1 2 Previous Next 16 Replies Latest reply on Mar 8, 2012 3:33 AM by Rohit Nayyar

    can't access host: operation not permitted

    Aryan Anantwar

      What are the reasons behind this problem.

      What will be the solutions to solve this.

       

      I have installed RSCD agent on a linux system.

      made entries in users.local for BLAdmin.

       

      still this server is not getting added in BBSA Appserver.

      while trying to execute any NSH command using NSH Shell, it displays can't access host: operation not permitted error.


      PFA for error while executing agentinfo command for linux system.

        • 1. can't access host: operation not permitted

          I saw this error very recently. Check if you can telnet to the agent at 4750, Networking connectivty with the agent. 

          • 2. can't access host: operation not permitted
            Bill Robinson

            is the agent listening on 4750?

             

            is tha port open to the appserver and where you run nsh from?

             

            what's in the users/users.local and exports files on the target?

             

            what is in the rscd.log file on the target?

             

            when you run from nsh there, unless you are using a nsh proxy or do a 'nsh here' you are not picking up bladelogic creds, so you are not acting as 'BLAdmins' here.

            • 3. can't access host: operation not permitted

              The most common reason for that error is that there is a firewall either running directly on the Linux target or somewhere in between that's preventing you from connecting to port 4750 on the Linux target.  If your box is running a firewall, make sure that there is a rule allowing connectivity to port 4750.

              • 4. can't access host: operation not permitted
                Aryan Anantwar

                Hi Bill,

                 

                I am running NSH from appserver system using network shell prompt not from BL Server console.

                in users.local file i have an entry:

                 

                BLAdmins:* rw.map=root

                nothing in users file.

                 

                in export file the default entry

                *   rw

                 

                A Warning in rscd.log file

                 

                03/06/12 17:19:02.848 INFO     rscd -  localhost.localdomain 25282 -1/-1 (???): ???: FIPS already enabled

                 

                03/07/12 20:00:13.732 WARN     rscd -  172.37.3.201 18430

                -1/-1 (???): ???: TLS setup failed for agent: Protocol mismatch. Check that client and server "secure" files match. Exiting and terminating connection.

                 



                • 5. can't access host: operation not permitted
                  Aryan Anantwar

                  I think same.

                   

                  bcoz, ican connect using ssh to the system but not by using telnet on port 4750.

                   

                  Will you plz tell me,

                  How to set a rule for allowing connectivity to port 4750. on linux box.

                  • 7. can't access host: operation not permitted
                    Aryan Anantwar

                    Hi Bill,

                     

                    It's RHEL 5 installed on VM.

                    • 8. Re: can't access host: operation not permitted
                      Bill Robinson

                      In the /etc/sysconfig/iptables file add:

                       

                      -A RH-Firewall-1-INPUT –m state –state NEW –m tcp –p tcp –dport 4750 –j ACCEPT

                       

                      Before the line:

                      -A RH-Firewall-1-INPUT –j REJECT –reject-with icmp-host-prohibited.

                       

                      And run ‘service iptables restart’

                      1 of 1 people found this helpful
                      • 9. can't access host: operation not permitted
                        Aryan Anantwar

                        Hi Bill,

                         

                        I added the lines u mentioned.

                         

                        after that the file looks like as follows:

                         

                        # Firewall configuration written by system-config-securitylevel

                        # Manual customization of this file is not recommended.

                        *filter

                        :INPUT ACCEPT [0:0]

                        :FORWARD ACCEPT [0:0]

                        :OUTPUT ACCEPT [0:0]

                        :RH-Firewall-1-INPUT - [0:0]

                        -A INPUT -j RH-Firewall-1-INPUT

                        -A FORWARD -j RH-Firewall-1-INPUT

                        -A RH-Firewall-1-INPUT -i lo -j ACCEPT

                        -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT

                        -A RH-Firewall-1-INPUT -p 50 -j ACCEPT

                        -A RH-Firewall-1-INPUT -p 51 -j ACCEPT

                        -A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT

                        -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT

                        -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT

                        -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

                        -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 2049 -j ACCEPT

                        -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT

                        -A RH-Firewall-1-INPUT –m state –state NEW –m tcp –p tcp –dport 4750 –j ACCEPT

                        -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited

                        COMMIT

                         

                         

                         

                        when i run command service iptables restart

                        it displays following error

                         

                        [root@localhost ~]# service iptables restart

                        Flushing firewall rules:                                   [  OK  ]

                        Setting chains to policy ACCEPT: filter                    [  OK  ]

                        Unloading iptables modules:                                [  OK  ]

                         

                        Applying iptables firewall rules: Bad argument `–m'

                        Error occurred at line: 20

                        Try `iptables-restore -h' or 'iptables-restore --help' for more information.

                                                                                   [FAILED]

                         

                         

                        what i have to do next?

                        • 10. Re: can't access host: operation not permitted
                          Bill Robinson

                          You have too many dashes in front of ‘m’.  looks like it takes only 1 ?

                          • 11. can't access host: operation not permitted
                            Aryan Anantwar

                            ya, thanks.

                            i made it correct.

                             

                            but now it showing error to NEW.

                             

                            [root@localhost ~]# service iptables restart

                            Flushing firewall rules:                                   [  OK  ]

                            Setting chains to policy ACCEPT: filter                    [  OK  ]

                            Unloading iptables modules:                                [  OK  ]

                            Applying iptables firewall rules: Bad argument `NEW'

                            Error occurred at line: 20

                            Try `iptables-restore -h' or 'iptables-restore --help' for more information.

                                                                                       [FAILED]

                            • 12. can't access host: operation not permitted
                              Bill Robinson

                              other args in that line also have too many dashes.  compare to the other lines.

                              • 13. can't access host: operation not permitted
                                Aryan Anantwar

                                I Made corrections ,

                                but it still shows the same error.....

                                • 14. can't access host: operation not permitted
                                  Aryan Anantwar

                                  Hi Bill,

                                   

                                  now the iptables service restarted successfully.

                                  but when i am going to do telnet on port 4750.

                                   

                                  it show following :

                                   

                                  [root@localhost ~]# service iptables restart

                                  Flushing firewall rules:                                   [  OK  ]

                                  Setting chains to policy ACCEPT: filter                    [  OK  ]

                                  Unloading iptables modules:                                [  OK  ]

                                  Applying iptables firewall rules:                          [  OK  ]

                                  Loading additional iptables modules: ip_conntrack_netbios_n[  OK  ]

                                   

                                  [root@localhost ~]# telnet 172.38.3.201 4750

                                  Trying 172.38.3.201...

                                  Connected to 172.38.3.201 (172.38.3.201).

                                  Escape character is '^]'.

                                   

                                   

                                   

                                  and stays steady....

                                   

                                  what it means?

                                  1 2 Previous Next