Re: having problems with getting ports open through firewall

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Scott Berry wrote:

Woops sorry should have been eth0.

Scott
----- Original Message ----- From: Scott Berry To: For users of Fedora Sent: Monday, May 21, 2007 1:39 PM 
  Subject: having problems with getting ports open through firewall


  Hello there,

  I would like to have all ports open on eth-.  How would one go about this through system-config-securitylevel-tui?  Here is what my ifconfig reads.
eth0 Link encap:Ethernet HWaddr 00:10:5A:98:7C:E9 UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) Interrupt:11 Base address:0xec00 eth1 Link encap:Ethernet HWaddr 00:06:5B:16:93:37 inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::206:5bff:fe16:9337/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:14499 errors:0 dropped:0 overruns:1 frame:0 TX packets:6139 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:5165422 (4.9 MiB) TX bytes:1712329 (1.6 MiB) Interrupt:11 Base address:0xc800 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:2284 errors:0 dropped:0 overruns:0 frame:0 TX packets:2284 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:3238776 (3.0 MiB) TX bytes:3238776 (3.0
I don't think you can achieve this using system-config-securitylevel-tui. It just doesn't have the flexibility to handle this kind of configuration. These rules will do what you want: 

iptables -A INPUT -i eth0 -j ACCEPT
iptables -A OUTPUT -i eth0 -j ACCEPT
should allows any packet incoming or outgoing via eth0 to be accepted (unless a previous rule explicitly blocks the packet). However, since eth0 has no IP address and is not in promiscuous mode, what packets are you expecting to see on that interface? 

--
Nigel Wade, System Administrator, Space Plasma Physics Group,
            University of Leicester, Leicester, LE1 7RH, UK
E-mail :    nmw@xxxxxxxxxxxx
Phone :     +44 (0)116 2523548, Fax : +44 (0)116 2523555
[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux