[torqueusers] Running torque with iptables

Ken Nielson knielson at adaptivecomputing.com
Thu Oct 20 13:55:26 MDT 2011


----- Original Message -----
> From: "Ti Leggett" <leggett at mcs.anl.gov>
> To: "Torque Users Mailing List" <torqueusers at supercluster.org>
> Sent: Wednesday, October 19, 2011 3:09:48 PM
> Subject: [torqueusers] Running torque with iptables
> 
> We're rolling out locking down machines much more tightly using
> iptables after a security incident. I've read the documentation and
> I have tcp/udp 15001 and tcp 15004 open on the PBS server, I have
> tcp 15002, tcp/udp 15003 and udp 0-1023 opened on the PBS MOMs and I
> have udp 0-1023 on the submit hosts. However it seems the MOM
> superior is trying to talk back to the submit host on tcp ephemeral
> ports >1024. Is there any way to restrict the range of those ports
> it's trying to use so that I can open those up appropriately, or am
> I going to have to take the (undesired) route of opening everything
> up between the MOMs and submit hosts?

The MOMs should only communicate with pbs_server and the other MOMs. I do not believe they communicate with the submit hosts. Could you tell us more about your setup?

Regards

Ken


More information about the torqueusers mailing list