I can't seem to find any documentation that explains how to configure nftables to allow unix sockets for passthrough. I've got a CentOS 8 box running an LDAP server, and local commands like ldapsearch/ldapwhoami fail unless I disable nftables or manually direct it at the loopback IP address. Any step in the right direction is greatly appreciated.
Asked
Active
Viewed 104 times
0
-
This question would better fit in SuperUser exchange ... IMHO, Unix sockets have nothing to deal with nftables and every netfilter stuff. Your problem is probably somewhere else: _ Are you sure that you're connecting to a local Unix Socket ? Default behaviour may be to connect to 127.0.0.1 .. _ Do you use a FQDN for ldapsearch/ldapwhoami ? If so, then it's probably the resolver that fails. – binarym Nov 16 '20 at 14:29
-
Sorry, I missed your response. All the commands work when I explicitly specify to use 127.0.0.1 & they work regardless when I disable nftables, so that's what has led me to believe it's related to Unix sockets. The host is in an automated environment that also auto-fills the /etc/hosts with the rest of the hosts in the environment, which I went ahead and verified all were working anyways. But regardless, this is trying to all work locally within the same machine. I've still not found a solution either way, so I'll check out SuperUser exchange, thank you. – M4v Dec 22 '20 at 19:12
-
Check permissions and ownership on the socket file. – binarym Dec 23 '20 at 11:12