iptables -A OUTPUT -o eth0 -p tcp --sport 9997 -m state --state NEW,ESTABLISHED -j ACCEPT
Looks like the solution was
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
Or at least that got it working.
So I'm a relative newbie with using iptables. I have used them for years but usually with fail2ban, and the occasional adding a specific rule to allow a specific connection [like to allow someone to SSH from a specific IP]. Lastly I just setup Splunk for the first time on a Windows 2012r2 server that I just stood up.
Splunk seems pretty straight forward and it all installed on the server with out any issues. I added a receive port (default 9997).
I installed the splunk universal forwarder to my Debian 9.8 Linux box. (using the official Splunk .deb download) Knowing that IP tables is going to trip me up I add some rules.
# iptables -A INPUT -i eth0 -p tcp --dport 9997 -m state --state NEW,ESTABLISHED -j ACCEPT
# iptables -A OUTPUT -o eth0 -p tcp --sport 9997 -m state --state NEW,ESTABLISHED -j ACCEPT
I get to the point where I add the forward server. I use a command similar to:
./splunk add forward-server 192.168.0.15:9997 -auth admin:changeme
I get the error: Couldn't complete HTTP request: Connection timed out
Okay so I check the windows firewall. I create a rule to allow all traffic from the linux server to the splunk server. I try again. Same thing. /grump
Alright so then it must be iptables since it drops most things. I go back to the Linux server and issue these:
iptables --policy INPUT ACCEPT
iptables --policy OUTPUT ACCEPT
I run the command. Bingo.
Added forwarding to: 192.168.0.15:9997.
So now my question... now that it appears to be working I would add data to forward... but I dont want to leave iptables wide open. Anyone good knowledgeable with Splunk and iptables to help me close this back up?
I could do something like:
iptables -A INPUT -s 192.168.0.15 -j ACCEPT
iptables -A OUTPUT -s 192.168.0.15 -j ACCEPT
But I would really like to lock this down to just the ports that Splunk needs. I'm obviously missing something.
note: I've tried adding a few more ports (8089 and 8000) to be accepted INPUT and OUTPUT. I've googled it about 30 different times and poured through their Splunks help docs and am stuck.
note2: ips changed to protect the innocent.
While you can run the version from github, the devs have asked that you download it from osticket.com/download instead. There is some packaging they do that apparently isn't handled by github (such as setting version number).
I generally recommend that people upgrade to at least PHP 5.6. If your a stickler for running a version of PHP thats still being support by php.net then you will want to upgrade to something a lot newer as 5.5, 5.6 and 7.0 are no longer under active support, and 7.0 will only receive security updates.
Does NIST Special Publication 800-53 r4 count as "outside of tech"?
If not then I did start re-reading Monstress Vol 3 by Marjorie Liu and Sana Takeda. (graphic novel), so I could move onto all the individual issues that came out after that which haven't been released in graphic novel format yet.
It's winter so in the last month: finished Horizon Zero Dawn, Kindom Hearts III, Shadow of the Collosus (HD remaster), and lastly just finished Final Fantasy X (HD remaster) last night.
This is outside my norm but I discovered this song last weekend and added it to my work play list. (note the beginning of the video isn't entirely work safe per se)
I created playlist after going to a concert and am listening to that.
Iron Maiden Book of Souls 2017 set list from Mansfield MA.
I'm a little late to this conversation...
If they are a non-profit (501c3) then they can go through TechSoup and get great pricing.
If they are a not for profit, I do not think that they qualify for Tech Soup.
We use TechSoup for my primary job and have for many years.
@hobbit666 On CentOS this is usually an SELinux configuration issue. You can try temporarily disabling SELinux and see if the problem goes away. If it does that you should write a rule allowing the connection. [And it goes with out saying that you should re-enable SELinux]
Honestly if it's as bad as you are saying it is. I would compose a list. I would document the whole thing with screen shots (and pictures) and I would hand it all to your boss and tell him to consult his lawyer as to whether or not they are going to sue him... He obviously wasn't providing them with what he was billing them for. Of course wait until you got the domain transferred. Then you can tell him that you aren't allowed to speak to him, and that all communications should be routed through "name of lawfirm here".
My only experience with them was for an RMA for the whole NAS not for a single drive, but I experienced the same thing (CC hold, etc). I don't recall if we had to pay for the shipping but I want to say that they footed the bill for the shipping because of the problem.
Maybe the person you spoke to didn't realize if was just for a single drive? I mean I find the some non-technical users think of a Tower as the "hard drive".
@wirestyle22 I would actually not recommend using the source from github. The devs do some stuff to package it up for the download section at osticket.com/download. What do they do? Honestly I've never asked. But the version displayed on any github downloaded version is never right.
@Dashrender It does not have a HDMI out, it has two DPs though. I use a DisplayPort to HDMI adapter to hook my laptop up to my projector at home. I bought a el cheapo $7 adapter but they make 4k ones and have them on Amazon for about $20.
We had been buying the HP Prodesk 600 G2s (i5 3.2Ghz 6500, 8GB DDR3, 500GB HDD)
We have a few public facing areas, and other areas where clients are located and decided that something smaller and less intrusive would be better and for those areas we get the HP EliteDesk 800 G2 (mini, i5 3.2Ghz 6500, 8GB DDR4, 256GB SSD) because we are mounting them on the back of monitors.
HP seems to be selling off a lot of stuff recently...
I know that this is a little late, but we use Buffalo TeraStations here. The 7000 series have has dual power supplies. It comes in 24TB, 48TB, 96TB, and 120TB flavors. That's about the extent of my knowledge about them though.
While we do not use the 7000 series we have had good luck, and only one disk failure (knocks on wood) with our three (3) TerraStation 5400's. Support wasn't a terrible experience either.
note: when I say "we" I do not mean osTicket. I actually mean the company that I work for [which is a medium sized non-profit].
I'm a little obsessed with this song... most versions of it.
This one is currently my favorite rendition though.
He's actually being super obtuse and actually wanted to ask if you specifically had an importer script for Spiceworks tickets. It's a very specific and very complex task, I'm afraid.
The folks over on the paid side (Customization Services) might have the ability to do something like that. But I certainly do not have a script like that, and it is definitely not baked into the product. I'm sure that it is something that they could work with people to do though.
@scottalanmiller as a side note, one of the most reported issues with osTicket under CentOS is that SELinux has some rules that conflict with some of the AJAX requests. If you get a white bar or find that something doesn't work you would want to check your logs to see if that's whats happening.