[jboss-jira] [JBoss JIRA] (WFCORE-4763) interface "any" tag not working as expected
[
https://issues.jboss.org/browse/WFCORE-4763?page=com.atlassian.jira.plugi...
]
Yann Le Tallec edited comment on WFCORE-4763 at 11/27/19 10:11 AM:
-------------------------------------------------------------------
Thank you for your comment.
The doc says "Attribute indicating that part of the selection criteria for choosing
an IP address for this interface should be that *the IP address meets at least one of a
nested set of criteria, but not necessarily all of the nested criteria*." So it seems
to me that connections from any of the addresses inside any should be accepted.
In the end my goal is simple: I want the management interface to be accessible from
localhost and the local network. So I tried:
<any>
<inet-address value="127.0.0.1">
<subnet-match value="10.20.0.0/16">
</any>
but that doesn't work as explained in the issue.
If you have a workaround I'm happy to try it.
was (Author: assylias):
Thank you for your comment.
The doc says "Attribute indicating that part of the selection criteria for choosing
an IP address for this interface should be that ***the IP address meets at least one of a
nested set of criteria, but not necessarily all of the nested criteria***." So it
seems to me that connections from any of the addresses inside any should be accepted.
In the end my goal is simple: I want the management interface to be accessible from
localhost and the local network. So I tried:
<any>
<inet-address value="127.0.0.1">
<subnet-match value="10.20.0.0/16">
</any>
but that doesn't work as explained in the issue.
If you have a workaround I'm happy to try it.
interface "any" tag not working as expected
-------------------------------------------
Key: WFCORE-4763
URL: https://issues.jboss.org/browse/WFCORE-4763
Project: WildFly Core
Issue Type: Bug
Components: Management
Environment: Ubuntu 18.02
Reporter: Yann Le Tallec
Priority: Major
The {{<any>}} tag in the {{interface}} configuration of {{standalone.xml}} should
accept any connection that matches ANY of the provided rules. This is not the case as
demonstrated by the example below.
This configuration allows to run {{jboss-cli.sh -c}} from the machine where wildfly is
running as expected:
{code:xml}
<interfaces>
<interface name="management">
<any>
<inet-address value="127.0.0.1"/>
</any>
</interface>
</interfaces>
{code}
But if I add another (VALID) IP address inside the any tag, I can't connect any
more:
{code:xml}
<interfaces>
<interface name="management">
<any>
<inet-address value="127.0.0.1"/>
<inet-address value="10.20.230.26"/>
</any>
</interface>
</interfaces>
{code}
With the latter configuration, {{connect}} fails with the following error:
{noformat}
>The controller is not available at localhost:9990: java.net.ConnectException:
WFLYPRT0053: Could not connect to remote+http://localhost:9990. The connection failed:
WFLYPRT0053: Could not connect to remote+http://localhost:9990. The connection failed:
Connection refused
{noformat}
Note: to easily reproduce the problem from the cli, starting from a fresh standalone
install:
{code:bash}
connect
/interface=management:undefine-attribute(name=inet-address)
/interface=management:undefine-attribute(name=any)
/interface=management:write-attribute(name=any,value={inet-address=[127.0.0.1]})
reload
/interface=management:write-attribute(name=any,value={inet-address=[127.0.0.1,10.20.230.26]})
reload
{code}
Notes:
- 10.20.230.26 must be a reachable IP - if I use a random one I can connect normally.
- if I use {{subnet-match}} I get the same issue
--
This message was sent by Atlassian Jira
(v7.13.8#713008)