HPE Community
Operating System - HP-UX
1752280 Members
5236 Online
108786 Solutions
New Discussion юеВ

Re: Stop diagmond from opening port 1508?

 
SOLVED
Go to solution
Tom Ward_1
Honored Contributor

тАО10-13-2009 02:37 PM

тАО10-13-2009 02:37 PM

Stop diagmond from opening port 1508?

The configuration file for diagmond listed in the man page has comments about using
LOCAL_ONLY_ENABLE 1
to stop connections except from the unit under test.

I've made this change, but find that port 1508 is still open.
>netstat -na |grep 1508
tcp 0 0 *.1508 *.* LISTEN

I'm missing something, so what does "LOCAL_ONLY_ENABLE 1" do?

Network scans frequently kill diagmond, and I'm sure like to put a stop to that. Any suggestions?

0 Kudos
15 REPLIES 15
Michael Steele_2
Honored Contributor

тАО10-13-2009 03:02 PM

тАО10-13-2009 03:02 PM

Re: Stop diagmond from opening port 1508?

Hi

Well, here's a couple of things:

"...NOTE (July 01): This enhancement was not completely implemented in the June release. The complete implementation appears in the Sept 01 release.
Enhanced diagmond so that it can be configured to only accept connections and requests from the local system -- any requests from a remote system will be rejected. The new configuration parameter is in the /var/stm/config/sys/diagmond.cfg file. It is called LOCAL_ONLY_ENABLE. If it is set to 1, only local connections are allowed. If it is set to 0, local and remote connections are allowed. By default, it is set to 0. ..."

http://docs.hp.com/en/diag/stm/str_0106_11.htm

Question: Are your online diags June 2001 or later?
Support Fatherhood - Stop Family Law
0 Kudos
SUDHAKAR_18
Trusted Contributor

тАО10-13-2009 07:25 PM

тАО10-13-2009 07:25 PM

Re: Stop diagmond from opening port 1508?

/sbin/init.d/diagnostic stop
/sbin/init.d/diagnostic start
0 Kudos
Tom Ward_1
Honored Contributor

тАО10-14-2009 09:02 AM

тАО10-14-2009 09:02 AM

Re: Stop diagmond from opening port 1508?

The version of STM we have is Version A.49.30. From swlist
# swlist | grep -i OnlineDiag
OnlineDiag B.11.11.16.09 HPUX 11.11 Support Tools Bundle, Sep 2005


While not listed at
http://docs.hp.com/en/diag/stm/stm_upd.htm
version A.49.10 is and that is from Sept 2005.

I realize this is not that latest, but it is 10 years after the product came out. You'd think a bug, if there is one, with the LOCAL_ONLY_ENABLE feature would have come to light in that time.

I have cycled diagnostics after updating the configuration file. My process is to
1) Edit the configuration file.
2) Restart diagnostics.
3) Verify that remote connections to diagmond fail. I just did a telnet to host on port 1508.

Everything looked good. I was well into my change when I started to suspect something was wrong. It seems that diagmond doesn't open port 1508 right away. I think it scans the hardware first and then opens the port. I was getting connection refused not because diagmond did not open a port, but becuase it had not YET opened a port. Coming back to the updated host a few minutes later showed the port was open.

I don't care if diagmond opens port 1508, but I'd sure like to get it listening only on localhost instead of the network interfaces.
0 Kudos
Michael Steele_2
Honored Contributor

тАО10-14-2009 11:42 AM

тАО10-14-2009 11:42 AM

Re: Stop diagmond from opening port 1508?

Hi

can you 'lsof the port?
Support Fatherhood - Stop Family Law
0 Kudos
Tom Ward_1
Honored Contributor

тАО10-14-2009 12:17 PM

тАО10-14-2009 12:17 PM

Re: Stop diagmond from opening port 1508?

# lsof -i |grep diagmond
diagmond 28825 root 4u inet 0xa361ce80 0t0 TCP *:60669 (LISTEN)
diagmond 28825 root 5u inet 0xa3374e80 0t0 TCP *:diagmond (LISTEN)
# grep diagmond /etc/services
diagmond 1508/tcp # Diagnostic System Manager

I didn't realize that 60669 was opened by diagmond as well as 1508.

0 Kudos
Tom Ward_1
Honored Contributor

тАО10-14-2009 04:26 PM

тАО10-14-2009 04:26 PM

Re: Stop diagmond from opening port 1508?

I can't say is is an easy 10 points, but I'd sure love to give someone points for this.

I have multiple servers with Version A.49.30. I've found one that listens only on localhost.

The config file, /var/stm/config/sys/diagmond.cfg, has nothing but the default, yet the server is listening on 127.0.0.1 port 1508.

>netstat -na |grep 1508
tcp 0 0 127.0.0.1.1508 *.* LISTEN
tcp 0 0 127.0.0.1.64531 127.0.0.1.1508 TIME_WAIT
tcp 0 0 127.0.0.1.64533 127.0.0.1.1508 TIME_WAIT

Two others listen on their network IP instead. Binaries match. Very strange.
0 Kudos
Laurent Menase
Honored Contributor

тАО10-14-2009 11:13 PM

тАО10-14-2009 11:13 PM

Re: Stop diagmond from opening port 1508?

>netstat -na |grep 1508
tcp 0 0 127.0.0.1.1508 *.* LISTEN
tcp 0 0 127.0.0.1.64531 127.0.0.1.1508 TIME_WAIT
tcp 0 0 127.0.0.1.64533 127.0.0.1.1508 TIME_WAIT

in fact they are not listening but in timewait
so it means a client process connected to diagmond and both side have been closed.

- ( client closed first then diagmond closed)
So thre is no problem there.

1 socket is in listen state ( the one owned by diagmond on which it accept client connections)
0 Kudos
Tom Ward_1
Honored Contributor

тАО10-21-2009 01:49 PM

тАО10-21-2009 01:49 PM

Re: Stop diagmond from opening port 1508?

I agree that
tcp 0 0 127.0.0.1.1508 *.* LISTEN

is no problem. This is what I what. Unfortunately what I get on almost every host is
>netstat -na |grep 1508
tcp 0 0 *.1508 *.* LISTEN

I have one host that shows
127.0.0.1 instead of *, so I know it can work that way. I'll be darned if I can figure out how. The configuration file is the same on both hosts are the same.

I am stumped!
0 Kudos
Michael Steele_2
Honored Contributor

тАО10-21-2009 02:44 PM

тАО10-21-2009 02:44 PM

Re: Stop diagmond from opening port 1508?

Hi

Lets look at the localhost entry in /etc/hosts file. This is a reserved ip addresss 127.0.0.1, and is always configured the same way in every hosts file.
Support Fatherhood - Stop Family Law
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.