[uylug-varios] Problema raro de conexion entre dos maquinas
Dante Castiglione M.
dac.maldonado at gmail.com
Fri Apr 29 18:15:26 PDT 2016
Pero aun estando apagado puede frenar el acceso?
---------------------------------------------
*SouthX*
https://southx.io
BigData
*Digicoins*
https://digicoins.cash <https://southx.io/>
Bitcoin
Dante Castiglione Maldonado
dac.maldonado at gmail.com
---------------------------------------------
On 29 April 2016 at 22:10, Cristian Menghi <cristian at menghi.biz> wrote:
> Pegale una mirada a
>
> https://wiki.postgresql.org/wiki/SEPostgreSQL_SELinux_Overview
>
> Slds
> ---
> Cristian Menghi @movil
> El 29 abr. 2016 7:49 p. m., "Dante Castiglione M." <
> dac.maldonado at gmail.com> escribió:
>
>> Si, habia reiniciado.
>> Hice los cambios sugeridos en ambos archivos hosts pero sigue igual.
>>
>>
>>
>> ---------------------------------------------
>>
>> *SouthX*
>> https://southx.io
>> BigData
>>
>> *Digicoins*
>> https://digicoins.cash <https://southx.io/>
>> Bitcoin
>>
>> Dante Castiglione Maldonado
>> dac.maldonado at gmail.com
>>
>> ---------------------------------------------
>>
>>
>> On 29 April 2016 at 17:03, Enrique Verdes <emverdes at ieee.org> wrote:
>>
>>> si no reiniciaste hace setenforce 0 en línea de comandos. Hacé lo mismo
>>> en el cliente, por las dudas.
>>>
>>> En cuanto a archivos hosts dejalos así
>>>
>>> este es el del clliente
>>>
>>> 192.168.1.43 mdw.southx.io
>>> fe80::1a4f:32ff:feca:297d mdw.southx.io
>>> 127.0.0.1 localhost localhost.localdomain
>>> localhost4 localhost4.localdomain4
>>> ::1 localhost localhost.localdomain
>>> localhost6 localhost6.localdomain6
>>>
>>> y este es el del server
>>>
>>> 192.168.1.43 mdw.southx.io
>>> fe80::1a4f:32ff:feca:297d mdw.southx.io
>>> 192.168.1.42 fatima.southx.io
>>> 127.0.0.1 localhost localhost.localdomain
>>> localhost4 localhost4.localdomain4
>>> ::1 localhost localhost.localdomain
>>> localhost6 localhost6.localdomain6
>>>
>>> por alguna razón cuando configurás la red te asocia el nombre dns de la
>>> máquina también con 127.0.0.1 y a mime ha hecho cosas raras eso. De todas
>>> formas, no debería ser el problema porque estás haciendo el telnet por IP.
>>>
>>> Hacé el setenforce 0 y revisá.
>>>
>>> Saludos,
>>>
>>> 2016-04-29 16:09 GMT-03:00 Dante Castiglione M. <dac.maldonado at gmail.com
>>> >:
>>>
>>>> (aclaro que reinicie el server luego de deshabilitar selinux y antes de
>>>> volver a probar)
>>>>
>>>>
>>>>
>>>> ---------------------------------------------
>>>>
>>>> *SouthX*
>>>> https://southx.io
>>>> BigData
>>>>
>>>> *Digicoins*
>>>> https://digicoins.cash <https://southx.io/>
>>>> Bitcoin
>>>>
>>>> Dante Castiglione Maldonado
>>>> dac.maldonado at gmail.com
>>>>
>>>> ---------------------------------------------
>>>>
>>>>
>>>> On 29 April 2016 at 15:50, Dante Castiglione M. <
>>>> dac.maldonado at gmail.com> wrote:
>>>>
>>>>>
>>>>> Que raro... Como parte del procedimiento de instalacion de la DB lo
>>>>> habia desabilitado, pero ahora ante tu pregunta lo revise y esta habilitado
>>>>> de nuevo... Quizas lo hice en el cliente.
>>>>>
>>>>> [usuario at server ~]# sestatus
>>>>> SELinux status: enabled
>>>>> SELinuxfs mount: /sys/fs/selinux
>>>>> SELinux root directory: /etc/selinux
>>>>> Loaded policy name: targeted
>>>>> Current mode: enforcing
>>>>> Mode from config file: enforcing
>>>>> Policy MLS status: enabled
>>>>> Policy deny_unknown status: allowed
>>>>> Max kernel policy version: 28
>>>>>
>>>>>
>>>>> [usuario at server ~]# cat /etc/selinux/config
>>>>>
>>>>> # This file controls the state of SELinux on the system.
