Symptoms
After upgrade to PBA 5.5.x (or after installing fresh PBA 5.5.x) XML-RPC only listens to an internal IP address:
# netstat -antp | grep xmlrpcd
tcp 0 0 127.0.0.1:5224 0.0.0.0:* LISTEN 498/xmlrpcd
tcp 0 0 127.0.0.1:51946 0.0.0.0:* LISTEN 498/xmlrpcd
tcp 0 0 127.0.0.1:50094 127.0.0.1:5223 ESTABLISHED 498/xmlrpcd
tcp 0 0 127.0.0.1:51946 127.0.0.1:36881 ESTABLISHED 498/xmlrpcd
tcp 0 0 127.0.0.1:36881 127.0.0.1:51946 ESTABLISHED 498/xmlrpcd
It is required to configure a service to be listened on a public address as well for the third-party systems to be able to send the API requests.
Resolution
- Create /usr/local/bm/etc/ssm.conf.d/xmlrpcd.conf if it does not exist
The configuration file content shall be:
[options] arguments = 0.0.0.0:$(XMLRPCD_PORT)
Restart pba
/etc/init.d/pba restart
Check that the service is listened to all the IP addresses:
# netstat -antp | grep xmlrpcd tcp 0 0 127.0.0.1:56784 0.0.0.0:* LISTEN 1736/xmlrpcd tcp 0 0 0.0.0.0:5224 0.0.0.0:* LISTEN 1736/xmlrpcd tcp 0 0 127.0.0.1:52417 127.0.0.1:5223 ESTABLISHED 1736/xmlrpcd tcp 0 0 127.0.0.1:60100 127.0.0.1:56784 ESTABLISHED 1736/xmlrpcd tcp 0 0 127.0.0.1:56784 127.0.0.1:60100 ESTABLISHED 1736/xmlrpcd
Note: firewall configuration is required to improve security (accept requests only from trusted IP addresses/subnets). Also you can enable authorization for API requests (if version of PBA-E is below 5.5.5 please also check the following article).
For PBA 5.4.x
Enabling same functionality for PBA 5.4.x is explained in KB #8227