can't ftp, telnet, or ssh to FC2T2 box

Mr. Adam ALLEN adam at dynamicinteraction.co.uk
Wed Apr 7 20:44:31 UTC 2004 

On Wed, 2004-04-07 at 20:09, shrek-m at gmx.de wrote:
> Alan Cox wrote:
> 
> >Sounds like an installer bug -> bugzilla it if its not already there.
> 
> sorry,
> i am busy and my test2 installation is (temporary) overwritten with fc1
> 

Unfortunately I have that busy feeling too :-(  but a few solutions
(I've no time to reinstall since in a few days the laptop will be my 
production box for a week). 

I've never set NTP during install on the laptop, since most of the time
it's offline.

/etc/init.d/ntpd looks as though it does a sane check to make sure that
any iptables configured on the box is that of the RH firewall. 

FWCHAIN="RH-Firewall-1-INPUT"                                                                        # Is there a firewall running, and does it look like one we configured?
FWACTIVE=''
if [ -f /proc/net/ip_tables_names ]; then
        if iptables -L -n 2>/dev/null | grep -q $FWCHAIN ; then
                FWACTIVE=1
        fi
fi
....
        if [ -n "$FWACTIVE" -a "$FIREWALL_MODS" != "no" ]; then
          for server in `echo $tickers $timeservers | tr ' ' '\n' | sort
-u`; do            echo -n $"$prog: Opening firewall for input from
$server port 123"
            iptables -I $FWCHAIN -m udp -p udp -s $server/32  \
                --sport 123 -d 0/0 --dport 123 -j ACCEPT \
                && success || failure
            echo
          done
        fi


That at least looks as though it should fail to execute the code to
punch NTP through the firewall if "RH-Firewall" is absent from the
iptables -a (Actually it should fail because /proc/net/ip_tables_names
should be active until some iptable modules are inserted into the
kernel).

I was questioning if this was an anaconda issue, but I don't think this
is an issue in the NTP init script, but something else somewhere.

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=118667
This looks to describe the problem (and at least has the right dates in
it). I don't think I can add anything other than "me too" to the bug
report though.

-- 
Regards,
Adam Allen.

adam at dynamicinteraction.co.uk
pgp http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x553349DB

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-test-list/attachments/20040407/db5e143f/attachment.sig>

More information about the fedora-test-list mailing list