[torqueusers] Running torque with iptables

Ti Leggett leggett at mcs.anl.gov
Wed Oct 19 15:09:48 MDT 2011


We're rolling out locking down machines much more tightly using iptables after a security incident. I've read the documentation and I have tcp/udp 15001 and tcp 15004 open on the PBS server, I have tcp 15002, tcp/udp 15003 and udp 0-1023 opened on the PBS MOMs and I have udp 0-1023 on the submit hosts. However it seems the MOM superior is trying to talk back to the submit host on tcp ephemeral ports >1024. Is there any way to restrict the range of those ports it's trying to use so that I can open those up appropriately, or am I going to have to take the (undesired) route of opening everything up between the MOMs and submit hosts?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 163 bytes
Desc: Message signed with OpenPGP using GPGMail
Url : http://www.supercluster.org/pipermail/torqueusers/attachments/20111019/928948e7/attachment.bin 


More information about the torqueusers mailing list