>>>>> # SELINUX= can take one of these three values:
>>>>> # enforcing - SELinux security policy is enforced.
>>>>> # permissive - SELinux prints warnings instead of enforcing.
>>>>> # disabled - No SELinux policy is loaded.
>>>>> SELINUX=enforcing
>>>>> # SELINUXTYPE= can take one of three two values:
>>>>> # targeted - Targeted processes are protected,
>>>>> # minimum - Modification of targeted policy. Only selected
>>>>> processes are protected.
>>>>> # mls - Multi Level Security protection.
>>>>> SELINUXTYPE=targeted
>>>>>
>>>>>
>>>>> ahora lo deshabilite
>>>>>
>>>>> [usuario at server ~]# cat /etc/selinux/config
>>>>>
>>>>> # This file controls the state of SELinux on the system.
>>>>> # SELINUX= can take one of these three values:
>>>>> # enforcing - SELinux security policy is enforced.
>>>>> # permissive - SELinux prints warnings instead of enforcing.
>>>>> # disabled - No SELinux policy is loaded.
>>>>> #SELINUX=enforcing
>>>>> SELINUX=disabled
>>>>> # SELINUXTYPE= can take one of three two values:
>>>>> # targeted - Targeted processes are protected,
>>>>> # minimum - Modification of targeted policy. Only selected
>>>>> processes are protected.
>>>>> # mls - Multi Level Security protection.
>>>>> SELINUXTYPE=targeted
>>>>>
>>>>>
>>>>> no cambia nada
>>>>>
>>>>> [usuario at cliente ~]$ psql -h 192.168.1.43 -U dbuser dbname
>>>>> psql: could not connect to server: No route to host
>>>>> Is the server running on host "192.168.1.43" and accepting
>>>>> TCP/IP connections on port 5432?
>>>>>
>>>>> [usuario at cliente ~]$ telnet 192.168.1.43 5432
>>>>> Trying 192.168.1.43...
>>>>> telnet: connect to address 192.168.1.43: No route to host
>>>>>
>>>>>
>>>>> sera que no esta bien mi archivo hosts ?
>>>>>
>>>>> este es el del clliente
>>>>>
>>>>> 192.168.1.43 mdw.southx.io
>>>>> fe80::1a4f:32ff:feca:297d mdw.southx.io
>>>>> 127.0.0.1 localhost localhost.localdomain
>>>>> localhost4 localhost4.localdomain4
>>>>> ::1 localhost localhost.localdomain
>>>>> localhost6 localhost6.localdomain6
>>>>> 127.0.0.1 cliente.southx.io
>>>>> ::1 cliente.southx.io
>>>>>
>>>>> y este es el del server
>>>>>
>>>>> 127.0.0.1 mdw.southx.io
>>>>> ::1 mdw.southx.io
>>>>> 192.168.1.43 mdw.southx.io
>>>>> fe80::1a4f:32ff:feca:297d mdw.southx.io
>>>>> 127.0.0.1 sdw1.southx.io
>>>>> ::1 sdw1.southx.io
>>>>> 127.0.0.1 sdw2.southx.io
>>>>> ::1 sdw2.southx.io
>>>>> 192.168.1.42 fatima.southx.io
>>>>> 127.0.0.1 localhost localhost.localdomain
>>>>> localhost4 localhost4.localdomain4
>>>>> ::1 localhost localhost.localdomain
>>>>> localhost6 localhost6.localdomain6
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> ---------------------------------------------
>>>>>
>>>>> *SouthX*
>>>>> https://southx.io
>>>>> BigData
>>>>>
>>>>> *Digicoins*
>>>>> https://digicoins.cash <https://southx.io/>
>>>>> Bitcoin
>>>>>
>>>>> Dante Castiglione Maldonado
>>>>> dac.maldonado at gmail.com
>>>>>
>>>>> ---------------------------------------------
>>>>>
>>>>>
>>>>> On 29 April 2016 at 15:42, Enrique Verdes <emverdes at ieee.org> wrote:
>>>>>
>>>>>> Mandá la salida del comando sestatus
>>>>>>
>>>>>>
>>>>>>
>>>>>> 2016-04-29 15:19 GMT-03:00 Kenneth Irving <ken at fq.edu.uy>:
>>>>>>
>>>>>>> ¿No será alguna restricción de SELinux?
