root@router01:~ # telnet 127.0.0.1 9200Trying 127.0.0.1...Connected to localhost.Escape character is '^]'.
You need a port forward to 127.0.0.1:9200 on the interface where the monitoring host is, not an allow rule on localhost.
The database seems to be bound to IP 127.0.0.1 for security reasons. This way, it is not accessible from outside the host itself. You would have to make it bind to 0.0.0.0 instead, but IDK if you can teak the configuration.
Quote from: doktornotor on September 10, 2024, 09:37:01 amYou need a port forward to 127.0.0.1:9200 on the interface where the monitoring host is, not an allow rule on localhost.Unsure why I would need any port forwarding here, I'm connecting directly to the OPNsense box on the correct port.
However, when trying from 10.1.1.21, the telnet never connects. Am I missing something obvious here? The 10.1.1.0/24 subnet is in the LOCAL group.
Quote from: dnll on September 12, 2024, 02:13:19 amQuote from: doktornotor on September 10, 2024, 09:37:01 amYou need a port forward to 127.0.0.1:9200 on the interface where the monitoring host is, not an allow rule on localhost.Unsure why I would need any port forwarding here, I'm connecting directly to the OPNsense box on the correct port.Because the packets are not arriving on localhost (loopback) interface at all, as you have observed. Quote from: dnll on September 10, 2024, 09:18:29 amHowever, when trying from 10.1.1.21, the telnet never connects. Am I missing something obvious here? The 10.1.1.0/24 subnet is in the LOCAL group.P.S. Making ES listen on wildcard is... crazy. Would really suggest to undo that and do the simple port forward. This post has a proper example of such NAT rule to make services that listen only on loopback accessible over LAN to chosen hosts. Use 10.1.1.21 for source and 9200 for destination and redirect target ports.