IP filtering

(tybreizh29) #1

I want to limit access to my ElasticSearch to 4 machines.
My server is Leila (not Leia :confused: i always thought is was Leila but in real it's Leia :confounded:).
All others are just here to post data in it.
Below is my elasticsearch.yml file, and there is no IP filtering with it.I can access http on any machine

network.host: leila
shield.transport.filter.enabled: true
shield.transport.filter.allow: [ "leila", "localhost" ]
shield.transport.filter.deny: _all

transport.profiles.client.shield.filter.enabled: true
transport.profiles.client.shield.filter.allow: [ "leila", "localhost" ]
transport.profiles.client.shield.filter.deny: _all

shield.http.filter.enabled: true
shield.http.filter.allow: [ "leila", "yoda", "darkvador", "amidala", "localhost" ]
shield.http.filter.deny: _all

I tried with


but then no one can access E.S. with http.
what's wrong ?
thanks for your help.

(David Pilato) #2

If you define network.host to, you'll be able to access your instance only using address, which means only access locally.

Try to change that to the network card IP address.

(tybreizh29) #3

I already tried that.

that's what I did, but it's world open when i do that.

(David Pilato) #4

But Shield will then filter allowed IP addresses, right?

(tybreizh29) #5

changing network.host:localhost to network.host:leila disable the localhost only access.
but what i was expecting from

shield.http.filter.enabled: true
shield.http.filter.allow: [ "leila", "yoda", "darkvador", "amidala", "localhost" ]
shield.http.filter.deny: _all

was to disable all http access except for the 4 machines in the allow line.

in real, the 4 machines are allowed, but also any other machine on the Internet, that's not expected.

(tybreizh29) #6

ok, shame on me :confused:

to use shield, install shield BEFORE ...

bin/plugin install license
bin/plugin install shield

i need some holidays ...

(system) #7