Hi All
I am trying to set up a very simple logstash test. I am following the book
and I have been successful with getting a server going with one instance of
each element in the ELK stack. Successful as long as I turn off iptables!
Since this is not an option I need some guidance to what ports I need to
have open.
This is the iptables status:
root # service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT)
num target prot opt source destination
1 RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
Chain RH-Firewall-1-INPUT (2 references)
num target prot opt source destination
1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED
2 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
3 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type
255
4 ACCEPT esp -- 0.0.0.0/0 0.0.0.0/0
5 ACCEPT ah -- 0.0.0.0/0 0.0.0.0/0
6 ACCEPT udp -- 0.0.0.0/0 224.0.0.251 udp
dpt:5353
7 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp
dpt:631
8 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:631
9 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
tcp dpt:22
10 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
tcp dpt:80
11 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
tcp dpt:443
12 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
tcp dpt:536
13 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
tcp dpts:9200:9400
14 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
tcp dpt:9302
15 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
tcp dpt:9303
16 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
tcp dpt:9304
17 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
tcp dpt:9305
18 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
tcp dpt:5514
19 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
tcp dpt:6379
20 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
tcp dpt:9300
21 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
tcp dpt:9301
22 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
tcp dpt:9200
23 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
tcp dpt:9292
24 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
tcp dpt:537
25 ACCEPT tcp -- 172.27.104.0/24 0.0.0.0/0
26 ACCEPT tcp -- 172.27.80.0/25 0.0.0.0/0
27 ACCEPT tcp -- 0.0.0.0/0 224.2.2.4
28 REJECT all -- 0.0.0.0/0 0.0.0.0/0
reject-with icmp-host-prohibited
It seems to have something to do with discovery in the elasticsearch
initialization. After logstash is running I can turn iptables on and it
continues to work.
Does anyone have a suggestion on what iptables might be blocking? I could
do a work around to start iptables after logstash and elasticsearch are up
and running but that doesn't seem right.
I can send logs if that would help.
This is the system and versions
Red Hat Enterprise Linux Server release 6.5 (Santiago)
Logstash Version:
/opt/logstash/bin/logstash --version
logstash 1.4.2-modified
Elasticsearch Version:
from the elasticsearch logs
version[1.2.1], pid[17907], build[6c95b75/2014-06-03T15:02:52Z]
Redis version
2.4.10
Thanks
Lois
--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/61335730-1253-487d-b613-1ec306c85159%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.