iptables question
Margaret Doll
Margaret_Doll at brown.edu
Mon Jul 11 21:08:21 UTC 2005
I am having problems with getting Fedora 3 to Display xwindows across
the network.
I have variations of RedHat system from 7.3 to Enterprise 3 and
Fedora 3. I use ipchains or iptables along with /etc/hosts.allow to
control access to the systems.
The Fedora 3 systems are allowing ssh/sftp into them from specific
addresses only and allowing nfs mounts, but they are not allowing me
to ship a DISPLAY across the network.
Starting nmap V. 3.00 ( www.insecure.org/nmap/ )
Interesting ports on numbers.geo.brown.edu (128.148.124.52):
(The 1594 ports scanned but not shown below are in state: closed)
Port State Service
22/tcp open ssh
111/tcp open sunrpc
617/tcp open unknown
672/tcp open unknown
685/tcp open unknown
2049/tcp open nfs
32770/tcp open sometimes-rpc3
However,
iptables -L -v
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
35 2789 RH-Firewall-1-INPUT all -- any any
anywhere anywhere
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
0 0 RH-Firewall-1-INPUT all -- any any
anywhere anywhere
Chain OUTPUT (policy ACCEPT 18 packets, 1848 bytes)
pkts bytes target prot opt in out source
destination
Chain RH-Firewall-1-INPUT (2 references)
pkts bytes target prot opt in out source
destination
0 0 ACCEPT all -- lo any anywhere
anywhere
35 2789 ACCEPT all -- eth0 any anywhere
anywhere
0 0 ACCEPT icmp -- any any anywhere
anywhere icmp any
0 0 ACCEPT ipv6-crypt-- any any
anywhere anywhere
0 0 ACCEPT ipv6-auth-- any any
anywhere anywhere
0 0 ACCEPT all -- any any anywhere
anywhere state RELATED,ESTABLISHED
0 0 ACCEPT tcp -- any any anywhere
anywhere state NEW tcp dpt:ssh
0 0 ACCEPT tcp -- any any anywhere
anywhere state NEW tcp dpt:x11
0 0 REJECT all -- any any anywhere
anywhere reject-with icmp-host-prohibited
More information about the fedora-list
mailing list