[uylug-varios] Problema raro de conexion entre dos maquinas

Dante Castiglione M. dac.maldonado at gmail.com
Fri Apr 29 18:15:26 PDT 2016


Pero aun estando apagado puede frenar el acceso?


---------------------------------------------

*SouthX*
https://southx.io
BigData

*Digicoins*
https://digicoins.cash <https://southx.io/>
Bitcoin

Dante Castiglione Maldonado
dac.maldonado at gmail.com

---------------------------------------------


On 29 April 2016 at 22:10, Cristian Menghi <cristian at menghi.biz> wrote:

> Pegale una mirada a
>
> https://wiki.postgresql.org/wiki/SEPostgreSQL_SELinux_Overview
>
> Slds
> ---
> Cristian Menghi @movil
> El 29 abr. 2016 7:49 p. m., "Dante Castiglione M." <
> dac.maldonado at gmail.com> escribió:
>
>> Si, habia reiniciado.
>> Hice los cambios sugeridos en ambos archivos hosts pero sigue igual.
>>
>>
>>
>> ---------------------------------------------
>>
>> *SouthX*
>> https://southx.io
>> BigData
>>
>> *Digicoins*
>> https://digicoins.cash <https://southx.io/>
>> Bitcoin
>>
>> Dante Castiglione Maldonado
>> dac.maldonado at gmail.com
>>
>> ---------------------------------------------
>>
>>
>> On 29 April 2016 at 17:03, Enrique Verdes <emverdes at ieee.org> wrote:
>>
>>> si no reiniciaste hace setenforce 0 en línea de comandos. Hacé lo mismo
>>> en el cliente, por las dudas.
>>>
>>> En cuanto a archivos hosts dejalos así
>>>
>>> este es el del clliente
>>>
>>> 192.168.1.43                    mdw.southx.io
>>> fe80::1a4f:32ff:feca:297d    mdw.southx.io
>>> 127.0.0.1                          localhost localhost.localdomain
>>> localhost4 localhost4.localdomain4
>>> ::1                                    localhost localhost.localdomain
>>> localhost6 localhost6.localdomain6
>>>
>>> y este es el del server
>>>
>>> 192.168.1.43                     mdw.southx.io
>>> fe80::1a4f:32ff:feca:297d     mdw.southx.io
>>> 192.168.1.42                    fatima.southx.io
>>> 127.0.0.1                         localhost localhost.localdomain
>>> localhost4 localhost4.localdomain4
>>> ::1                                  localhost localhost.localdomain
>>> localhost6 localhost6.localdomain6
>>>
>>> por alguna razón cuando configurás la red te asocia el nombre dns de la
>>> máquina también con 127.0.0.1 y a mime ha hecho cosas raras eso. De todas
>>> formas, no debería ser el problema porque estás haciendo el telnet por IP.
>>>
>>> Hacé el setenforce 0 y revisá.
>>>
>>> Saludos,
>>>
>>> 2016-04-29 16:09 GMT-03:00 Dante Castiglione M. <dac.maldonado at gmail.com
>>> >:
>>>
>>>> (aclaro que reinicie el server luego de deshabilitar selinux y antes de
>>>> volver a probar)
>>>>
>>>>
>>>>
>>>> ---------------------------------------------
>>>>
>>>> *SouthX*
>>>> https://southx.io
>>>> BigData
>>>>
>>>> *Digicoins*
>>>> https://digicoins.cash <https://southx.io/>
>>>> Bitcoin
>>>>
>>>> Dante Castiglione Maldonado
>>>> dac.maldonado at gmail.com
>>>>
>>>> ---------------------------------------------
>>>>
>>>>
>>>> On 29 April 2016 at 15:50, Dante Castiglione M. <
>>>> dac.maldonado at gmail.com> wrote:
>>>>
>>>>>
>>>>> Que raro... Como parte del procedimiento de instalacion de la DB lo
>>>>> habia desabilitado, pero ahora ante tu pregunta lo revise y esta habilitado
>>>>> de nuevo... Quizas lo hice en el cliente.
>>>>>
>>>>> [usuario at server ~]# sestatus
>>>>> SELinux status:                 enabled
>>>>> SELinuxfs mount:                /sys/fs/selinux
>>>>> SELinux root directory:         /etc/selinux
>>>>> Loaded policy name:             targeted
>>>>> Current mode:                   enforcing
>>>>> Mode from config file:          enforcing
>>>>> Policy MLS status:              enabled