>>>>>>>
>>>>>>> saludos
>>>>>>>
>>>>>>> Kenneth
>>>>>>>
>>>>>>>
>>>>>>> On Fri, 29 Apr 2016, Dante Castiglione M. wrote:
>>>>>>>
>>>>>>>
>>>>>>>> Muchas gracias por sus amables respuestas.
>>>>>>>>
>>>>>>>> ------------------------------------
>>>>>>>> 1. telnet
>>>>>>>> ------------------------------------
>>>>>>>>
>>>>>>>> Hice el telnet correctamente desde el CentOS cliente, el resultado
>>>>>>>> no cambia
>>>>>>>>
>>>>>>>> [usuario at cliente ~]$ telnet 192.168.1.43 5432
>>>>>>>> Trying 192.168.1.43...
>>>>>>>> telnet: connect to address 192.168.1.43: No route to host
>>>>>>>>
>>>>>>>> Por si acaso lo repeti desde el cliente en Ubuntu, hace lo mismo
>>>>>>>>
>>>>>>>> usuario at cliente:~$ telnet 192.168.1.43 5432
>>>>>>>> Trying 192.168.1.43...
>>>>>>>> telnet: Unable to connect to remote host: No route to host
>>>>>>>>
>>>>>>>>
>>>>>>>> ------------------------------------
>>>>>>>> 2. server
>>>>>>>> ------------------------------------
>>>>>>>>
>>>>>>>> ifconfig del server
>>>>>>>>
>>>>>>>> [usuario at server ~]# ifconfig
>>>>>>>> lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
>>>>>>>> inet 127.0.0.1 netmask 255.0.0.0
>>>>>>>> inet6 ::1 prefixlen 128 scopeid 0x10<host>
>>>>>>>> loop txqueuelen 0 (Local Loopback)
>>>>>>>> RX packets 756 bytes 127594 (124.6 KiB)
>>>>>>>> RX errors 0 dropped 0 overruns 0 frame 0
>>>>>>>> TX packets 756 bytes 127594 (124.6 KiB)
>>>>>>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>>>>>>
>>>>>>>> p1p1: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
>>>>>>>> ether 20:47:47:3c:5b:bd txqueuelen 1000 (Ethernet)
>>>>>>>> RX packets 0 bytes 0 (0.0 B)
>>>>>>>> RX errors 0 dropped 0 overruns 0 frame 0
>>>>>>>> TX packets 0 bytes 0 (0.0 B)
>>>>>>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>>>>>>
>>>>>>>> virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
>>>>>>>> inet 192.168.122.1 netmask 255.255.255.0 broadcast
>>>>>>>> 192.168.122.255
>>>>>>>> ether 52:54:00:a4:bc:6e txqueuelen 0 (Ethernet)
>>>>>>>> RX packets 0 bytes 0 (0.0 B)
>>>>>>>> RX errors 0 dropped 0 overruns 0 frame 0
>>>>>>>> TX packets 0 bytes 0 (0.0 B)
>>>>>>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>>>>>>
>>>>>>>> wlp6s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
>>>>>>>> inet 192.168.1.43 netmask 255.255.255.0 broadcast
>>>>>>>> 192.168.1.255
>>>>>>>> inet6 fe80::1a4f:32ff:feca:297d prefixlen 64 scopeid
>>>>>>>> 0x20<link>
>>>>>>>> ether 18:4f:32:ca:29:7d txqueuelen 1000 (Ethernet)
>>>>>>>> RX packets 12450 bytes 8049799 (7.6 MiB)
>>>>>>>> RX errors 0 dropped 0 overruns 0 frame 0
>>>>>>>> TX packets 7794 bytes 1254229 (1.1 MiB)
>>>>>>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>>>>>>
>>>>>>>>
>>>>>>>> ip tables del server
>>>>>>>>
>>>>>>>> [usuario at server ~]# service iptables status
>>>>>>>> Redirecting to /bin/systemctl status iptables.service
>>>>>>>> ● iptables.service
>>>>>>>> Loaded: not-found (Reason: No such file or directory)
>>>>>>>> Active: inactive (dead)
>>>>>>>>
>>>>>>>>
>>>>>>>> ------------------------------------
>>>>>>>> 3. cliente
>>>>>>>> ------------------------------------
>>>>>>>>
>>>>>>>> ifconfig del ciente
>>>>>>>>
>>>>>>>> [usuario at cliente ~]$ ifconfig
>>>>>>>> enp9s0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
