can't ftp, telnet, or ssh to FC2T2 box
Jack Bowling
jbinpg at shaw.ca
Wed Apr 7 22:12:31 UTC 2004
On Wed, Apr 07, 2004 at 09:44:31PM +0100, Mr. Adam ALLEN wrote:
> On Wed, 2004-04-07 at 20:09, shrek-m at gmx.de wrote:
> > Alan Cox wrote:
> >
> > >Sounds like an installer bug -> bugzilla it if its not already there.
> >
> > sorry,
> > i am busy and my test2 installation is (temporary) overwritten with fc1
> >
>
> Unfortunately I have that busy feeling too :-( but a few solutions
> (I've no time to reinstall since in a few days the laptop will be my
> production box for a week).
>
> I've never set NTP during install on the laptop, since most of the time
> it's offline.
>
> /etc/init.d/ntpd looks as though it does a sane check to make sure that
> any iptables configured on the box is that of the RH firewall.
>
> FWCHAIN="RH-Firewall-1-INPUT" # Is there a firewall running, and does it look like one we configured?
> FWACTIVE=''
> if [ -f /proc/net/ip_tables_names ]; then
> if iptables -L -n 2>/dev/null | grep -q $FWCHAIN ; then
> FWACTIVE=1
> fi
> fi
> ....
> if [ -n "$FWACTIVE" -a "$FIREWALL_MODS" != "no" ]; then
> for server in `echo $tickers $timeservers | tr ' ' '\n' | sort
> -u`; do echo -n $"$prog: Opening firewall for input from
> $server port 123"
> iptables -I $FWCHAIN -m udp -p udp -s $server/32 \
> --sport 123 -d 0/0 --dport 123 -j ACCEPT \
> && success || failure
> echo
> done
> fi
>
>
> That at least looks as though it should fail to execute the code to
> punch NTP through the firewall if "RH-Firewall" is absent from the
> iptables -a (Actually it should fail because /proc/net/ip_tables_names
> should be active until some iptable modules are inserted into the
> kernel).
>
> I was questioning if this was an anaconda issue, but I don't think this
> is an issue in the NTP init script, but something else somewhere.
>
> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=118667
> This looks to describe the problem (and at least has the right dates in
> it). I don't think I can add anything other than "me too" to the bug
> report though.
The option to enable ntp is in firstboot so that is the first (yuk yuk)
place to look.
--
Jack Bowling
mailto: jbinpg at shaw.ca
More information about the fedora-test-list
mailing list