>>>>> Policy deny_unknown status:     allowed
>>>>> Max kernel policy version:      28
>>>>>
>>>>>
>>>>> [usuario at server ~]# cat /etc/selinux/config
>>>>>
>>>>> # This file controls the state of SELinux on the system.
>>>>> # SELINUX= can take one of these three values:
>>>>> #     enforcing - SELinux security policy is enforced.
>>>>> #     permissive - SELinux prints warnings instead of enforcing.
>>>>> #     disabled - No SELinux policy is loaded.
>>>>> SELINUX=enforcing
>>>>> # SELINUXTYPE= can take one of three two values:
>>>>> #     targeted - Targeted processes are protected,
>>>>> #     minimum - Modification of targeted policy. Only selected
>>>>> processes are protected.
>>>>> #     mls - Multi Level Security protection.
>>>>> SELINUXTYPE=targeted
>>>>>
>>>>>
>>>>> ahora lo deshabilite
>>>>>
>>>>> [usuario at server ~]# cat /etc/selinux/config
>>>>>
>>>>> # This file controls the state of SELinux on the system.
>>>>> # SELINUX= can take one of these three values:
>>>>> #     enforcing - SELinux security policy is enforced.
>>>>> #     permissive - SELinux prints warnings instead of enforcing.
>>>>> #     disabled - No SELinux policy is loaded.
>>>>> #SELINUX=enforcing
>>>>> SELINUX=disabled
>>>>> # SELINUXTYPE= can take one of three two values:
>>>>> #     targeted - Targeted processes are protected,
>>>>> #     minimum - Modification of targeted policy. Only selected
>>>>> processes are protected.
>>>>> #     mls - Multi Level Security protection.
>>>>> SELINUXTYPE=targeted
>>>>>
>>>>>
>>>>> no cambia nada
>>>>>
>>>>> [usuario at cliente ~]$ psql -h 192.168.1.43 -U dbuser dbname
>>>>> psql: could not connect to server: No route to host
>>>>>     Is the server running on host "192.168.1.43" and accepting
>>>>>     TCP/IP connections on port 5432?
>>>>>
>>>>> [usuario at cliente ~]$ telnet 192.168.1.43 5432
>>>>> Trying 192.168.1.43...
>>>>> telnet: connect to address 192.168.1.43: No route to host
>>>>>
>>>>>
>>>>> sera que no esta bien mi archivo hosts ?
>>>>>
>>>>> este es el del clliente
>>>>>
>>>>> 192.168.1.43                    mdw.southx.io
>>>>> fe80::1a4f:32ff:feca:297d    mdw.southx.io
>>>>> 127.0.0.1                          localhost localhost.localdomain
>>>>> localhost4 localhost4.localdomain4
>>>>> ::1                                    localhost localhost.localdomain
>>>>> localhost6 localhost6.localdomain6
>>>>> 127.0.0.1                          cliente.southx.io
>>>>> ::1                                    cliente.southx.io
>>>>>
>>>>> y este es el del server
>>>>>
>>>>> 127.0.0.1                          mdw.southx.io
>>>>> ::1                                    mdw.southx.io
>>>>> 192.168.1.43                     mdw.southx.io
>>>>> fe80::1a4f:32ff:feca:297d     mdw.southx.io
>>>>> 127.0.0.1                          sdw1.southx.io
>>>>> ::1                                    sdw1.southx.io
>>>>> 127.0.0.1                          sdw2.southx.io
>>>>> ::1                                   sdw2.southx.io
>>>>> 192.168.1.42                    fatima.southx.io
>>>>> 127.0.0.1                         localhost localhost.localdomain
>>>>> localhost4 localhost4.localdomain4
>>>>> ::1                                  localhost localhost.localdomain
>>>>> localhost6 localhost6.localdomain6
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> ---------------------------------------------
>>>>>
>>>>> *SouthX*
>>>>> https://southx.io
>>>>> BigData
>>>>>
>>>>> *Digicoins*
>>>>> https://digicoins.cash <https://southx.io/>
>>>>> Bitcoin
>>>>>
>>>>> Dante Castiglione Maldonado
>>>>> dac.maldonado at gmail.com
>>>>>
>>>>> ---------------------------------------------
>>>>>
>>>>>
