PF configuration for munin

To: netbsd-users%NetBSD.org@localhost
Subject: PF configuration for munin
From: "三輪晋(Miwa Susumu)" <miwarin%gmail.com@localhost>
Date: Fri, 13 Jan 2012 22:54:57 +0900

hi all.

Please tell me PF configuration for munin (http://munin-monitoring.org/).

In the following, the munin running on host A ( hostname is mogu ).
I run nmap on the host B .
these hosts in local area network.

[Environment]
host A:
% uname -a
NetBSD mogu.area51.gr.jp 5.99.58 NetBSD 5.99.58 (MYKERNEL) #0: Mon Dec
26 21:16:57 JST 2011
root%mogu.area51.gr.jp@localhost:/usr/obj/sys/arch/i386/compile/MYKERNEL i386

host B:
% uname -a
Linux ubuntu2 3.0.0-12-generic #20-Ubuntu SMP Fri Oct 7 14:50:42 UTC
2011 i686 i686 i386 GNU/Linux


[/etc/pf.conf]
/etc/pf.conf on host A:

----
ext_if = "pcn0"
lo_if = "lo0"
tcp_services = "{ ssh, www, smtp, domain, munin, netbios-ssn,
microsoft-ds }"
udp_services = "{ domain, netbios-ns, netbios-dgm }"
priv_nets = "{ 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8 }"
localhost="127.0.0.1"

pass in on $ext_if inet proto tcp from any to ($ext_if) port
$tcp_services flags S/SA keep state
pass in on $ext_if inet proto udp from any to ($ext_if) port $udp_services
----


[/etc/services]
/etc/services have "munin"

% grep munin /etc/services
munin 4949/tcp # Munin Graphing Framework
munin 4949/udp # Munin Graphing Framework


[munin]
munin is running on host A:

% telnet localhost 4949
Trying ::1...
telnet: connect to address ::1: No route to host
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
# munin node at mogu.area51.gr.jp
list
irqstats processes postfix_mailqueue if_errcoll_pcn0 memory_types
swap_size memory_pools df netstat interrupts uptime swap load nfsd cpu
if_pcn0 iostat forks open_files memory vmstat iostat_ops nfs_client
quit
Connection closed by foreign host.

( that's ok )

[telnet]
But can not telnet from host B.

% telnet mogu 4949
Trying 192.168.0.23...
Connected to mogu.area51.gr.jp.
Escape character is '^]'.
Connection closed by foreign host.

[nmap]
run nmap from host B, port is not open:
( 4949 not found )

% sudo nmap mogu

Starting Nmap 5.21 ( http://nmap.org ) at 2012-01-13 22:51 JST
Nmap scan report for mogu (192.168.0.23)
Host is up (0.00036s latency).
rDNS record for 192.168.0.23: mogu.area51.gr.jp
Not shown: 996 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
139/tcp open netbios-ssn
445/tcp open microsoft-ds
MAC Address: 00:0C:29:67:4E:FB (VMware)

Nmap done: 1 IP address (1 host up) scanned in 14.39 seconds


.... I wrong setting ?

Follow-Ups:
- Re: PF configuration for munin
  - From: Ian Clark

Prev by Date: RE: Embedded NetBSD USB
Next by Date: sysinst and gpt
Previous by Thread: mail(1) core dump
Next by Thread: Re: PF configuration for munin
Indexes:

Home | Main Index | Thread Index | Old Index