Hi
I want to limit access to my Elasticsearch to 4 machines.
My server is Leila (not Leia i always thought is was Leila but in real it's Leia ).
All others are just here to post data in it.
Below is my elasticsearch.yml file, and there is no IP filtering with it.I can access http on any machine
network.host: leila
shield.transport.filter.enabled: true
shield.transport.filter.allow: [ "leila", "localhost" ]
shield.transport.filter.deny: _all
transport.profiles.client.shield.filter.enabled: true
transport.profiles.client.shield.filter.allow: [ "leila", "localhost" ]
transport.profiles.client.shield.filter.deny: _all
shield.http.filter.enabled: true
shield.http.filter.allow: [ "leila", "yoda", "darkvador", "amidala", "localhost" ]
shield.http.filter.deny: _all
I tried with
network.host: 127.0.0.1
but then no one can access E.S. with http.
what's wrong ?
thanks for your help.
marc
dadoonet
(David Pilato)
December 21, 2015, 10:15am
2
If you define network.host to 127.0.0.1, you'll be able to access your instance only using 127.0.0.1 address, which means only access locally.
Try to change that to the network card IP address.
I already tried that.
tybreizh29190:
network.host: leila
that's what I did, but it's world open when i do that.
dadoonet
(David Pilato)
December 21, 2015, 7:41pm
4
But Shield will then filter allowed IP addresses, right?
changing network.host:localhost to network.host:leila disable the localhost only access.
but what i was expecting from
shield.http.filter.enabled: true
shield.http.filter.allow: [ "leila", "yoda", "darkvador", "amidala", "localhost" ]
shield.http.filter.deny: _all
was to disable all http access except for the 4 machines in the allow line.
in real, the 4 machines are allowed, but also any other machine on the Internet, that's not expected.
ok, shame on me
to use shield, install shield BEFORE ...
bin/plugin install license
bin/plugin install shield
i need some holidays ...