If the Uptime Infrastructure Monitor Linux Agent is managed by xinetd (default option), it is possible to limit access to the Agent with xinetd's "only_from" parameter. Setting only_from parameter to the Uptime Infrastructure Monitor Monitoring Station hostname or IP address will restrict any other system from issuing requests to the Uptime Infrastructure Monitor Agent.
To implement, update the /etc/xinetd.d/uptimeagent configuration file and add the following line at the end (above the closing curly bracket)The up.time Linux agent has a built-in daemon option that allows users to run the up.time agent without (x)inetd installed on their server. The daemon allows access to be restricted to a specific hostname belonging to the up.time monitoring station as detailed below.
| Code Block | ||
|---|---|---|
| ||
/opt/uptime-agent/bin/uptmagnt-daemon -p <port> -b <hostname> | ||
only_from = uptime_ms |
If using an IP address, the only_from line is similarAn example launch may look like this:
| Code Block | ||
|---|---|---|
| ||
/opt/uptime-agent/bin/uptmagnt-daemon -p 9998 -b my.uptime.host.com | ||
only_from = 10.1.1.1 |
With the /etc/xinetd.d/uptimeagent configuration file updated, restart the xinetd service to read in the change.A common error is to include uptimesoftware.com in the bind option. For example, the launch command below incorrectly binds the agent daemon to only accept connections from uptimesoftware.com.
| Code Block | ||
|---|---|---|
| ||
/opt/uptime-agent/bin/uptmagnt-daemon -p 9998 -b uptimesoftware.cometc/init.d/xinetd restart |
Now, only the Uptime Infrastructure Monitor Monitoring Station system can access the Uptime Infrastructure Monitor Agent.