Standalone backup agents for Linux, Mac, AIX & Solaris workloads on-premises or in the public cloud
Post Reply
wolfman22
Novice
Posts: 4
Liked: 2 times
Joined: Oct 14, 2016 8:11 am
Contact:

veeamservice listen on all interfaces regardless of config

Post by wolfman22 »

Hi!

I'm evaluating the new Veeam Agent for Linux which works great - but it ignores the config made in
/etc/veeam/veeam.ini
where I have configured

Code: Select all

[service]
host = 127.0.0.1
port = 3500
but the service is listening on all interfaces - not only on the localhost:

Code: Select all

lsof -i -P | grep veeam
veeamserv  6695     root   13u  IPv4 8646293      0t0  TCP *:3500 (LISTEN)
Is this a bug - I haven't found any documentation about settings for this file.

System is Ubuntu 16.04 LTS with veeam_1.0.0.678_amd64.deb and veeamsnap_1.0.0.678_all.deb installed.

Thank you and greetings
Wolfgang
PTide
Product Manager
Posts: 6408
Liked: 724 times
Joined: May 19, 2015 1:46 pm
Contact:

Re: veeamservice listen on all interfaces regardless of conf

Post by PTide »

Hi,

The [service] setting is not exactly what you thought it was, veeam.ini structure will be reorganized in GA so the setting won't stay there. Did I get it right - on a host with multiple NIC interfaces available you'd like to make VAL to listen on the specific interface only, right?

Thanks
wolfman22
Novice
Posts: 4
Liked: 2 times
Joined: Oct 14, 2016 8:11 am
Contact:

Re: veeamservice listen on all interfaces regardless of conf

Post by wolfman22 »

Hi!
Thanks for quick reply!

The linux box is sitting in the internet - and I would like the service listen to 127.0.0.1 and not on the public eth0 ip adress.
Backups are initiated via cronjob from within the box - so no need to have this service listen on public external ip

Greetings
Wolfgang
nielsengelen
Product Manager
Posts: 5619
Liked: 1177 times
Joined: Jul 15, 2013 11:09 am
Full Name: Niels Engelen
Contact:

Re: veeamservice listen on all interfaces regardless of conf

Post by nielsengelen »

You could add a firewall rule blocking it for now by using iptables.
Personal blog: https://foonet.be
GitHub: https://github.com/nielsengelen
wolfman22
Novice
Posts: 4
Liked: 2 times
Joined: Oct 14, 2016 8:11 am
Contact:

Re: veeamservice listen on all interfaces regardless of conf

Post by wolfman22 » 1 person likes this post

yes for sure I can add a firewall or iptables entry but
in linux it is by design to not open any ports on external nic's if not necessary or configured - so I think VAL should also do this.
nielsengelen
Product Manager
Posts: 5619
Liked: 1177 times
Joined: Jul 15, 2013 11:09 am
Full Name: Niels Engelen
Contact:

Re: veeamservice listen on all interfaces regardless of conf

Post by nielsengelen »

Correct but it was more said as workaround for the current beta2.
Personal blog: https://foonet.be
GitHub: https://github.com/nielsengelen
wolfman22
Novice
Posts: 4
Liked: 2 times
Joined: Oct 14, 2016 8:11 am
Contact:

Re: veeamservice listen on all interfaces regardless of conf

Post by wolfman22 » 1 person likes this post

Allright - so see it as a feature request :-)
configurable listening interface
Many thanks for quick replies!

For anyone in the same situation - iptables command as follows:

Code: Select all

/sbin/iptables -A INPUT -i eth0 -p tcp --destination-port 3500 -j REJECT
Greetings
Wolfgang
Post Reply

Who is online

Users browsing this forum: cloggy and 13 guests