R: Re: Log connections from security groups - bosh lite

Home Messages Hashtags Subgroups

#355

R: Re: Log connections from security groups - bosh lite

Michael Grifalconi <michael.grifalconi@...> #355 Hello, I post some more info: Kernel logging is enabled because inside the DEA, i can see: cat /etc/rsyslog.conf [...] $IncludeConfig /etc/rsyslog.d/.conf cat /etc/rsyslog.d/enable-kernel-logging.conf $ModLoad imklog after pushing an app, I see on the DEA the correct rules: -A warden-i-18nvgifiemi -p tcp -m tcp --dport 80 -g warden-i-18nvgifiemi-log -A warden-i-18nvgifiemi-log -p tcp -m conntrack --ctstate INVALID,NEW,UNTRACKED -j LOG --log-prefix "warden-i-18nvgifiemi " but on /var/log/messages I only get: Jun 8 07:03:26 localhost kernel: [ 3256.433021] IPv6: ADDRCONF(NETDEV_CHANGE): w-18nvgifiemg-0: link becomes ready the php application pushed: xx(a)boshClient:~/myPhpApp$ cat index.php <html> <head> <title>PHP Test</title> </head> <body> <?php echo '<p>Hello PHP from the server at:</p>'; echo $_SERVER['SERVER_ADDR']; echo '<p>hi from hostname:</p>'; $curl = curl_init(); curl_setopt($curl, CURLOPT_URL, 'http://xxxxxxx'); $result = curl_exec($curl); echo gethostname(); ?> </body> </html> When I browse this application page, I see the page from the webserver on xxxx called from curl, but I don't get ant log. bosh stemcells +---------------------------------------------+---------+--------------------------------------+ \| Name \| Version \| CID \| +---------------------------------------------+---------+--------------------------------------+ \| bosh-warden-boshlite-ubuntu-trusty-go_agent \| 2776 \| c5ac6590-13ec-4ba2-6fa9-e78cf553c4e6 \| +---------------------------------------------+---------+--------------------------------------+ -------------------------------------------------------------------- xx(a)boshClient:~$ cf security-groups Getting security groups as admin OK Name Organization Space #0 public_networks #1 dns #2 logging myOrg myDevSpace xx(a)boshClient:~$ cf security-group logging Getting info for security group logging as admin OK Name logging Rules [ { "destination": "0.0.0.0/0", "log": true, "ports": "80", "protocol": "tcp" } ] Organization Space #0 myOrg myDevSpace tried with protocol: all and :tcp and the port where my local apache server on LAN is listening. Any suggestion is appreciated! Regards, Michael toggle quoted message Show quoted text Il 06/06/15 09:25, Dieu Cao <dcao(a)pivotal.io> ha scritto: Yes, I do recall that the feature did not work on bosh-lite but that was when kernel logging was disabled on the trusty stemcell. Michael, could you send the json for the application security group you've applied to the space you're looking at? -Dieu CF Runtime PM On Fri, Jun 5, 2015 at 5:48 PM, James Bayer <jbayer(a)pivotal.io> wrote: i seem to remember something about app security group logging having an issue with bosh-lite that isn't present when you have a DEA in a VM. i remember something about that. i'll see if dieu remembers. On Fri, Jun 5, 2015 at 1:06 PM, Michael <michael.grifalconi(a)studenti.unimi.it> wrote: Hello, as you suggested, I looked deeper in this matter, and I can see that on the DEA VM: I get the right iptables rules, but I still can not see the logs on /var/log/messages [Im using bosh-lite, latest stemcell, CF version 207] Do you know what should I do to allow this information to be logged? ref:https://www.pivotaltracker.com/n/projects/966314/stories/90078842 Thank you! Best regards, Michael **************** Per destinare il 5x1000 all'Universita' degli Studi di Milano: indicare nella dichiarazione dei redditi il codice fiscale 80012650158. http://www.unimi.it/13084.htm?utm_source=firmaMail&utm_medium=email&utm_content=linkFirmaEmail&utm_campaign=5xmille _______________________________________________ cf-dev mailing list cf-dev(a)lists.cloudfoundry.org https://lists.cloudfoundry.org/mailman/listinfo/cf-dev -- Thank you, James Bayer _______________________________________________ cf-dev mailing list cf-dev(a)lists.cloudfoundry.org https://lists.cloudfoundry.org/mailman/listinfo/cf-dev attachment.html attachment.html
More

#355

Join cf-dev@lists.cloudfoundry.org to automatically receive all group messages.

Home Hashtags Subgroups Terms