>>>>>>>> ether a4:ba:db:b7:0b:08 txqueuelen 1000 (Ethernet)
>>>>>>>> RX packets 0 bytes 0 (0.0 B)
>>>>>>>> RX errors 0 dropped 0 overruns 0 frame 0
>>>>>>>> TX packets 0 bytes 0 (0.0 B)
>>>>>>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>>>>>> device interrupt 18
>>>>>>>>
>>>>>>>> lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
>>>>>>>> inet 127.0.0.1 netmask 255.0.0.0
>>>>>>>> inet6 ::1 prefixlen 128 scopeid 0x10<host>
>>>>>>>> loop txqueuelen 0 (Local Loopback)
>>>>>>>> RX packets 10 bytes 756 (756.0 B)
>>>>>>>> RX errors 0 dropped 0 overruns 0 frame 0
>>>>>>>> TX packets 10 bytes 756 (756.0 B)
>>>>>>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>>>>>>
>>>>>>>> virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
>>>>>>>> inet 192.168.122.1 netmask 255.255.255.0 broadcast
>>>>>>>> 192.168.122.255
>>>>>>>> ether 52:54:00:53:ac:c9 txqueuelen 0 (Ethernet)
>>>>>>>> RX packets 0 bytes 0 (0.0 B)
>>>>>>>> RX errors 0 dropped 0 overruns 0 frame 0
>>>>>>>> TX packets 0 bytes 0 (0.0 B)
>>>>>>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>>>>>>
>>>>>>>> wlp12s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
>>>>>>>> inet 192.168.1.42 netmask 255.255.255.0 broadcast
>>>>>>>> 192.168.1.255
>>>>>>>> inet6 fe80::e60:76ff:fe2f:29d9 prefixlen 64 scopeid
>>>>>>>> 0x20<link>
>>>>>>>> ether 0c:60:76:2f:29:d9 txqueuelen 1000 (Ethernet)
>>>>>>>> RX packets 18 bytes 2027 (1.9 KiB)
>>>>>>>> RX errors 0 dropped 0 overruns 0 frame 20284
>>>>>>>> TX packets 42 bytes 5704 (5.5 KiB)
>>>>>>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>>>>>>> device interrupt 17 base 0xc000
>>>>>>>>
>>>>>>>>
>>>>>>>> iptables del cliente
>>>>>>>>
>>>>>>>> [usuario at cliente ~]# service iptables status
>>>>>>>> Redirecting to /bin/systemctl status iptables.service
>>>>>>>> ● iptables.service
>>>>>>>> Loaded: not-found (Reason: No such file or directory)
>>>>>>>> Active: inactive (dead)
>>>>>>>>
>>>>>>>>
>>>>>>>> ------------------------------------
>>>>>>>> 4. netstat y nap
>>>>>>>> ------------------------------------
>>>>>>>>
>>>>>>>> netstat en el server, muestra el puerto 5432 abierto, no se si
>>>>>>>> correctamente
>>>>>>>>
>>>>>>>> [usuario at server ~]# netstat -nltp | grep 5432
>>>>>>>> tcp 0 0 0.0.0.0:5432 0.0.0.0:*
>>>>>>>> LISTEN 6642/postgres
>>>>>>>> tcp6 0 0 :::5432 :::*
>>>>>>>> LISTEN 6642/postgres
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> nmap desde el cliente, aca parece haber algo raro porque ve otros
>>>>>>>> puertos pero no el 5432
>>>>>>>>
>>>>>>>> [usuario at cliente ~]# nmap 192.168.1.43
>>>>>>>>
>>>>>>>> Starting Nmap 6.40 ( http://nmap.org ) at 2016-04-29 14:48 UYT
>>>>>>>> Nmap scan report for mdw.southx.io (192.168.1.43)
>>>>>>>> Host is up (0.018s latency).
>>>>>>>> Not shown: 997 filtered ports
>>>>>>>> PORT STATE SERVICE
>>>>>>>> 22/tcp open ssh
>>>>>>>> 139/tcp closed netbios-ssn
>>>>>>>> 445/tcp closed microsoft-ds
>>>>>>>> MAC Address: 18:4F:32:CA:29:7D (Unknown)
>>>>>>>>
>>>>>>>> Nmap done: 1 IP address (1 host up) scanned in 6.83 seconds
>>>>>>>>
>>>>>>>>
>>>>>>>> ------------------------------------
>>>>>>>>
>>>>>>>> No entiendo porque no lo ve si el nmap lo muestra abierto
>>>>>>>> Podra ser porque esta con 0.0.0.0 y no especificamente con
>>>>>>>> 192.168.1.43 ???
