summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSimo Sorce <ssorce@redhat.com>2011-08-31 14:07:56 -0400
committerSimo Sorce <ssorce@redhat.com>2011-09-01 10:12:27 -0400
commita85dfd64bd18635d1bbe3cfb081d5ea1311c8d59 (patch)
tree3638d4c00ec918de2605bcfe886d43cd23fb1e61
parent887f02a4879d010278b3e64eae2525382172fb4c (diff)
downloadfreeipa-a85dfd64bd18635d1bbe3cfb081d5ea1311c8d59.zip
freeipa-a85dfd64bd18635d1bbe3cfb081d5ea1311c8d59.tar.gz
freeipa-a85dfd64bd18635d1bbe3cfb081d5ea1311c8d59.tar.xz
conncheck: Fix List of ports to check
We need to check all Kerberos ports both TCP and UDP transports. Since we have the PKI proxy configuration all communication with the CA happens on the standard 80/443 ports so we need to check them always. We do not need to leave the old CA ports open. These ports are still used locally but not over the network.
-rwxr-xr-xinstall/tools/ipa-replica-conncheck12
1 files changed, 6 insertions, 6 deletions
diff --git a/install/tools/ipa-replica-conncheck b/install/tools/ipa-replica-conncheck
index 7929579..ac1817e 100755
--- a/install/tools/ipa-replica-conncheck
+++ b/install/tools/ipa-replica-conncheck
@@ -50,16 +50,16 @@ class CheckedPort(object):
BASE_PORTS = [
CheckedPort(389, True, "Directory Service: Unsecure port"),
CheckedPort(636, True, "Directory Service: Secure port"),
- CheckedPort(88, False, "Kerberos"),
+ CheckedPort(88, True, "Kerberos KDC: TCP"),
+ CheckedPort(88, False, "Kerberos KDC: UDP"),
+ CheckedPort(464, True, "Kerberos Kpasswd: TCP"),
+ CheckedPort(464, False, "Kerberos Kpasswd: UDP"),
+ CheckedPort(80, True, "HTTP Server: port 80"),
+ CheckedPort(443, True, "HTTP Server: port 443(https)"),
]
CA_PORTS = [
CheckedPort(7389, True, "PKI-CA: Directory Service port"),
- CheckedPort(9443, True, "PKI-CA: Agent secure port"),
- CheckedPort(9444, True, "PKI-CA: EE secure port"),
- CheckedPort(9445, True, "PKI-CA: Admin secure port"),
- CheckedPort(9446, True, "PKI-CA: EE secure client auth port"),
- CheckedPort(9180, True, "PKI-CA: Unsecure port"),
]
def print_info(msg):