Backup agent for Linux servers and workstations on-premises or in the public cloud
Post Reply
wolfman22
Novice
Posts: 4
Liked: 2 times
Joined: Oct 14, 2016 8:11 am
Contact:

veeamservice listen on all interfaces regardless of config

Post by wolfman22 » Oct 14, 2016 8:20 am

Hi!

I'm evaluating the new Veeam Agent for Linux which works great - but it ignores the config made in
/etc/veeam/veeam.ini
where I have configured

Code: Select all

[service]
host = 127.0.0.1
port = 3500
but the service is listening on all interfaces - not only on the localhost:

Code: Select all

lsof -i -P | grep veeam
veeamserv  6695     root   13u  IPv4 8646293      0t0  TCP *:3500 (LISTEN)
Is this a bug - I haven't found any documentation about settings for this file.

System is Ubuntu 16.04 LTS with veeam_1.0.0.678_amd64.deb and veeamsnap_1.0.0.678_all.deb installed.

Thank you and greetings
Wolfgang

PTide
Veeam Software
Posts: 4534
Liked: 371 times
Joined: May 19, 2015 1:46 pm
Contact:

Re: veeamservice listen on all interfaces regardless of conf

Post by PTide » Oct 14, 2016 10:44 am

Hi,

The [service] setting is not exactly what you thought it was, veeam.ini structure will be reorganized in GA so the setting won't stay there. Did I get it right - on a host with multiple NIC interfaces available you'd like to make VAL to listen on the specific interface only, right?

Thanks

wolfman22
Novice
Posts: 4
Liked: 2 times
Joined: Oct 14, 2016 8:11 am
Contact:

Re: veeamservice listen on all interfaces regardless of conf

Post by wolfman22 » Oct 14, 2016 11:10 am

Hi!
Thanks for quick reply!

The linux box is sitting in the internet - and I would like the service listen to 127.0.0.1 and not on the public eth0 ip adress.
Backups are initiated via cronjob from within the box - so no need to have this service listen on public external ip

Greetings
Wolfgang

vmniels
Veeam Software
Posts: 2050
Liked: 453 times
Joined: Jul 15, 2013 11:09 am
Full Name: Niels Engelen
Contact:

Re: veeamservice listen on all interfaces regardless of conf

Post by vmniels » Oct 14, 2016 2:04 pm

You could add a firewall rule blocking it for now by using iptables.
VCP-DCV
Veeam Certified Architect (VMCA)
http://foonet.be

wolfman22
Novice
Posts: 4
Liked: 2 times
Joined: Oct 14, 2016 8:11 am
Contact:

Re: veeamservice listen on all interfaces regardless of conf

Post by wolfman22 » Oct 14, 2016 2:42 pm 1 person likes this post

yes for sure I can add a firewall or iptables entry but
in linux it is by design to not open any ports on external nic's if not necessary or configured - so I think VAL should also do this.

vmniels
Veeam Software
Posts: 2050
Liked: 453 times
Joined: Jul 15, 2013 11:09 am
Full Name: Niels Engelen
Contact:

Re: veeamservice listen on all interfaces regardless of conf

Post by vmniels » Oct 14, 2016 5:21 pm

Correct but it was more said as workaround for the current beta2.
VCP-DCV
Veeam Certified Architect (VMCA)
http://foonet.be

wolfman22
Novice
Posts: 4
Liked: 2 times
Joined: Oct 14, 2016 8:11 am
Contact:

Re: veeamservice listen on all interfaces regardless of conf

Post by wolfman22 » Oct 14, 2016 9:57 pm 1 person likes this post

Allright - so see it as a feature request :-)
configurable listening interface
Many thanks for quick replies!

For anyone in the same situation - iptables command as follows:

Code: Select all

/sbin/iptables -A INPUT -i eth0 -p tcp --destination-port 3500 -j REJECT
Greetings
Wolfgang

Post Reply

Who is online

Users browsing this forum: No registered users and 6 guests