Jump to content

Criller

Members
  • Content Count

    4
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Criller

  • Rank
    Noob

Previous Fields

  • Distribution
    Fedora 7
  1. Iptables were working.................and too is my syslogging that sparked this post grep /etc/services 514 showed this I ran a UDP port scanner called "portqueryui" which gave more information than the other scanners I tried. It told me that port 514 was open but not LISTENING. After a bit of Googling I realised that the instructions I followed for setting up syslog were different. I had added '-r -x' to the /etc/rc.d/init.d/syslog file and not the /etc/sysconfig/syslog. Made the changes and my router syslog messages started flowing. Thanks for taking the time in helping me with this. Cheers PJ
  2. Thanks, I tried this did an iptables save and iptables restart but no sign in the iptables file of udp port 514 ================================================================= [root@pjfed log]# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT udp -- anywhere anywhere udp dpt:syslog RH-Firewall-1-INPUT 0 -- anywhere anywhere ACCEPT udp -- anywhere anywhere udp spt:syslog state ESTABLISHED Chain FORWARD (policy ACCEPT) target prot opt source destination REJECT 0 -- anywhere anywhere reject-with icmp-host-prohibited Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain RH-Firewall-1-INPUT (1 references) target prot opt source destination ACCEPT udp -- anywhere anywhere state NEW udp dpt:syslog ACCEPT 0 -- anywhere anywhere ACCEPT icmp -- anywhere anywhere icmp any ACCEPT esp -- anywhere anywhere ACCEPT ah -- anywhere anywhere ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns ACCEPT udp -- anywhere anywhere udp dpt:ipp ACCEPT tcp -- anywhere anywhere tcp dpt:ipp ACCEPT 0 -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT udp -- anywhere anywhere state NEW udp dpt:syslog ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh REJECT 0 -- anywhere anywhere reject-with icmp-host-prohibited =====================================================================
  3. Thanks for your quick reply. I don't know I'm getting well stressed out with this iptables lark. I still can't seem to get udp port 514 open. What would you expect to see in your iptables if this port was open. After doing the iptables-save option I see the following - ============================================== Chain INPUT (policy ACCEPT) target prot opt source destination RH-Firewall-1-INPUT 0 -- anywhere anywhere Chain FORWARD (policy ACCEPT) target prot opt source destination REJECT 0 -- anywhere anywhere reject-with icmp-host-prohibited Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain RH-Firewall-1-INPUT (1 references) target prot opt source destination ACCEPT udp -- anywhere anywhere state NEW udp dpt:syslog ACCEPT 0 -- anywhere anywhere ACCEPT icmp -- anywhere anywhere icmp any ACCEPT esp -- anywhere anywhere ACCEPT ah -- anywhere anywhere ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns ACCEPT udp -- anywhere anywhere udp dpt:ipp ACCEPT tcp -- anywhere anywhere tcp dpt:ipp ACCEPT 0 -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT udp -- anywhere anywhere state NEW udp dpt:syslog ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh REJECT 0 -- anywhere anywhere reject-with icmp-host-prohibited ============================================================ When I run nmap I still cannot see an open port on 514 and my router syslog messages are not appearing in the logs. PJ
  4. Hello, I followed the sticky bit as to how to open a port and it doesn't appear to be working for me. I typed - iptables -A INPUT -i eth0 -p udp --sport 514 -m state --state ESTABLISHED -j ACCEPT I restarted iptables - service iptables restart However when I run iptables -L I do not see my open port. see below - =============================================================== Chain INPUT (policy ACCEPT) target prot opt source destination RH-Firewall-1-INPUT 0 -- anywhere anywhere Chain FORWARD (policy ACCEPT) target prot opt source destination REJECT 0 -- anywhere anywhere reject-with icmp-host-prohibited Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain RH-Firewall-1-INPUT (1 references) target prot opt source destination ACCEPT 0 -- anywhere anywhere ACCEPT icmp -- anywhere anywhere icmp any ACCEPT esp -- anywhere anywhere ACCEPT ah -- anywhere anywhere ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns ACCEPT udp -- anywhere anywhere udp dpt:ipp ACCEPT tcp -- anywhere anywhere tcp dpt:ipp ACCEPT 0 -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT udp -- anywhere anywhere state NEW udp dpt:syslog ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh REJECT 0 -- anywhere anywhere reject-with icmp-host-prohibited ============================================================= Also I cannot see my new entry in the /etc/sysconfig/iptables file - ============================================== # Firewall configuration written by system-config-securitylevel # Manual customization of this file is not recommended. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :RH-Firewall-1-INPUT - [0:0] -A INPUT -j RH-Firewall-1-INPUT -A RH-Firewall-1-INPUT -i lo -j ACCEPT -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT -A RH-Firewall-1-INPUT -p 50 -j ACCEPT -A RH-Firewall-1-INPUT -p 51 -j ACCEPT -A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 514 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT ==================================================== Am I doing something wrong here? Thanks PJ
×
×
  • Create New...