Re: Firewall - system-config-securitylevel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, 2007-03-24 at 03:26 +0700, lists@xxxxxxxxxxx wrote:
> I am trying to get pserver to work and need to allow traffic on port 2401.
> 
> I only have access via ssh to this server. I am using  
> system-config-securitylevel to do this, is that the way to admin the  
> firewall?

No, you can edit the /etc/sysconfig/iptables file manually, then do an
"service iptables restart".

> I am allowing telnet now, but when I try to telnet to the server it  
> gives "Connection refused".

That's because the telnetd daemon isn't running, and that's a really
good thing.  If your machine is on the internet, never, EVER allow
telnet!  Everything in telnet is in cleartext (usernames, passwords, the
lot).  Very, VERY bad!  Never use telnet.

> When I modified the firewall using system-config-securitylevel, do I  
> need to restart the firewall somehow? Is there any textfile where I  
> can find all firewall settings?

It should restart it, again via the "service iptables restart" command
(behind the scenes).

> How should I "officially" check if the 2401 port is open? I have been  
> using telnet for this, and that gives indications that there is some  
> firewall. Is it possible to see where the request is refused? It might  
> be the ISP that this server is inside that is blocking it?

First, make sure the pserver daemon is running.  Then you can do
"netstat -lpn | grep 2401" as the root user.  If you see a process
listening on 2401, you're fine.  You can also do

	nmap -sT -PT ip-address-of-your-machine

to verify that the port is open.  From the remote client, try the
same nmap thing and see if the port is still open.  If it isn't, your
ISP is probably blocking it.

----------------------------------------------------------------------
- Rick Stevens, Principal Engineer             rstevens@xxxxxxxxxxxx -
- VitalStream, Inc.                       http://www.vitalstream.com -
-                                                                    -
-            "You think that's tough?  Try herding cats!"            -
----------------------------------------------------------------------


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux