-
-
Notifications
You must be signed in to change notification settings - Fork 334
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Version 2.8.2 breaks listening on anything more than localhost #2417
Comments
Did you try Also, did you have any other |
Sorry, there should have been a space between :: and 3493, ie ":: 3493". I am not using ::1. The :: interface binds to all ipv6 and ipv4 addresses. No, there are no other LISTEN directives. |
Gotta check about |
Looked at standards while commuting now, and did not find any examples of double-colons as a standalone token in IPv6 - only that it can be used (at most once) in place of a consecutive block of zero bits. In that vein, an Wondering now, if it working this way in older NUT releases was by a coincidence (and/or part of another bug) rather than by design. |
Ok, I stand corrected with my notes in issue #2012 - it had mentions of There was a lengthy community discussion about whether dual-support of IPv4 and IPv6 with one address spec is good, bad, portable, or outright insecure and best to be avoided. But at least for IPv6 it should have worked for you. What did |
Thank you for your very prompt response! The logs do not give any errors, and upsd does not show any listeners with version 2.8.2. With version 2.8.0, and LISTENER :: 3493, upsd listens as follows: tcp6 0 0 :::3493 :::* LISTEN 1447/upsd and responds to ipv4 as well as ipv6. I remember being surprised by the space in the LISTEN directives when I first configured nut several years ago, but it worked, and it has continued to work across upgrades until now. If you're shooting for compliance with standards (as well as intuitiveness), you should probably accept The asterisk in a listen address is unusual and I never would have thought of trying it, although it represents "any port" in Linux. In upsd.conf, it appears to be translated to 0.0.0.0 and so excludes ipv6. |
We've had some quite outspoken community members from BSD and other secure backgrounds, who argued with examples against implicit enablement of IPv4 listeners when asked for IPv6 tokens. Many systems do not implement dual-stack at all, for a reason (e.g. overlooked firewall rules on the other stack). Listening on asterisk as wildcard address is rather popular (since Apache httpd IIRC, maybe before it; many Documented at https://github.com/networkupstools/nut/pull/2013/files#diff-7ee66c4f1536ac84dc5bbff1b8312e2eef24b974b3e48a5c5c2bcfdf2eb8f3ce |
Double-checked (with current master, but there were no changes since 2.8.2 release in this regard) -- seems to work as designed and documented:
It indeed listens on only IPv6:
|
Likewise, asterisk (still) works for two explicit listeners here:
And this time it accepts both types of connections:
Also on non-localhost (per
|
Also, for the sake of completeness, an empty configuration file (no
|
@tbclark3 : While it would be interesting to reproduce and understand/root-cause the original issue you've had, I can not confirm it as related to FWIW, I've crafted a case where
(could be a bit more verbose about aborting though). NOTE: This failure should have been seen also without debug:
|
…sages [#2417] Signed-off-by: Jim Klimov <[email protected]>
Just in case, checked what it would do if Little surprise here: the string is seen as an IP address, happens to not be available on the current system (port
|
Thinking of it... might make sense to parse a single token on a That said, in ~25 years of NUT's existence I think this is the first time such issue was raised (to the best of my personal knowledge) - so I guess it is a rare surprise after all the RTFM :) |
I've also tested around with this on current master and all works as documented. |
@tbclark3 : I am afraid we could not reproduce your issue, as well as explain it theoretically. Seems like some setup misconfiguration on your side (e.g. your expectations for Closing the issue, but if you find some more specific clues about the current implementation not working as documented - please do let us know and feel free to reopen :) |
On Fedora 39, upgrading from nut 2.8.0 to 2.8.2 with LISTEN ::3493 causes all connections to be refused including localhost. Commenting out the LISTEN configuration results in upsd listening on localhost but makes remote monitoring impossible. Downgrading to 2.8.0 results in normal operation.
The text was updated successfully, but these errors were encountered: