Help with iptables firewall rules
Robert L Cochran
cochranb at speakeasy.net
Sun Feb 6 17:54:03 UTC 2005
I'm trying to allow my print server on 192.168.1.160 to communicate with
my machine. Otherwise, I don't seem able to print to my Laserjet. It
seems to be doing that by sending TCP packets to port 1023. So I added
this rule to my firewall:
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 1023
-j ACCEPT
But the packets still get rejected:
Feb 6 12:26:04 bobcp4 kernel: Packet dropped..IN=eth1 OUT=
MAC=00:11:09:61:11:6b:00:c0:02:55:52:55:08:00 SRC=192.168.1.160
DST=192.168.1.14 LEN=44 TOS=0x00 PREC=0x00 TTL=30 ID=34854 PROTO=TCP
SPT=515 DPT=1023 WINDOW=1024 RES=0x00 ACK PSH SYN URGP=0
I also had 2 other rules:
# -A RH-Firewall-1-INPUT -s 192.168.1.160 -p tcp -m state --state
NEW,ESTABLISHED,RELATED -j ACCEPT
# -A RH-Firewall-1-INPUT -s 192.168.1.160 -p udp -m state --state
NEW,ESTABLISHED,RELATED -j ACCEPT
They are shown commented out, but when I uncommented them the effect was
the same as above: again the packets were rejected and nothing printed.
Any idea of what I am doing wrong? Port 631 is open.
Thanks
Bob Cochran
More information about the fedora-list
mailing list