- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - Linux
- >
- Re: Binding hpsmhd to a particular IP interface
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-03-2008 09:53 AM
11-03-2008 09:53 AM
Binding hpsmhd to a particular IP interface
While:
perl /usr/local/hp/hpSMHSetup.pl
Is good at adding restriction lists, it would be better to just not allow the management web interface to exist at all on unsecured networks. Would mean that my process of regression testing the Proliant support pack updates could much more relaxed.
I've hunted for apache-like config files in which to directly modify a Listen: command. So far my grep -lr, and google/ITRC searches for such a switch/config file has been unsuccessful.
Any pointers would be appreciated
-steve
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-03-2008 03:33 PM
11-03-2008 03:33 PM
Re: Binding hpsmhd to a particular IP interface
/opt/hp/hpsmh/conf/smhpd.conf
However, I think when I tried to modify it by hand long ago something kept rewriting it....
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-04-2008 06:45 AM
11-04-2008 06:45 AM
Re: Binding hpsmhd to a particular IP interface
Clearly the right file...has Listen directives right at the top.
Did the following to modify it
cp -ip /opt/hp/hpsmh/conf/smhpd.conf /opt/hp/hpsmh/conf/smhpd.conf.STOCK
vi /opt/hp/hpsmh/conf/smhpd.conf
Change:
Listen 2301
Listen 2381
to:
Listen intIP:2301
Listen intIP:2381
And did a service hpsmhd restart
And as you predicted, the conf file got overwritten with a clean set of listen commands...
Change of question: Where is a authoritative copy of smhpd.conf that is being used to overwrite this file? Perhaps modifying the source is the solution?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-04-2008 11:30 AM
11-04-2008 11:30 AM
Re: Binding hpsmhd to a particular IP interface
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-06-2008 07:07 AM
11-06-2008 07:07 AM
Re: Binding hpsmhd to a particular IP interface
The best doc I found on the XML file (and thank you for that bread crumb, one step closer to figuring this out) is:
http://docs.hp.com/en/438862-008/ch05s03.html
These do in fact do the sort of thing I need, namely override the automatic configs the the service hpsmhd restart would otherwise 'cleanup'. If I could figure out a switch for the xml file that applies to the listen lines (binding apparently not meaning the same thing to its programmers as it does to us network folks) then I'd be in business.
Maybe I'm at the bug report stage for this?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-06-2008 07:43 AM
11-06-2008 07:43 AM
Re: Binding hpsmhd to a particular IP interface
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-25-2008 07:27 PM
11-25-2008 07:27 PM
Re: Binding hpsmhd to a particular IP interface
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-26-2008 04:16 AM
11-26-2008 04:16 AM
Re: Binding hpsmhd to a particular IP interface
"We have checked with the L2 team and understand that it is not possible to make the SMH ports to only listen to a specific IP using IP binding."
and,
"We will certainly share this with the development team and request them to include such a feature in the future releases of the software."
Proliant support pack monitoring tools are apparently only both useful and secure for customers big enough to run all their PSP'd servers behind port level firewalls that screen out their WANs.
I suppose some might have production hosts that are also so lightly loaded that they can additionally run effective host level firewall software. That is rarely the case if effective and efficient provisioning is taking place - leading me back to my point above.
I consider this thread closed. I'm off to look at third party monitoring tools.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-26-2008 04:19 AM
11-26-2008 04:19 AM