chef - [chef] Restrict services to ipaddress|interface

Subscribers: 1946
Owners
Bryan McLellan
Joshua Timberman
Nathen Harvey
Seth Chisamore
Serdar Sutay

Subscribe
Unsubscribe
Info
Archive

Post

RSS
Shared documents

General discussion about Chef

[chef] Restrict services to ipaddress|interface

From: Anikeev Serghey < >
To: " " < >
Subject: [chef] Restrict services to ipaddress|interface
Date: Wed, 21 Aug 2013 16:45:36 +0300
Authentication-results: smtp2.mail.yandex.net; dkim=pass

Greetings!

I am happy chef-server 11 user.
But several days ago i started to improve security on our infrastructure
server and saw this:
epmd      19402   chef_server    3u  IPv4 293233253      0t0  TCP *:epmd
(LISTEN)
beam.smp  19390   chef_server    7u  IPv4 293233279      0t0  TCP *:48596
(LISTEN)
java      19456   chef_server    9u  IPv4 293234010      0t0  TCP *:40414
(LISTEN)
java      19456   chef_server   10u  IPv4 293234011      0t0  TCP *:d-s-n
(LISTEN)
java      19456   chef_server   11u  IPv4 293234012      0t0  TCP *:45130
(LISTEN)
beam.smp  19608   chef_server    8u  IPv4 293236395      0t0  TCP *:47818
(LISTEN)
beam.smp  19823   chef_server    8u  IPv4 293237074      0t0  TCP *:56503
(LISTEN)

Those 7 services which listen on all interfaces.
The question is how to restrict them to loopback for example?

Thank You.

[chef] Restrict services to ipaddress|interface, Anikeev Serghey, 08/21/2013