Freeciv 2.0.8
Bruno Wolff III
bruno at wolff.to
Mon Aug 13 19:09:40 UTC 2007
On Mon, Aug 13, 2007 at 14:13:39 -0400,
Temlakos <temlakos at gmail.com> wrote:
> >This makes me think that firewall rules are a possible culprit.
> >
> >
> All right, here are my firewall rules:
iptables -L is another way to get the firewall rules that shows what they
really are. What you have is what they are supposed to be. While they
are probably the same (though iptables output format is different)
it is possible for them to be different.
> ># Firewall configuration written by system-config-securitylevel
> ># Manual customization of this file is not recommended.
> >*filter
> >:INPUT ACCEPT [0:0]
> >:FORWARD ACCEPT [0:0]
> >:OUTPUT ACCEPT [0:0]
> >:RH-Firewall-1-INPUT - [0:0]
> >-A INPUT -j RH-Firewall-1-INPUT
> >-A FORWARD -j RH-Firewall-1-INPUT
> >-A RH-Firewall-1-INPUT -i lo -j ACCEPT
> >-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
> >-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
> >-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
> >-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
> >-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
> >-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
> >-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
> >-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22
> >-j ACCEPT
> >-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 137
> >-j ACCEPT
> >-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 138
> >-j ACCEPT
> >-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 139
> >-j ACCEPT
> >-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 445
> >-j ACCEPT
> >-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 5555
> >-j ACCEPT
> >-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 5555
> >-j ACCEPT
> >-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 5432
> >-j ACCEPT
> >-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 5432
> >-j ACCEPT
> >-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
> >COMMIT
I don't see anything in here that is interface specific except the rule
to accept all traffic on lo. The only IP specific address is in the multicast
range so that shouldn't be a problem. This makes the firewall being the
problem scenario seem a lot less likely.
> The logs say nothing about the programs civclient or civserver, nor do I
> see anything in the logs referable to a mishap at the time I tried to
> start those applications.
There wouldn't be program names. There would be information from the
contents of the packets being logged such a IP address on ports.
> What line should I add, to grant to my system the necessary permissions?
For a quick test of the firewall, you could disable it (preferably while
your local network is disconnected from the internet) and see if it helps.
You help locating freeciv log information, you could look at the documentation
for it, searching with google or asking on whatever support sources exist
for the project.
More information about the fedora-selinux-list
mailing list