>>>>> On 29 April 2016 at 15:42, Enrique Verdes <emverdes at ieee.org> wrote:
>>>>>
>>>>>> Mandá la salida del comando sestatus
>>>>>>
>>>>>>
>>>>>>
>>>>>> 2016-04-29 15:19 GMT-03:00 Kenneth Irving <ken at fq.edu.uy>:
>>>>>>
>>>>>>> ¿No será alguna restricción de SELinux?
>>>>>>>
>>>>>>> saludos
>>>>>>>
>>>>>>> Kenneth
>>>>>>>
>>>>>>>
>>>>>>> On Fri, 29 Apr 2016, Dante Castiglione M. wrote:
>>>>>>>
>>>>>>>
>>>>>>>> Muchas gracias por sus amables respuestas.
>>>>>>>>
>>>>>>>> ------------------------------------
>>>>>>>> 1. telnet
>>>>>>>> ------------------------------------
>>>>>>>>
>>>>>>>> Hice el telnet correctamente desde el CentOS cliente, el resultado
>>>>>>>> no cambia
>>>>>>>>
>>>>>>>> [usuario at cliente ~]$ telnet 192.168.1.43 5432
>>>>>>>> Trying 192.168.1.43...
>>>>>>>> telnet: connect to address 192.168.1.43: No route to host
>>>>>>>>
>>>>>>>> Por si acaso lo repeti desde el cliente en Ubuntu, hace lo mismo
>>>>>>>>
>>>>>>>> usuario at cliente:~$ telnet 192.168.1.43 5432
>>>>>>>> Trying 192.168.1.43...
>>>>>>>> telnet: Unable to connect to remote host: No route to host
>>>>>>>>
>>>>>>>>
>>>>>>>> ------------------------------------
>>>>>>>> 2. server
>>>>>>>> ------------------------------------
>>>>>>>>
>>>>>>>> ifconfig del server
>>>>>>>>
>>>>>>>> [usuario at server ~]# ifconfig
>>>>>>>> lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
>>>>>>>>         inet 127.0.0.1  netmask 255.0.0.0
>>>>>>>>         inet6 ::1  prefixlen 128  scopeid 0x10<host>
>>>>>>>>         loop  txqueuelen 0  (Local Loopback)
>>>>>>>>         RX packets 756  bytes 127594 (124.6 KiB)
>>>>>>>>         RX errors 0  dropped 0  overruns 0  frame 0
>>>>>>>>         TX packets 756  bytes 127594 (124.6 KiB)
>>>>>>>>         TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
>>>>>>>>
>>>>>>>> p1p1: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
>>>>>>>>         ether 20:47:47:3c:5b:bd  txqueuelen 1000  (Ethernet)
>>>>>>>>         RX packets 0  bytes 0 (0.0 B)
>>>>>>>>         RX errors 0  dropped 0  overruns 0  frame 0
>>>>>>>>         TX packets 0  bytes 0 (0.0 B)
>>>>>>>>         TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
>>>>>>>>
>>>>>>>> virbr0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
>>>>>>>>         inet 192.168.122.1  netmask 255.255.255.0  broadcast
>>>>>>>> 192.168.122.255
>>>>>>>>         ether 52:54:00:a4:bc:6e  txqueuelen 0  (Ethernet)
>>>>>>>>         RX packets 0  bytes 0 (0.0 B)
>>>>>>>>         RX errors 0  dropped 0  overruns 0  frame 0
>>>>>>>>         TX packets 0  bytes 0 (0.0 B)
>>>>>>>>         TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
>>>>>>>>
>>>>>>>> wlp6s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
>>>>>>>>         inet 192.168.1.43  netmask 255.255.255.0  broadcast
>>>>>>>> 192.168.1.255
>>>>>>>>         inet6 fe80::1a4f:32ff:feca:297d  prefixlen 64  scopeid
>>>>>>>> 0x20<link>
>>>>>>>>         ether 18:4f:32:ca:29:7d  txqueuelen 1000  (Ethernet)
>>>>>>>>         RX packets 12450  bytes 8049799 (7.6 MiB)
>>>>>>>>         RX errors 0  dropped 0  overruns 0  frame 0
>>>>>>>>         TX packets 7794  bytes 1254229 (1.1 MiB)
>>>>>>>>         TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
>>>>>>>>
>>>>>>>>
>>>>>>>> ip tables del server
>>>>>>>>
>>>>>>>> [usuario at server ~]# service iptables status
>>>>>>>> Redirecting to /bin/systemctl status  iptables.service
>>>>>>>> ● iptables.service
>>>>>>>>    Loaded: not-found (Reason: No such file or directory)
>>>>>>>>    Active: inactive (dead)
>>>>>>>>
>>>>>>>>
>>>>>>>> ------------------------------------
>>>>>>>> 3. cliente
>>>>>>>> ------------------------------------
>>>>>>>>
>>>>>>>> ifconfig del ciente
