VMware Cloud Community
listener
Contributor
Contributor

Lock files with the firewall

What is the purpose of locks files that get created with the firewall? I can see how lock files would be necessary for vmdks, but sometimes after too many firewall commands a "esx.conf.LOCK" gets created. Is it dangerous to delete the file?

thanks,

- h

Reply
0 Kudos
4 Replies
beyondvm
Hot Shot
Hot Shot

how many commands is "too many commands," I have never experienced this and I usually configure networking via command line.

---

If you found any of my comments helpful please consider awarding points for "Correct" or "Helpful". Thanks!!!

www.beyondvm.com

--- If you found any of my comments helpful please consider awarding points for "Correct" or "Helpful". Thanks!!! www.beyondvm.com
Reply
0 Kudos
listener
Contributor
Contributor

If I open a few firewall ports, then close some, then query the firewall, then disable a service and open another port I noticed the firewall will "LOCK."

I was experimenting to see which services used "https" and if it made a different connecting to my storage array via SSL on port 443. That's more use of the "esxcfg-firewall" command than normal I would suspect so I deleted the "esx.conf.LOCK' file. I just wonder if that can cause other issues?

thanks,

h

Reply
0 Kudos
beyondvm
Hot Shot
Hot Shot

Huh, that is odd. I have done 10 or 15 commands opening ports without an issue, what happens if you restart the management services?

---

If you found any of my comments helpful please consider awarding points for "Correct" or "Helpful". Thanks!!!

www.beyondvm.com

--- If you found any of my comments helpful please consider awarding points for "Correct" or "Helpful". Thanks!!! www.beyondvm.com
Reply
0 Kudos
rantmaster
Contributor
Contributor

I've seen this happen on ESX 4 Update 1 when I use esxcfg-firewall to close a port that's already closed. The obvious question is "Why would I do that?". It was in a script where I make sure certain ports are closed no matter what. So if I attempt to close a port that's already closed the esx.conf.LOCK file is created in /etc/vmware and it basically causes futher usage of the esxcfg-firewall command to fail. However I have no idea why this occurs....

Anyone have any ideas??

Reply
0 Kudos