1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<TITLE> [Mageia-sysadm] valstar is back
</TITLE>
<LINK REL="Index" HREF="index.html" >
<LINK REL="made" HREF="mailto:mageia-sysadm%40mageia.org?Subject=Re%3A%20%5BMageia-sysadm%5D%20valstar%20is%20back&In-Reply-To=%3C1288017192.2503.62.camel%40akroma.ephaone.org%3E">
<META NAME="robots" CONTENT="index,nofollow">
<META http-equiv="Content-Type" content="text/html; charset=us-ascii">
<LINK REL="Previous" HREF="000053.html">
<LINK REL="Next" HREF="000054.html">
</HEAD>
<BODY BGCOLOR="#ffffff">
<H1>[Mageia-sysadm] valstar is back</H1>
<B>Michael Scherer</B>
<A HREF="mailto:mageia-sysadm%40mageia.org?Subject=Re%3A%20%5BMageia-sysadm%5D%20valstar%20is%20back&In-Reply-To=%3C1288017192.2503.62.camel%40akroma.ephaone.org%3E"
TITLE="[Mageia-sysadm] valstar is back">misc at zarb.org
</A><BR>
<I>Mon Oct 25 16:33:12 CEST 2010</I>
<P><UL>
<LI>Previous message: <A HREF="000053.html">[Mageia-sysadm] mailling list subscription
</A></li>
<LI>Next message: <A HREF="000054.html">[Mageia-sysadm] valstar is back
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#46">[ date ]</a>
<a href="thread.html#46">[ thread ]</a>
<a href="subject.html#46">[ subject ]</a>
<a href="author.html#46">[ author ]</a>
</LI>
</UL>
<HR>
<!--beginarticle-->
<PRE>Hi,
so a quick report.
Valstar is back, thanks to Sylvain Rochet ( gradator ).
It seems that the firewall was misconfigurated.
So on 23/10/2010, I connected on the server to remove unused services
( avahi, mandi, dbus, etc ). I have also removed shorewall, as we
disabled it on all servers at the moment ( I am more familiar with a
regular iptables initscripts ).
Except that removing shorewall run service shorewall stop, which in turn
activate the firewall.
All servers except one ( valstar ) had shorewall correctly turned off by
Pascal ( maat ). I took care of valstar, but i just disabled the service
with chkconfig. So once I removed the package, it started to drop
everything in INPUT.
According to the logs, this happened around 15h30 CEST
Oct 23 15:28:59 valstar logger: Shorewall Stopped
Since I was still logged in, I didn't see anything wrong ( as I assume
that the firewall will not cut working connection )
But after that, trying to connect again showed me a error.
We ( dams and I ) decided to wait until monday ( as we couldn't do
anything when the DC was closed, and I was sick, so did maat ), and
discussed with gradator today, and decided that it was easiest to ask
for a reboot than to ask to maat to go to marseille this evening.
On 25/10/2010, at 15:30 ( again ), gradator looked at the server, see it
was a firewall issue, rebooted it without firewall and so the server is
now ok.
I inspected it, it work fine, there is no firewall rules loaded upon
startup so the problem should not repeat itself.
So, while I recognize I am at fault for this, I think that the shorewall
package have a unexpected side effect, and IMVHO, it should not setup a
restrictive firewall when we remove it ( and I do not say this only
because I am ashamed of causing the problem ).
In the future, how could we avoid problem like this ?
Easiest answer is to have servers with RAC, but we don't except on
alamut. I am not sure we can add one if we manage to get one.
Another solution is a serial cable. But this can be tricky to set up
( we did for zarb )
WDYT ?
--
Michael Scherer
</PRE>
<!--endarticle-->
<HR>
<P><UL>
<!--threads-->
<LI>Previous message: <A HREF="000053.html">[Mageia-sysadm] mailling list subscription
</A></li>
<LI>Next message: <A HREF="000054.html">[Mageia-sysadm] valstar is back
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#46">[ date ]</a>
<a href="thread.html#46">[ thread ]</a>
<a href="subject.html#46">[ subject ]</a>
<a href="author.html#46">[ author ]</a>
</LI>
</UL>
<hr>
<a href="https://www.mageia.org/mailman/listinfo/mageia-sysadm">More information about the Mageia-sysadm
mailing list</a><br>
</body></html>
|