>>>>>>>>
>>>>>>>> [usuario at cliente ~]$ ifconfig
>>>>>>>> enp9s0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
>>>>>>>>         ether a4:ba:db:b7:0b:08  txqueuelen 1000  (Ethernet)
>>>>>>>>         RX packets 0  bytes 0 (0.0 B)
>>>>>>>>         RX errors 0  dropped 0  overruns 0  frame 0
>>>>>>>>         TX packets 0  bytes 0 (0.0 B)
>>>>>>>>         TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
>>>>>>>>         device interrupt 18
>>>>>>>>
>>>>>>>> lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
>>>>>>>>         inet 127.0.0.1  netmask 255.0.0.0
>>>>>>>>         inet6 ::1  prefixlen 128  scopeid 0x10<host>
>>>>>>>>         loop  txqueuelen 0  (Local Loopback)
>>>>>>>>         RX packets 10  bytes 756 (756.0 B)
>>>>>>>>         RX errors 0  dropped 0  overruns 0  frame 0
>>>>>>>>         TX packets 10  bytes 756 (756.0 B)
>>>>>>>>         TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
>>>>>>>>
>>>>>>>> virbr0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
>>>>>>>>         inet 192.168.122.1  netmask 255.255.255.0  broadcast
>>>>>>>> 192.168.122.255
>>>>>>>>         ether 52:54:00:53:ac:c9  txqueuelen 0  (Ethernet)
>>>>>>>>         RX packets 0  bytes 0 (0.0 B)
>>>>>>>>         RX errors 0  dropped 0  overruns 0  frame 0
>>>>>>>>         TX packets 0  bytes 0 (0.0 B)
>>>>>>>>         TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
>>>>>>>>
>>>>>>>> wlp12s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
>>>>>>>>         inet 192.168.1.42  netmask 255.255.255.0  broadcast
>>>>>>>> 192.168.1.255
>>>>>>>>         inet6 fe80::e60:76ff:fe2f:29d9  prefixlen 64  scopeid
>>>>>>>> 0x20<link>
>>>>>>>>         ether 0c:60:76:2f:29:d9  txqueuelen 1000  (Ethernet)
>>>>>>>>         RX packets 18  bytes 2027 (1.9 KiB)
>>>>>>>>         RX errors 0  dropped 0  overruns 0  frame 20284
>>>>>>>>         TX packets 42  bytes 5704 (5.5 KiB)
>>>>>>>>         TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
>>>>>>>>         device interrupt 17  base 0xc000
>>>>>>>>
>>>>>>>>
>>>>>>>> iptables del cliente
>>>>>>>>
>>>>>>>> [usuario at cliente ~]# service iptables status
>>>>>>>> Redirecting to /bin/systemctl status  iptables.service
>>>>>>>> ● iptables.service
>>>>>>>>    Loaded: not-found (Reason: No such file or directory)
>>>>>>>>    Active: inactive (dead)
>>>>>>>>
>>>>>>>>
>>>>>>>> ------------------------------------
>>>>>>>> 4. netstat y nap
>>>>>>>> ------------------------------------
>>>>>>>>
>>>>>>>> netstat en el server, muestra el puerto 5432 abierto, no se si
>>>>>>>> correctamente
>>>>>>>>
>>>>>>>> [usuario at server ~]# netstat -nltp | grep 5432
>>>>>>>> tcp        0      0 0.0.0.0:5432            0.0.0.0:*
>>>>>>>> LISTEN      6642/postgres
>>>>>>>> tcp6       0      0 :::5432                 :::*
>>>>>>>> LISTEN      6642/postgres
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> nmap desde el cliente, aca parece haber algo raro porque ve otros
>>>>>>>> puertos pero no el 5432
>>>>>>>>
>>>>>>>> [usuario at cliente ~]# nmap 192.168.1.43
>>>>>>>>
>>>>>>>> Starting Nmap 6.40 ( http://nmap.org ) at 2016-04-29 14:48 UYT
>>>>>>>> Nmap scan report for mdw.southx.io (192.168.1.43)
>>>>>>>> Host is up (0.018s latency).
>>>>>>>> Not shown: 997 filtered ports
>>>>>>>> PORT    STATE  SERVICE
>>>>>>>> 22/tcp  open   ssh
>>>>>>>> 139/tcp closed netbios-ssn
>>>>>>>> 445/tcp closed microsoft-ds
>>>>>>>> MAC Address: 18:4F:32:CA:29:7D (Unknown)
>>>>>>>>
>>>>>>>> Nmap done: 1 IP address (1 host up) scanned in 6.83 seconds
>>>>>>>>
>>>>>>>>
>>>>>>>> ------------------------------------
>>>>>>>>
>>>>>>>> No entiendo porque no lo ve si el nmap lo muestra abierto
