[CLUG] remote access weirdnesses
Peter Flynn
peter at silmaril.ie
Sat Feb 9 00:28:18 GMT 2002
Donncha O Caoimh wrote:
> Have you looked at the firewall configuration? Did you set it to medium
> or high? Disable it - it's the easiest, at least until everything's
> working.
> try /sbin/iptables -L to find out what rules are there.
This is the weirdest bit. I set it to high...but it doesn't do anything.
/sbin/ipchains -L says:
Chain input (policy ACCEPT):
target prot opt source destination ports
ACCEPT tcp -y---- anywhere anywhere any -> pop3
ACCEPT tcp -y---- anywhere anywhere any -> smtp
ACCEPT tcp -y---- anywhere anywhere any -> http
ACCEPT tcp -y---- anywhere anywhere any -> ftp
ACCEPT tcp -y---- anywhere anywhere any -> ssh
ACCEPT tcp -y---- anywhere anywhere any -> telnet
ACCEPT all ------ anywhere anywhere n/a
ACCEPT udp ------ intns2.ucc.ie anywhere domain -> any
ACCEPT udp ------ intns1.ucc.ie anywhere domain -> any
REJECT tcp -y---- anywhere anywhere any -> any
REJECT udp ------ anywhere anywhere any -> any
Chain forward (policy ACCEPT):
Chain output (policy ACCEPT):
In other words, accept anything from anywhere. In effect, there is no
firewall that I can see. I'll rename /etc/rc.d/rc5.d/S80ipchains and
reboot so that it's disabled completely. It's unnecessary anyway, I'm
not routing for anyone, this is an end-user desktop.
///Peter
--
/sbin/iptables -L (I hope you didn't mean this) says:
/lib/modules/2.4.9-21/kernel/net/ipv4/netfilter/ip_tables.o:
init_module: Device or resource busy
Hint: insmod errors can be caused by incorrect module parameters,
including invalid IO or IRQ parameters
/lib/modules/2.4.9-21/kernel/net/ipv4/netfilter/ip_tables.o: insmod
/lib/modules/2.4.9-21/kernel/net/ipv4/netfilter/ip_tables.o failed
/lib/modules/2.4.9-21/kernel/net/ipv4/netfilter/ip_tables.o: insmod
ip_tables failed
iptables v1.2.4: can't initialize iptables table `filter': iptables who?
(do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
More information about the Cork
mailing list