Details
-
Task
-
Resolution: Fixed
-
Major
-
None
-
None
-
None
-
Centos 7 64 bit; CB EE 7.0.2-6547
-
1
Description
Summary:
Currently, we have a test that scans all ports to see if any services are listening on non-loopback address at non-ssl port after enforcing TLS.
One such port is indexer's 9100. After enforcing TLS, indexer seems to listen on this port on all addresses. ie;
ss -4anpe | grep "9100" | grep "LISTEN"
|
returns
tcp LISTEN 0 128 *:9100 *:* users:(("indexer",pid=83917,fd=21)) uid:996 ino:192323307 sk:ffff97f84dcabe00 <->
|
it returns *:9100 .
Filing this to check if this is expected or if indexer must listen instead only on 127.0.0.1:9100 after enforcing tls.