[K12OSN] RE: RE: Loading vmlinuz.ltsp

"Terrell Prudé, Jr." microman at cmosnetworks.com
Tue Aug 31 12:27:06 UTC 2004 

It looks like you do indeed have the built-in Red Hat firewall turned 
on, and this will cause problems for thin clients.  The "medium" level 
is the Red Hat default during the installation, so it's easy to end up 
turning this on.  Normally, this is a good thing, but it does break LTSP 
and, therefore, K12LTSP.

Here's how to fix it till you reboot your server:

[root at server root]# iptables -F


This wipes out the firewall rules, allowing everything to go through.  
Since you're running the "standard" dual-NIC setup, I'm not absolutely 
certain, but you might also have to do this to get your NAT rules back:

[root at server root]# /sbin/service nat stop
[root at server root]# /sbin/service nat start


Now, this is fine, but what about when you next reboot your server?  We 
need a more permanent fix.  All the firewall rules are stored in 
/etc/sysconfig/iptables.  I took a look at the shell script that sources 
this file, and, from what I read, if that file isn't there, then those 
rules won't be implemented, and your problem should go away.  This is 
the case on my K12LTSP server.  In your case, you could either delete 
the file, or (my preference for safety's sake) you could simply rename 
it to, say, /etc/sysconfig/iptables.orig.

Give this a try and let us know how it goes.

--TP

ben may wrote:

>Hi,
> have two lan's running on my server but until i get it al running i have
>just pluged the two of them into the sam hub the clients are in.
>also
>[root at server root]# iptables -L
>
>Chain INPUT (policy ACCEPT)
>
>target     prot opt source               destination
>
>RH-Firewall-1-INPUT  all  --  anywhere             anywhere
>
>
>
>Chain FORWARD (policy ACCEPT)
>
>target     prot opt source               destination
>
>RH-Firewall-1-INPUT  all  --  anywhere             anywhere
>
>
>
>Chain OUTPUT (policy ACCEPT)
>
>target     prot opt source               destination
>
>
>
>Chain RH-Firewall-1-INPUT (2 references)
>
>target     prot opt source               destination
>
>ACCEPT     all  --  anywhere             anywhere
>
>ACCEPT     all  --  anywhere             anywhere
>
>ACCEPT     icmp --  anywhere             anywhere            icmp any
>
>ACCEPT     ipv6-crypt--  anywhere             anywhere
>
>ACCEPT     ipv6-auth--  anywhere             anywhere
>
>ACCEPT     all  --  anywhere             anywhere            state
>RELATED,ESTABLISHED
>
>ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp
>dpt:ssh
>
>REJECT     all  --  anywhere             anywhere            reject-with
>icmp-host-prohibited
>
>
>
>Thanks
>
>
>
>Ben May
>
>
>  
>
>>Hello Ben,
>>
>>Does your server indeed have 192.168.0.254 on the eth0 interface?  Also,
>>did you put eth0 on the network for your thin clients?  I'm assuming
>>you're using the "standard" dual-NIC setup here.
>>
>>Also, do you have the firewall turned on?  As root, try typing "iptables
>>-L", and if you see any rules, that could be a problem.
>>
>>--TP
>>
>>ben may wrote:
>>
>>    
>>
>>>Hi All,
>>>This is where i can get to with my server running 4.0.1
>>>/Client/
>>>"
>>>Searching For Server..(DHCP)
>>>..Me=192.168.0.253 (etc)
>>>loading 192.168.0.254:/lts/vmliniz.ltsp........
>>>"
>>>Thats it. it gets no where, i have read the HOW TO Ver. 3
>>>maybe theres something im doing wrong?
>>>Thanks
>>>
>>>Ben May
>>>Qld, Australia
>>>be_j_ma at optusnet.com.au
>>>      
>>>

More information about the K12OSN mailing list