SuSE Firewall is Blocking BES Traffic - BES Client
| 0 Votes |
Description
| The listed computers are using SuSEfirewall2 and are not configured to allow inbound UDP traffic on the port used by BES (BES uses port 52311 by default). The BES Server and BES Relays send UDP packets to the BES Clients to notify them that there is new information available such as new Fixlet messages, actions, and computer refreshes. BES Clients on relevant computers will not receive UDP notification packets and therefore will not see new actions or new Fixlet messages until they gather the new actionsite, which is by default, once a day. After configuring iptables to allow inbound UDP traffic on the BES Listen Port, BES Clients will resume normal communication with the BES Server and BES Relays. Note: After this action is applied, affected BES Clients will not report until they have performed their standard once-per-day gather or until the BES Client is restarted. Note: Configuration changes made to SuSEfirewall2 will include port 52311 to the FW_SERVICES_EXT_UDP zone. |
Property Details
| 235 | |
| SuSE Firewall is Blocking BES Traffic - BES Client | |
| Support | |
| 0 | |
| BigFix | |
| <Unspecified> | |
| Important | |
| 7/23/2009 12:00:00 AM | |
| BES UDP Clients Client TABLE | |
| besSupport on 10/17/2012 1:14:37 PM | |
| danielheth on 10/17/2012 1:14:37 PM | |
| 6190 Views / 6 Downloads | |
* Average over 0 ratings.
** Log In or Register to add your rating.
|
Relevance
| Used in 221 fixlets | * Results in a true/false |
| Used in 32 fixlets | * Results in a true/false |
| Used in 1 fixlet | * Results in a true/false |
| Used in 1 fixlet | * Results in a true/false |
| Used in 1 fixlet | * Results in a true/false |
Actions
Action 1 (default)
//Modify the SuSEfirewall2 saved ruleset
delete __appendfile
appendfile #!/bin/bash
if {exists file "/etc/sysconfig/SuSEfirewall2" whose (NOT exists lines whose (it starts with "FW_SERVICES_EXT_UDP=" AND it contains "%2252311 %22") of it)}
appendfile sed -i 's/^FW_SERVICES_EXT_UDP="/FW_SERVICES_EXT_UDP="52311 /' /etc/sysconfig/SuSEfirewall2
endif
appendfile sed -i 's/"52311 "/"52311"/' /etc/sysconfig/SuSEfirewall2
appendfile /etc/init.d/SuSEfirewall2_setup restart
wait chmod +x "{(client folder of current site as string) & "/__appendfile"}"
wait "{(client folder of current site as string) & "/__appendfile"}"
delete __appendfile
This action will be considered successful when the applicability relevance evaluates to false.
Action 2
http://support.bigfix.com/cgi-bin/kbdirect.pl?id=113
Action 3
delete __appendfile
appendfile #!/bin/bash
appendfile chkconfig --level 2345 SuSEfirewall2_final off
appendfile chkconfig --level 2345 SuSEfirewall2_setup off
appendfile chkconfig --level 2345 SuSEfirewall2_init off
appendfile /etc/init.d/SuSEfirewall2_setup stop
wait chmod 555 "{(client folder of current site as string) & "/__appendfile"}"
wait "{(client folder of current site as string) & "/__appendfile"}"
delete delete __appendfile
This action will be considered successful when the applicability relevance evaluates to false.
Sharing
| Social Media: |
