Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Binding src IP to 'local_ip' config value in agentd. #615

Merged
merged 2 commits into from
Nov 11, 2015
Merged

Binding src IP to 'local_ip' config value in agentd. #615

merged 2 commits into from
Nov 11, 2015

Conversation

AndrewKant
Copy link
Contributor

In mulihomed host environment we have a big problem with binding agent to correct ip. By default agentd used ip-addr of interface, from which sented ip-packets. If we have tunnel or dynamic ip, server will be reject such packets.

I prepared and tested little patch for solve this problem by use 'local_ip' config value:

<ossec_config>
  <client>
    <server-ip>10.0.0.82</server-ip>
    <local_ip>192.168.0.101</local_ip>
  </client>
....

@jacobslife
Copy link

I second this pull request. In any dynamic routing environment the inability to specify a source address for agents becomes a big issue.

@GitHubEmail
Copy link

I third this request! I chased this issue around for a while myself. This is much needed functionality for reliable OSSEC server <-> agent communications. Without it, packets may never reach their target.

Thanks AndrewKant -- much appreciated.

@ddpbsd ddpbsd added this to the ossec-hids-3.0 milestone May 27, 2015
@Namsep
Copy link

Namsep commented May 28, 2015

Don't forget about IPv6.

Also, I currently have and the example uses a server-ip and a local_ip. It should be a bit more consistent with regards to using - versus _

@aquerubin
Copy link
Contributor

I've added this functionality to the IPv6 fork/pull-request.

@aquerubin
Copy link
Contributor

Temporarilly backing out the change to the IPv6 fork as it broke maild.

Ok fixed.

reyjrar added a commit that referenced this pull request Nov 11, 2015
@reyjrar
Merge pull request #615 from AndrewKant/master
41ea827 
Binding src IP to 'local_ip' config value in agentd.
@reyjrar reyjrar merged commit 41ea827 into ossec:master Nov 11, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
enhancement rn:agent
Projects
None yet
Milestone
ossec-hids-3.0
Development

Successfully merging this pull request may close these issues.
7 participants
@AndrewKant @jacobslife @GitHubEmail @Namsep @aquerubin @reyjrar @ddpbsd