Freeciv 2.0.8
Temlakos
temlakos at gmail.com
Mon Aug 13 22:48:31 UTC 2007
Tony Nelson wrote:
> At 2:09 PM -0500 8/13/07, Bruno Wolff III wrote:
>
>> On Mon, Aug 13, 2007 at 14:13:39 -0400,
>> Temlakos <temlakos at gmail.com> wrote:
>>
>>>> This makes me think that firewall rules are a possible culprit.
>>>>
>>>>
>>>>
>>> All right, here are my firewall rules:
>>>
>> iptables -L is another way to get the firewall rules that shows what they
>> really are. What you have is what they are supposed to be. While they
>> are probably the same (though iptables output format is different)
>> it is possible for them to be different.
>>
>
> I like `iptables -vL` so I can tell the difference between the localhost
> rules and the rest. It also lists the traffic, which is useful in finding
> out what rules are getting triggered when something isn't quite right.
> tcpdump is also useful; even if you don't understand all of it you may see
> the port you need open.
>
> Please don't word-wrap the `iptables -vL` output in the email -- it makes
> it hard to read.
>
Had to do som trial-and-error--turns out that "iptables" is an sbin
command. My "path" doesn't have it.
Herewith the output of '# sbin/iptables -vL':
> Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
> pkts bytes target prot opt in out source
> destination
> 28171 22M RH-Firewall-1-INPUT all -- any any
> anywhere anywhere
>
> Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
> pkts bytes target prot opt in out source
> destination
> 0 0 RH-Firewall-1-INPUT all -- any any
> anywhere anywhere
>
> Chain OUTPUT (policy ACCEPT 26383 packets, 8286K bytes)
> pkts bytes target prot opt in out source
> destination
>
> Chain RH-Firewall-1-INPUT (2 references)
> pkts bytes target prot opt in out source
> destination
> 1412 4273K ACCEPT all -- lo any anywhere
> anywhere
> 17 1020 ACCEPT icmp -- any any anywhere
> anywhere icmp any
> 0 0 ACCEPT esp -- any any anywhere
> anywhere
> 0 0 ACCEPT ah -- any any anywhere
> anywhere
> 18 3185 ACCEPT udp -- any any anywhere
> 224.0.0.251 udp dpt:mdns
> 0 0 ACCEPT udp -- any any anywhere
> anywhere udp dpt:ipp
> 0 0 ACCEPT tcp -- any any anywhere
> anywhere tcp dpt:ipp
> 26379 18M ACCEPT all -- any any anywhere
> anywhere state RELATED,ESTABLISHED
> 0 0 ACCEPT tcp -- any any anywhere
> anywhere state NEW tcp dpt:ssh
> 95 8202 ACCEPT udp -- any any anywhere
> anywhere state NEW udp dpt:netbios-ns
> 164 39405 ACCEPT udp -- any any anywhere
> anywhere state NEW udp dpt:netbios-dgm
> 34 1632 ACCEPT tcp -- any any anywhere
> anywhere state NEW tcp dpt:netbios-ssn
> 1 48 ACCEPT tcp -- any any anywhere
> anywhere state NEW tcp dpt:microsoft-ds
> 0 0 ACCEPT tcp -- any any anywhere
> anywhere state NEW tcp dpt:personal-agent
> 0 0 ACCEPT udp -- any any anywhere
> anywhere state NEW udp dpt:personal-agent
> 0 0 ACCEPT tcp -- any any anywhere
> anywhere state NEW tcp dpt:postgres
> 0 0 ACCEPT udp -- any any anywhere
> anywhere state NEW udp dpt:postgres
> 51 4360 REJECT all -- any any anywhere
> anywhere reject-with icmp-host-prohibited
Temlakos
More information about the fedora-selinux-list
mailing list