresql/9.5/main$ netstat -ntpl
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:5910 0.0.0.0:* LISTEN 9020/Xvnc
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:5432 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:44801 0.0.0.0:* LISTEN 16023/phantomjs
tcp 0 0 0.0.0.0:53619 0.0.0.0:* LISTEN 812/phantomjs
tcp6 0 0 :::22 :::* LISTEN -
tcp6 0 0 :::5432 :::* LISTEN -
Result of netstat command
Above is my firewall rule. Is there anything which i am missing here.