Re: Freeciv 2.0.8

Temlakos <temlakos@xxxxxxxxx> · Mon, 13 Aug 2007 18:48:31 -0400

Tony Nelson wrote:
At 2:09 PM -0500 8/13/07, Bruno Wolff III wrote:

On Mon, Aug 13, 2007 at 14:13:39 -0400,
 Temlakos <temlakos@xxxxxxxxx> wrote:

This makes me think that firewall rules are a possible culprit.

All right, here are my firewall rules:

iptables -L is another way to get the firewall rules that shows what they
really are. What you have is what they are supposed to be. While they
are probably the same (though iptables output format is different)
it is possible for them to be different.

I like `iptables -vL` so I can tell the difference between the localhost
rules and the rest.  It also lists the traffic, which is useful in finding
out what rules are getting triggered when something isn't quite right.
tcpdump is also useful; even if you don't understand all of it you may see
the port you need open.

Please don't word-wrap the `iptables -vL` output in the email -- it makes
it hard to read.

Had to do som trial-and-error--turns out that "iptables" is an sbin
command. My "path" doesn't have it.

Herewith the output of '# sbin/iptables -vL':
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               
destination         
28171   22M RH-Firewall-1-INPUT  all  --  any    any     
anywhere             anywhere            

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               
destination         
    0     0 RH-Firewall-1-INPUT  all  --  any    any     
anywhere             anywhere            

Chain OUTPUT (policy ACCEPT 26383 packets, 8286K bytes)
 pkts bytes target     prot opt in     out     source               
destination         

Chain RH-Firewall-1-INPUT (2 references)
 pkts bytes target     prot opt in     out     source               
destination         
 1412 4273K ACCEPT     all  --  lo     any     anywhere             
anywhere            
   17  1020 ACCEPT     icmp --  any    any     anywhere             
anywhere            icmp any
    0     0 ACCEPT     esp  --  any    any     anywhere             
anywhere            
    0     0 ACCEPT     ah   --  any    any     anywhere             
anywhere            
   18  3185 ACCEPT     udp  --  any    any     anywhere             
224.0.0.251         udp dpt:mdns
    0     0 ACCEPT     udp  --  any    any     anywhere             
anywhere            udp dpt:ipp
    0     0 ACCEPT     tcp  --  any    any     anywhere             
anywhere            tcp dpt:ipp
26379   18M ACCEPT     all  --  any    any     anywhere             
anywhere            state RELATED,ESTABLISHED
    0     0 ACCEPT     tcp  --  any    any     anywhere             
anywhere            state NEW tcp dpt:ssh
   95  8202 ACCEPT     udp  --  any    any     anywhere             
anywhere            state NEW udp dpt:netbios-ns
  164 39405 ACCEPT     udp  --  any    any     anywhere             
anywhere            state NEW udp dpt:netbios-dgm
   34  1632 ACCEPT     tcp  --  any    any     anywhere             
anywhere            state NEW tcp dpt:netbios-ssn
    1    48 ACCEPT     tcp  --  any    any     anywhere             
anywhere            state NEW tcp dpt:microsoft-ds
    0     0 ACCEPT     tcp  --  any    any     anywhere             
anywhere            state NEW tcp dpt:personal-agent
    0     0 ACCEPT     udp  --  any    any     anywhere             
anywhere            state NEW udp dpt:personal-agent
    0     0 ACCEPT     tcp  --  any    any     anywhere             
anywhere            state NEW tcp dpt:postgres
    0     0 ACCEPT     udp  --  any    any     anywhere             
anywhere            state NEW udp dpt:postgres
   51  4360 REJECT     all  --  any    any     anywhere             
anywhere            reject-with icmp-host-prohibited

Temlakos

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list