>>>>>>>>
>>>>>>>> Desde ya muchas gracias
>>>>>>>>
>>>>>>>> ------------------------------------
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> ---------------------------------------------
>>>>>>>>
>>>>>>>> SouthX
>>>>>>>> https://southx.io
>>>>>>>> BigData
>>>>>>>>
>>>>>>>> Digicoins
>>>>>>>> https://digicoins.cash
>>>>>>>> Bitcoin
>>>>>>>>
>>>>>>>> Dante Castiglione Maldonado
>>>>>>>> dac.maldonado at gmail.com
>>>>>>>>
>>>>>>>> ---------------------------------------------
>>>>>>>>
>>>>>>>>
>>>>>>>> On 29 April 2016 at 11:08, Eduardo Trápani <etrapani at gmail.com>
>>>>>>>> wrote:
>>>>>>>>
>>>>>>>> > Tengo dos maquinas en la wifi, las dos con CentOS 7
>>>>>>>> > 192.168.1.43 (DB server) y 192.168.1.42 (DB client)
>>>>>>>> >
>>>>>>>> > ping responde bien en ambos sentidos
>>>>>>>> > en ambas maquinas iptables service dice inactive (dead)
>>>>>>>>
>>>>>>>> ¿Podés pegar la salida de ifconfig en ambos equipos?
>>>>>>>>
>>>>>>>> Eduardo.
>>>>>>>> _______________________________________________
>>>>>>>> Uylug-varios mailing list
>>>>>>>> Uylug-varios at listas.uylug.org.uy
>>>>>>>>
>>>>>>>> http://listas.uylug.org.uy/listinfo.cgi/uylug-varios-uylug.org.uy
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> Uylug-varios mailing list
>>>>>>> Uylug-varios at listas.uylug.org.uy
>>>>>>> http://listas.uylug.org.uy/listinfo.cgi/uylug-varios-uylug.org.uy
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> Uylug-varios mailing list
>>>>>>> Uylug-varios at listas.uylug.org.uy
>>>>>>> http://listas.uylug.org.uy/listinfo.cgi/uylug-varios-uylug.org.uy
>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Enrique M. Verdes
>>>>>> <https://uy.linkedin.com/pub/enrique-verdes/1/794/ba8>
>>>>>>
>>>>>> "As we enjoy great advantages from the inventions of others, we
>>>>>> should be glad of an opportunity to serve others by any invention of ours;
>>>>>> and this we should do freely and generously."
>>>>>>
>>>>>> Benjamin Franklin
>>>>>>
>>>>>> _______________________________________________
>>>>>> Uylug-varios mailing list
>>>>>> Uylug-varios at listas.uylug.org.uy
>>>>>> http://listas.uylug.org.uy/listinfo.cgi/uylug-varios-uylug.org.uy
>>>>>>
>>>>>>
>>>>>
>>>>
>>>> _______________________________________________
>>>> Uylug-varios mailing list
>>>> Uylug-varios at listas.uylug.org.uy
>>>> http://listas.uylug.org.uy/listinfo.cgi/uylug-varios-uylug.org.uy
>>>>
>>>>
>>>
>>>
>>> --
>>> Enrique M. Verdes
>>> <https://uy.linkedin.com/pub/enrique-verdes/1/794/ba8>
>>>
>>> "As we enjoy great advantages from the inventions of others, we should
>>> be glad of an opportunity to serve others by any invention of ours; and
>>> this we should do freely and generously."
>>>
>>> Benjamin Franklin
>>>
>>> _______________________________________________
>>> Uylug-varios mailing list
>>> Uylug-varios at listas.uylug.org.uy
>>> http://listas.uylug.org.uy/listinfo.cgi/uylug-varios-uylug.org.uy
>>>
>>>
>>
>> _______________________________________________
>> Uylug-varios mailing list
>> Uylug-varios at listas.uylug.org.uy
>> http://listas.uylug.org.uy/listinfo.cgi/uylug-varios-uylug.org.uy
>>
>>
> _______________________________________________
> Uylug-varios mailing list
> Uylug-varios at listas.uylug.org.uy
> http://listas.uylug.org.uy/listinfo.cgi/uylug-varios-uylug.org.uy
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listas.uylug.org.uy/pipermail/uylug-varios-uylug.org.uy/attachments/20160429/b47105ca/attachment-0001.htm>
More information about the Uylug-varios
mailing list