Logstash和iptables
[英]Logstash and iptables
问题描述
I've just installed Logstash on my Ubuntu Server according by this tutorial I've iptables with allowed 80 and 22 ports only. 
根据本教程,我刚刚在Ubuntu Server上安装了Logstash,我的iptables仅允许80和22个端口。 So when Logstash is started I get the following iptables error in the logs. 因此,当启动Logstash时,我在日志中收到以下iptables错误。
What is 224.2.2.4 address and what's should I need to prevent this error? 什么是224.2.2.4地址,我需要什么才能防止此错误?
2 个解决方案
解决方案1
1 2013-08-10 12:02:36
you should check you iptables rules (mostly filter table) to see if there is any rule that prevents the transfer: thigs u should probably check: 您应该检查iptables规则(主要是过滤器表),以查看是否存在阻止传输的规则:thigs您应该检查:
- source IP 源IP
- destination IP 目的IP
- packet type (TCP/UDP) 封包类型(TCP / UDP)
- network interface further more you may check the source-ip and the destination-ip as well 网络接口,您还可以检查源IP和目标IP
解决方案2
0 2014-02-14 08:23:35
224.xxx are multicast adresses. 224.xxx是多播地址。 Multicast is used when one system wants to communicate to a group of systems. 当一个系统要与一组系统通信时,使用多播。 Membership of the groups is managed with IGMP. 组的成员资格由IGMP管理。
ElasticSearch uses multicast to communicate within clusters. ElasticSearch使用多播在集群内进行通信。 Logstash by default connects to ElasticSearch as a cluster node. 默认情况下,Logstash作为群集节点连接到ElasticSearch。 You can fix this by allowing the multicast traffic on your iptables configuration, you will probably need to allow IGMP traffic as well. 您可以通过在iptables配置上允许多播流量来解决此问题,您可能还需要允许IGMP流量。 Other option is to disable multicast in Logstash and ElasticSearch. 另一个选项是在Logstash和ElasticSearch中禁用多播。 You can do this by configuring logstash to use elasticsearch_http output instead of elasticsearch and disable multicast discovery set: discovery.zen.ping.multicast.enabled: false in elasticsearch.yml 您可以通过将logstash配置为使用elasticsearch_http输出而不是elasticsearch并禁用多播发现集来做到这一点:discover.zen.ping.multicast.enabled:elasticsearch.yml中为false
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.