FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 07-10-2008, 10:08 PM
MHR
 
Default Understanding iptables

In following up on the rsh "problem" I was having earlier, I decided
to try out the suggestion Felipe sent about using
system-config-securitylevel-tui to open up ports 513 and 514, but that
doesn't seem to do the job, either.

# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- anywhere anywhere

Chain FORWARD (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- anywhere anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain RH-Firewall-1-INPUT (2 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere icmp any
ACCEPT esp -- anywhere anywhere
ACCEPT ah -- anywhere anywhere
ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns
ACCEPT udp -- anywhere anywhere udp dpt:ipp
ACCEPT tcp -- anywhere anywhere tcp dpt:ipp
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere state NEW
tcp dpt:login
ACCEPT tcp -- anywhere anywhere state NEW
tcp dpt:shell
ACCEPT tcp -- anywhere anywhere state NEW
tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere state NEW
tcp dpt:telnet
REJECT all -- anywhere anywhere
reject-with icmp-host-prohibited

Shouldn't this work given the login and shell lines above? Or do they
need to come before the ESTABLISHED line, too?

Thanks.

mhr
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 07-10-2008, 10:17 PM
Barry Brimer
 
Default Understanding iptables

Quoting MHR <mhullrich@gmail.com>:

> In following up on the rsh "problem" I was having earlier, I decided
> to try out the suggestion Felipe sent about using
> system-config-securitylevel-tui to open up ports 513 and 514, but that
> doesn't seem to do the job, either.

I could be remembering this wrong, but I believe these are udp, not tcp.

Barry
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 08:28 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org