You can redirect traffic on standard ports to another port if you are using a firewall between an agent and the CA User Activity Reporting Module server.
Security best practices dictate the least user privilege required to run application processes and daemons. UNIX and Linux daemons running under non-root accounts cannot open ports below 1024. The standard UDP syslog port is 514. This can create a problem for devices such as routers and switches that cannot use non-standard ports.
To resolve this problem, you can configure the firewall to listen for incoming traffic on port 514 and then send to the CA User Activity Reporting Module server on a different port. The redirection occurs on the same host as the syslog listener. Choosing to use a non-standard port instead means that you would have to reconfigure each event source to send its events on that port.
To redirect event traffic through a firewall
An example of the command line entries for the netfilter/iptables packet filtering tool running on a Red Hat Linux operating system resembles the following:
chkconfig --level 345
iptables on iptables -t nat -A PREROUTING -p udp --dport 514 -j REDIRECT --to <yournewport>
service iptables save
For other implementations, refer to the instructions for handling ports provided by your firewall vendor.
|
Copyright © 2013 CA.
All rights reserved.
|
|