[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[AWIPS #WKO-561130]: EDEX running, can't connect to CAVE

Subject: [AWIPS #WKO-561130]: EDEX running, can't connect to CAVE
Date: Tue, 24 Mar 2015 08:28:14 -0600

> Hi Michael,
> 
> I have ldm and edex running on our server, waterspout.cst.cmich.edu. I
> installed a CAVE client on waterspout, and on my office box,
> baxter.eas.cmich.edu. I'm not able to connect to the EDEX server using
> either CAVE client.
> 
> I'm using:
> 
> http://localhost:9581/services
> 
> or
> 
> http://waterspout.cst.cmich.edu:9581/services
> 
> It says "unable to post request to server".
> 
> I opened the ports in iptables and there doesn't seem to be a problem here.
> I've attached the results of iptables -L.
> 
> I've also attached pg_hba.conf. After installation, I had to go in and
> replace the default ip address with waterspout's ip (141.209.175.80).
> 
> I plan on attending the workshop this summer, at this point I just want to
> see if I can get this to run with our existing hardware.
> 
> Thanks,
> 
> Marty
> _____________________________
> Martin A. Baxter, Ph.D.
> Associate Professor of Meteorology
> Department of Earth and Atmospheric Sciences
> Central Michigan University
> Office phone: (989) 774-2055
> http://people.cst.cmich.edu/baxte1ma
> 
> 


Hi Marty, 

I don't see the specific ports on your iptables output.  In my 
/etc/sysconfig/iptables file I have the following chain and definitions (using 
a group of IPs where noted such that the string reads 123.345.567.0/32 with the 
last part of the IP set to 0 to allow all within that domain).

*filter
:EDEX - [0:0]

-A INPUT -s (first IP address group)/32 -j EDEX
-A INPUT -s (second IP address group)/32 -j EDEX
-A INPUT -j EXTERNAL

-A EDEX -m state --state NEW -p tcp --dport 5672 -j ACCEPT
-A EDEX -m state --state NEW -p tcp --dport 5432 -j ACCEPT
-A EDEX -m state --state NEW -p tcp --dport 8080 -j ACCEPT
-A EDEX -m state --state NEW -p tcp --dport 9581 -j ACCEPT
-A EDEX -m state --state NEW -p tcp --dport 9582 -j ACCEPT
-A EDEX -j REJECT


What this does is allow connections from the stated IP address ranges for these 
ports only, which include the TCP connections that CAVE makes to EDEX.

I hope this helps you configure iptables, please let me know if you have more 
questions.


Michael James
Unidata Program Center
Boulder, Colorado


Ticket Details
===================
Ticket ID: WKO-561130
Department: Support AWIPS
Priority: Normal
Status: Open

Prev by Date: [AWIPS #AIL-884965]: Mcidas data ingest
Next by Date: [AWIPS #SZB-664045]: awipsII
Previous by thread: [AWIPS #AIL-884965]: Mcidas data ingest
Next by thread: [AWIPS #SZB-664045]: awipsII
Index(es):
- Date
- Thread