Freeciv 2.0.8

Temlakos temlakos at gmail.com
Mon Aug 13 22:50:18 UTC 2007 

Tony Nelson wrote:
> At 2:09 PM -0500 8/13/07, Bruno Wolff III wrote:
>   
>> On Mon, Aug 13, 2007 at 14:13:39 -0400,
>>  Temlakos <temlakos at gmail.com> wrote:
>>     
>>>> This makes me think that firewall rules are a possible culprit.
>>>>
>>>>
>>>>         
>>> All right, here are my firewall rules:
>>>       
>> iptables -L is another way to get the firewall rules that shows what they
>> really are. What you have is what they are supposed to be. While they
>> are probably the same (though iptables output format is different)
>> it is possible for them to be different.
>>     
>
> I like `iptables -vL` so I can tell the difference between the localhost
> rules and the rest.  It also lists the traffic, which is useful in finding
> out what rules are getting triggered when something isn't quite right.
> tcpdump is also useful; even if you don't understand all of it you may see
> the port you need open.
>
> Please don't word-wrap the `iptables -vL` output in the email -- it makes
> it hard to read.
>   
All right, I'll try that again:

Below is the output of '# sbin/iptables -vL' on my system:

]# /sbin/iptables -vL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               
destination        
28171   22M RH-Firewall-1-INPUT  all  --  any    any     
anywhere             anywhere           

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               
destination        
    0     0 RH-Firewall-1-INPUT  all  --  any    any     
anywhere             anywhere           

Chain OUTPUT (policy ACCEPT 26383 packets, 8286K bytes)
 pkts bytes target     prot opt in     out     source               
destination        

Chain RH-Firewall-1-INPUT (2 references)
 pkts bytes target     prot opt in     out     source               
destination        
 1412 4273K ACCEPT     all  --  lo     any     anywhere             
anywhere           
   17  1020 ACCEPT     icmp --  any    any     anywhere             
anywhere            icmp any
    0     0 ACCEPT     esp  --  any    any     anywhere             
anywhere           
    0     0 ACCEPT     ah   --  any    any     anywhere             
anywhere           
   18  3185 ACCEPT     udp  --  any    any     anywhere             
224.0.0.251         udp dpt:mdns
    0     0 ACCEPT     udp  --  any    any     anywhere             
anywhere            udp dpt:ipp
    0     0 ACCEPT     tcp  --  any    any     anywhere             
anywhere            tcp dpt:ipp
26379   18M ACCEPT     all  --  any    any     anywhere             
anywhere            state RELATED,ESTABLISHED
    0     0 ACCEPT     tcp  --  any    any     anywhere             
anywhere            state NEW tcp dpt:ssh
   95  8202 ACCEPT     udp  --  any    any     anywhere             
anywhere            state NEW udp dpt:netbios-ns
  164 39405 ACCEPT     udp  --  any    any     anywhere             
anywhere            state NEW udp dpt:netbios-dgm
   34  1632 ACCEPT     tcp  --  any    any     anywhere             
anywhere            state NEW tcp dpt:netbios-ssn
    1    48 ACCEPT     tcp  --  any    any     anywhere             
anywhere            state NEW tcp dpt:microsoft-ds
    0     0 ACCEPT     tcp  --  any    any     anywhere             
anywhere            state NEW tcp dpt:personal-agent
    0     0 ACCEPT     udp  --  any    any     anywhere             
anywhere            state NEW udp dpt:personal-agent
    0     0 ACCEPT     tcp  --  any    any     anywhere             
anywhere            state NEW tcp dpt:postgres
    0     0 ACCEPT     udp  --  any    any     anywhere             
anywhere            state NEW udp dpt:postgres
   51  4360 REJECT     all  --  any    any     anywhere             
anywhere            reject-with icmp-host-prohibited

More information about the fedora-selinux-list mailing list