Firewall not updated to allow UDP traffic to 5544

[dwhitfield]

By default, a new install of NLS adds port 5544 to /etc/sysconfig/iptables using TCP transport. Yet documentation says that the "default syslog has a type conversion 'syslog.' This is going to label any logs coming in from UDP or TCP on port 5544 as syslog..."

Note that UDP traffic is dropped in iptables with the default configuration, so this statement is inaccurate.

NLS does bind to UDP port 5544 so if you open up the firewall to allow UDP traffic on port 5544, it will work as intended.

I consider this a bug and should be fixed, or else it's not a bug and documentation should be updated.

[cdienger]

What OS is this on? Is this a 1.4.4 install? I just tested a fresh install on CentOS 6.8 and iptables had a line to open udp port 5544.

[eloyd]

Likely this was from an OVA install from 2 years ago that's been updated to 1.4.4 in the interim.

If it's working from source install, that's great, but the OVA might need to be updated as well.

[dwhitfield]

The new OVA already has this fixed. This *was* a bug that has been fixed (although I don't know that it ever made it into the official internal bug tracker).

Ok, to go ahead and lock this one up?

[eloyd]

Yup yup. Thanks!