Rahul
2009-01-27 01:35:46 UTC
I just opened some ports in my firewall to allow me to connect to the
Splunk web interface on port 8000 (the splunk docs had this as the default
port)
iptables -I INPUT 1 -s mm0xx.foo.bar.edu -d xyxyx.foo.bar.edu -p tcp --
dport 8000 -j ACCEPT
iptables had gotten me all confused since I saw a line of the sort:
ACCEPT tcp -- mm0xx.foo.bar.edu xyxyx.foo.bar.edu tcp dpt:irdmi
I couldn't correlate the term "irdmi" with my port 8000 and thought I was
doing something wrong with iptables.
Finally I solved this mystery by noticing that in /etc/services I had
lines:
irdmi 8000/tcp # iRDMI
irdmi 8000/udp # iRDMI
(1) Is it safe for me to change those to corrosponding lines for splunk?
How are these defaults assigned and do I have a potential clash situation?
(2) Further, are there central repos that try to avoid port-clashes of this
sort when someone comes up with a new mackage or are services clashing all
the time?
Splunk web interface on port 8000 (the splunk docs had this as the default
port)
iptables -I INPUT 1 -s mm0xx.foo.bar.edu -d xyxyx.foo.bar.edu -p tcp --
dport 8000 -j ACCEPT
iptables had gotten me all confused since I saw a line of the sort:
ACCEPT tcp -- mm0xx.foo.bar.edu xyxyx.foo.bar.edu tcp dpt:irdmi
I couldn't correlate the term "irdmi" with my port 8000 and thought I was
doing something wrong with iptables.
Finally I solved this mystery by noticing that in /etc/services I had
lines:
irdmi 8000/tcp # iRDMI
irdmi 8000/udp # iRDMI
(1) Is it safe for me to change those to corrosponding lines for splunk?
How are these defaults assigned and do I have a potential clash situation?
(2) Further, are there central repos that try to avoid port-clashes of this
sort when someone comes up with a new mackage or are services clashing all
the time?
--
Rahul
Rahul