>>>>>>>> Podra ser porque esta con 0.0.0.0 y no especificamente con
>>>>>>>> 192.168.1.43 ???
>>>>>>>>
>>>>>>>> Desde ya muchas gracias
>>>>>>>>
>>>>>>>> ------------------------------------
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> ---------------------------------------------
>>>>>>>>
>>>>>>>> SouthX
>>>>>>>> https://southx.io
>>>>>>>> BigData
>>>>>>>>
>>>>>>>> Digicoins
>>>>>>>> https://digicoins.cash
>>>>>>>> Bitcoin
>>>>>>>>
>>>>>>>> Dante Castiglione Maldonado
>>>>>>>> dac.maldonado at gmail.com
>>>>>>>>
>>>>>>>> ---------------------------------------------
>>>>>>>>
>>>>>>>>
>>>>>>>> On 29 April 2016 at 11:08, Eduardo Trápani <etrapani at gmail.com>
>>>>>>>> wrote:
>>>>>>>>
>>>>>>>>       > Tengo dos maquinas en la wifi, las dos con CentOS 7
>>>>>>>>       > 192.168.1.43 (DB server) y 192.168.1.42 (DB client)
>>>>>>>>       >
>>>>>>>>       > ping responde bien en ambos sentidos
>>>>>>>>       > en ambas maquinas iptables service dice inactive (dead)
>>>>>>>>
>>>>>>>>       ¿Podés pegar la salida de ifconfig en ambos equipos?
>>>>>>>>
>>>>>>>>       Eduardo.
>>>>>>>>       _______________________________________________
>>>>>>>>       Uylug-varios mailing list
>>>>>>>>       Uylug-varios at listas.uylug.org.uy
>>>>>>>>
>>>>>>>> http://listas.uylug.org.uy/listinfo.cgi/uylug-varios-uylug.org.uy
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> Uylug-varios mailing list
>>>>>>> Uylug-varios at listas.uylug.org.uy
>>>>>>> http://listas.uylug.org.uy/listinfo.cgi/uylug-varios-uylug.org.uy
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> Uylug-varios mailing list
>>>>>>> Uylug-varios at listas.uylug.org.uy
>>>>>>> http://listas.uylug.org.uy/listinfo.cgi/uylug-varios-uylug.org.uy
>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Enrique M. Verdes
>>>>>> <https://uy.linkedin.com/pub/enrique-verdes/1/794/ba8>
>>>>>>
>>>>>> "As we enjoy great advantages from the inventions of others, we
>>>>>> should be glad of an opportunity to serve others by any invention of ours;
>>>>>> and this we should do freely and generously."
>>>>>>
>>>>>> Benjamin Franklin
>>>>>>
>>>>>> _______________________________________________
>>>>>> Uylug-varios mailing list
>>>>>> Uylug-varios at listas.uylug.org.uy
>>>>>> http://listas.uylug.org.uy/listinfo.cgi/uylug-varios-uylug.org.uy
>>>>>>
>>>>>>
>>>>>
>>>>
>>>> _______________________________________________
>>>> Uylug-varios mailing list
>>>> Uylug-varios at listas.uylug.org.uy
>>>> http://listas.uylug.org.uy/listinfo.cgi/uylug-varios-uylug.org.uy
>>>>
>>>>
>>>
>>>
>>> --
>>> Enrique M. Verdes
>>> <https://uy.linkedin.com/pub/enrique-verdes/1/794/ba8>
>>>
>>> "As we enjoy great advantages from the inventions of others, we should
>>> be glad of an opportunity to serve others by any invention of ours; and
>>> this we should do freely and generously."
>>>
>>> Benjamin Franklin
>>>
>>> _______________________________________________
>>> Uylug-varios mailing list
>>> Uylug-varios at listas.uylug.org.uy
>>> http://listas.uylug.org.uy/listinfo.cgi/uylug-varios-uylug.org.uy
>>>
>>>
>>
>> _______________________________________________
>> Uylug-varios mailing list
>> Uylug-varios at listas.uylug.org.uy
>> http://listas.uylug.org.uy/listinfo.cgi/uylug-varios-uylug.org.uy
>>
>>
> _______________________________________________
> Uylug-varios mailing list
> Uylug-varios at listas.uylug.org.uy
> http://listas.uylug.org.uy/listinfo.cgi/uylug-varios-uylug.org.uy
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listas.uylug.org.uy/pipermail/uylug-varios-uylug.org.uy/attachments/20160429/b47105ca/attachment-0001.htm>


More information about the Uylug-varios mailing list