On Sat, 2007-03-24 at 03:26 +0700, lists@xxxxxxxxxxx wrote: > I am trying to get pserver to work and need to allow traffic on port 2401. > > I only have access via ssh to this server. I am using > system-config-securitylevel to do this, is that the way to admin the > firewall? No, you can edit the /etc/sysconfig/iptables file manually, then do an "service iptables restart". > I am allowing telnet now, but when I try to telnet to the server it > gives "Connection refused". That's because the telnetd daemon isn't running, and that's a really good thing. If your machine is on the internet, never, EVER allow telnet! Everything in telnet is in cleartext (usernames, passwords, the lot). Very, VERY bad! Never use telnet. > When I modified the firewall using system-config-securitylevel, do I > need to restart the firewall somehow? Is there any textfile where I > can find all firewall settings? It should restart it, again via the "service iptables restart" command (behind the scenes). > How should I "officially" check if the 2401 port is open? I have been > using telnet for this, and that gives indications that there is some > firewall. Is it possible to see where the request is refused? It might > be the ISP that this server is inside that is blocking it? First, make sure the pserver daemon is running. Then you can do "netstat -lpn | grep 2401" as the root user. If you see a process listening on 2401, you're fine. You can also do nmap -sT -PT ip-address-of-your-machine to verify that the port is open. From the remote client, try the same nmap thing and see if the port is still open. If it isn't, your ISP is probably blocking it. ---------------------------------------------------------------------- - Rick Stevens, Principal Engineer rstevens@xxxxxxxxxxxx - - VitalStream, Inc. http://www.vitalstream.com - - - - "You think that's tough? Try herding cats!" - ----------------------------------------------------------------------