| 1 |
Michael Sullivan wrote: |
| 2 |
> I'm having a problem with ipkungfu on one of my boxes. According to the |
| 3 |
> log files, it's running, but it doesn't seem to be firewall-ing. It's |
| 4 |
> not working on 192.168.1.2. Here's nmap output from 192.168.1.3: |
| 5 |
> |
| 6 |
> camille ~ # nmap -sT -PT 192.168.1.2 |
| 7 |
> |
| 8 |
> Starting Nmap 4.01 ( http://www.insecure.org/nmap/ ) at 2006-10-04 20:39 |
| 9 |
> CDT |
| 10 |
> Interesting ports on bullet.espersunited.com (192.168.1.2): |
| 11 |
> (The 1657 ports scanned but not shown below are in state: closed) |
| 12 |
> PORT STATE SERVICE |
| 13 |
> 21/tcp open ftp |
| 14 |
> 22/tcp open ssh |
| 15 |
> 25/tcp open smtp |
| 16 |
> 53/tcp open domain |
| 17 |
> 80/tcp open http |
| 18 |
> 111/tcp open rpcbind |
| 19 |
> 139/tcp open netbios-ssn |
| 20 |
> 143/tcp open imap |
| 21 |
> 445/tcp open microsoft-ds |
| 22 |
> 587/tcp open submission |
| 23 |
> 631/tcp open ipp |
| 24 |
> 746/tcp open unknown |
| 25 |
> 993/tcp open imaps |
| 26 |
> 2049/tcp open nfs |
| 27 |
> 3632/tcp open distccd |
| 28 |
> MAC Address: 00:10:4B:73:8E:81 (3com) |
| 29 |
> |
| 30 |
> Nmap finished: 1 IP address (1 host up) scanned in 0.597 seconds |
| 31 |
> |
| 32 |
|
| 33 |
OK. What does iptables -L report? Is iptables in your default |
| 34 |
runlevel? (hint: it shouldn't be.) If iptables is being started after |
| 35 |
ipkungfu for some reason, it may be overwriting ipkungfu's iptables |
| 36 |
rules with its saved (blank) ruleset. Try 'rc-update del iptables && |
| 37 |
reboot' if iptables is present in any runlevels. When you start |
| 38 |
ipkungfu, are there any error messages? |
| 39 |
-- |
| 40 |
gentoo-user@g.o mailing list |
Archives