Larry, Why would you use iptables for internal servers? Iptables is a pain to learn and maintain. You are going to have to setup specific rules for DNS, HTTP, NTP, RHN and so on.. Use tcp_wrappers, the host.allow/deny are simpler context to learn. If you ignore the above advice, the first place to start is netstat -a. This will show the active connection state of the server. You'll need to look for services that are in the 'WAIT' state. This usually indicates that the service is having trouble communicating. These lines below will dump tcp connections into your /var/log/messages file for review.. iptables -I INPUT -p TCP -j LOG iptables -I OUTPUT -p TCP -j LOG -----Original Message----- From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Larry D Sorensen Sent: Wednesday, December 15, 2004 1:48 PM To: redhat-list@xxxxxxxxxx Subject: Re: RedHat security Is there a good reference somewhere on how to add iptable rules for someone who has never done it before? (I am talking step-by-step) Larry On Wed, 15 Dec 2004 14:33:32 -0500 "Kenneth Goodwin" <kgoodwin@xxxxxxxxxxxxxxxx> writes: > > -----Original Message----- > > From: redhat-list-bounces@xxxxxxxxxx > > [mailto:redhat-list-bounces@xxxxxxxxxx]On Behalf Of Larry > D Sorensen > > Sent: Wednesday, December 15, 2004 1:45 PM > > To: redhat-list@xxxxxxxxxx > > Subject: Re: RedHat security > > > > > > Is there a way to tell which part of the iptables is > causing the > > connection problem between the servers without turning > the > > whole thing > > off? > > > > Larry > > On Tue, 14 Dec 2004 09:21:47 -0600 "O'Neill, Donald (US - > Deerfield)" > > <dooneill@xxxxxxxxxxxx> writes: > > > Your firewall is on. Type 'service iptables stop' to > disable it. > > > Then > > > to prevent it from starting on reboot, type: > > > > > > chkconfig --level 2345 iptables off > > > > > > -----Original Message----- > > > From: redhat-list-bounces@xxxxxxxxxx > > > [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of > Larry D > > > Sorensen > > > Sent: Tuesday, December 14, 2004 9:02 AM > > > To: redhat-list@xxxxxxxxxx > > > Subject: Re:RedHat security > > > > > > > > > I recently installed RedHat Workstation 3 on 2 > different servers > > > using > > > medium security. Both boxes are internal, (so I > question why I used > > > medium), but I am now having trouble with the 2 > databases on them > > > talking. I believe it to be a security issue, but I am > not sure. > > > What > > > steps would I have to go through, short if > reinstalling, > > to make the > > > security how it would be if it were low? > > > > > > Larry > > > You probably just need to add in iptable rules on both > servers > to allow the other server to connect on the PORT number(s) > that your database software is using.. > > > -- > redhat-list mailing list > unsubscribe > mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list > > -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list This message (including any attachments) contains confidential information intended for a specific individual and purpose, and is protected by law. If you are not the intended recipient, you should delete this message. Any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited. -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
