Home > FAQs > I use Windows Firewall. Why do my scripts complete but my audit entries always show as running?
I use Windows Firewall. Why do my scripts complete but my audit entries always show as running?
I use Windows Firewall. Why do my scripts complete but my audit entries always show as running?
Table of Contents
Background
If you have an instance that is running Windows and is using the Windows firewall, you may notice that your scripts will actually complete on the instance, but the audit entries do not update, and show that the script is running indefinitely.
Answer
You will need to add port 5672 to your firewall, or open outbound traffic to our brokers and sketchy servers. The following script can be added to a boot script, which should automatically add rules for the RightScale brokers and the server specific sketchy server:
brokers = ""
for($i=1; $i -lt 6; $i++)
{
if ($i -ne 3)
{
for ($j=1; $j -lt 3; $j++)
{
$ip = [System.Net.Dns]::GetHostAddresses("broker${i}-${j}.rightscale.com") | select-object IPAddressToString -expandproperty IPAddressToString
$brokers += " "
$brokers += $ip
}
}
}
[string]$RSSERVERS = [System.Net.Dns]::GetHostAddresses($env:RS_SERVER) | select-object IPAddressToString -expandproperty IPAddressToString
$RSSERVERS += $brokers
$myIPs = $RSSERVERS.replace(" ", ",")
$myIPs = $myIPs + "," + $sketchyIP
Write-Host "RSSERVER is $myIPs..."
Write-Host "RSSERVERenv is $env:RS_SERVER..."
netsh advfirewall firewall add rule name="RIGHTSCALE_SERVERS" protocol=any remoteip=$MyIPs action=allow dir=out
Write-Host "SketchyIP is $sketchyIP..."
# Turn on firewall; block outgoing connections
cmd /c 'netsh advfirewall set allprofiles firewallpolicy allowinbound,blockoutbound'
Write-Host "Sleeping for 60 seconds before enabling firewall..."
Start-Sleep -s 60
cmd /c 'netsh advfirewall set allprofiles state on'
That script will add our brokers automatically and find the RightScale Sketchy server, which is used for monitoring.
- © Copyright 2015 RightScale Technical Support