[colug-432] 0.0.0.0.
Judd Montgomery
judd at jpilot.org
Sun Apr 19 15:36:13 EDT 2015
On 04/19/2015 12:35 PM, Steve VanSlyck wrote:
> Hi guys.
>
> A popular site on the web says, "By default the Salt master listens on
> ports 4505 and 4506 on all interfaces (0.0.0.0). To bind Salt to a
> specific IP, redefine the "interface" directive in the master
> configuration file...."
>
> What does "interface" mean in this context?
It means interface as shown with the ifconfig command. If you had two
interfaces, like a wireless card and an ethernet card you may want to
specify just one of them. For example, you may not want any public
exposed network to have any chance of getting to salt so you just don't
have salt listen on that interface. The default 0.0.0.0 should work for
testing and be open to packets coming in on all interfaces. I'd lock it
down once you see it working.
> Does this mean that salt can be configured to listen on these to ports
> only from requests that identify themselves as coming /from/ a
> particular IP address, or which are addressed /to/ a particular IP
> address (i.e., the IP address of the system Salt is installed on), or
> does it mean something self.
The requests get to an interface because they are addressed to and
routed to it. You could think of an interface as a physical piece of
hardware. A wireless card, or an ethernet card, however you have
virtual interfaces, virtual hardware, etc. so its more complicated than
that.
Judd
More information about the colug-432
mailing list