Access official resources from Carbon Black experts
Cb Response 5.x, 6.x
Iptables is missing entries preventing a Cb Response Cluster from communicating correctly
Iptables or configuration settings were manually altered after the Cb Response Server was deployed. Alternatively, during initial install the option for cbinit to customize iptables was rejected.
The Cbcheck utility adds additional entries based off /etc/cb/cb.conf and /etc/cb/cluster.conf that are necessary for a standalone server or a cluster implementation.
Note: For more information on which ports are added, check out:
Warning: The cbcheck utility doesn’t automatically add default deny rules. Check here for more information: Cb Response Server Is Accepting Traffic On All Ports
Complete these steps on all nodes:
/usr/share/cb/cbcheck iptables -l
/usr/share/cb/cbcheck iptables -a
Note: For general information on iptables rules, check here: https://www.digitalocean.com/community/tutorials/how-to-set-up-a-basic-iptables-firewall-on-centos-6