Firewalled print server

Alexander Dalloz ad+lists at uni-x.org
Thu Feb 24 21:29:51 UTC 2005 

Am Do, den 24.02.2005 schrieb Louis Garcia um 22:22:

> This is my /etc/sysconfig/iptables script:
> 
> # Firewall configuration written by system-config-securitylevel
> # Manual customization of this file is not recommended.
> *filter
> :INPUT ACCEPT [0:0]
> :FORWARD ACCEPT [0:0]
> :OUTPUT ACCEPT [0:0]
> :RH-Firewall-1-INPUT - [0:0]
> -A INPUT -j RH-Firewall-1-INPUT
> -A FORWARD -j RH-Firewall-1-INPUT
> -A RH-Firewall-1-INPUT -i lo -j ACCEPT
> -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
> -A RH-Firewall-1-INPUT -p 50 -j ACCEPT
> -A RH-Firewall-1-INPUT -p 51 -j ACCEPT
> -A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
> -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT

You opened port 631 for UPD only.

> -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
> -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
> -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
> COMMIT
> 
> 
> I can't print nor can I get to the cups admin page while the firewall is running.
> This is the default script fedora uses. Port 631 is there but does not let anything
> in.

Accessing the CUPS admin page with a browser on port 631 TCP is used.

> Trying to install ethereal but net-snmp is a dependency. net-snmp is dependent of
> libnetsnmp.so.5 which I can't find. Which package is this?

net-snmp-libs

Use up2date or yum to install packages with dependency auto-resolving.

> -Louis

Alexander


-- 
Alexander Dalloz | Enger, Germany | new address - new key: 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora GNU/Linux Core 2 (Tettnang) on Athlon kernel 2.6.10-1.14_FC2smp 
Serendipity 22:27:38 up 3 days, 9:36, load average: 0.19, 0.27, 0.28 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20050224/9852b9b1/attachment-0001.sig>

More information about the fedora-list mailing list