Problem With Firewall. :(

I have been flailing trying to get a web server running on Fedora 21.

Finally did so.

I have my iptables working (me thinks) as they should. I can connect from my Linux box (local) or from my Mac on the same network/subnet.

Problem is in my "travels" I have somehow trashed my firewall-cmd.

I was adding parameters to it w/o issue. E.G
firewall-cmd --zone=public --add-port=80/tcp --permanent
Then restarting firewall-cmd
firewall-cmd --realod

This was all working. I "fixed" my problem with connecting to my web server from other LAN workstations (iptables issues) and was going back to see if all was well. Now when I try to restart I get a:
FirewallD is not running
That from my "reload" command above.

Have I fixed my web server issue or is my world wide open att?

Assistance, as always, greatly appreciated.

Skip

Hi,

I am running a centOS 6 server , with public ip as web-server. Sometimes the ftp service & firewall ( system-config-firewall) gets dead /crashed.

i have to start messagebus service in-order to start firewall.


what is the real cause of this issue ? Dos attack ?

netstat doesn't show any unusual ip connections

Hi all,
I am brand new to Linux, playing around a bit with different things to see how I can use it in the future. Here is my problem:

I have written a simple program in Ada that works well on windows. It opens a TCP port (20000) and listens for incoming connections. I tried it on my internal network and it works well. I can connect from other windows machines and even from my Linux machine.

Now I moved the program to Linux and compiled it there. It starts ok and then listens for the connections. I can connect to it from that same Linux machine but not from any other machine on my network.

I checked the firewall status on Linux with ufw status and it is disabled. I also tried to add a rule to the iptables with
iptables -A INPUT -p tcp --dport 20000 -j ACCEPT

but still nothing. I can not connect from another machine on my network. I also tried to open a simple telnet connection from a windows machine and that too is blocked. I thought without the firewall all incoming connections would be allowed but obviously something is not working as I thought.

Any help would be greatly appreciated

hi,

I am using fedora core 20. To access desktop from remote I followed the instructions mentioned in the website.

http://hex.ro/wp/blog/fedora-20-remo...rom-windows-7/

1. Settings -> System -> Sharing – enable Sharing then for Screen Sharing enable it and then enable all checkboxes
2. Added port in firewall
#firewall-cmd --add-service=vnc-server
3. Set the command
# gsettings set org.gnome.Vino require-encryption false

From other machine, using Tight vncviewer when I entered the IP address of this machine, I get full black screen. Please help me in this regards.

Thanks in advance.
uv.

Hi,

I have a CentOS 6 machine [Machine X], which I connect to using a putty client or from another CentOS 6 machine.

Now, the machine X intermittently sends a connection reset message to all SSH sessions -

Code:

Read from remote host 1.1.1.1: Connection reset by peer
Connection to 1.1.1.1 closed.

I have switched off the firewall on the machine & there are no session timeout values set.

How do I find out what is causing this issue?


Thanks

Bhushan

I have an Intel x86_64 system running rhel 7.0 I want to use this system as a Firewall. The system has two NICs. one NIC is defined with the static IP address from my ISP. The other NIC is also static i.e. no dhcp, and is assigned a LAN addrs of 192.168.10.6 It is plugged into a switch (192.168.10.1) that has other three devices plugged in. Each with it's own hard-coded LAN address (Netmask is 255.255.255.0) I have two zones active in the firewall config External (using the static ip from the ISP) and Internal (using the IP addrs of 192.168.10.6) I'm forwarding the following two ports 80 & 443 in both zones. External zone: ports 80 & 443 are forwarded to my switch (192.168.10.1) Internal zone: ports 80 & 443 are forwarded to my static IP addrs from my ISP. I have IP masquerading turned on in the External zones. However none of the other workstations (Windows 7 professional) and my "smart" TV (netflix access) are able to access the internet. Again I'm NOT using any dhcp, all IP addresses are hard coded. I can ping any LAN address from any LAN node. The Linux FW machine can access the internet. I've read thru the RHEL 7.0 Security guide regarding setting up the firewall and I believe I have all the elements defined properly ... It just doesn't work. I have the same set of DNS values defined on all systems.
They are the three DNS servers assigned by my ISP. I have ipv4 forwarding active on my Linux system. I have masquerading "turned on" in the External zone. The resolv.conf file has the ip addresses of the DNS servers as well as my switch.
However the windows 7 systems and my "smart" TV cannot access the internet.
Anyone who's really familiar with rhel firewall-config GUI and has any suggestions please respond.
Thanks
Guy

What I have here is a Dell Optiplex GX620 (stock) with a new install of Xubuntu as of May 18. It works fine except that I am having trouble printing.
The printer is an HP Deskjet 832c hooked to a Linksys BEFW11P1. The Linksys box is an old internet router/firewall/wi-fi/printserver. I am using it as a network printserver with all the other functions disabled. It's a strange setup for sure. But, over there I have another computer running Lucid Puppy 5.3.2 and it prints just fine.
This machine running Xubuntu only will print the simplest of documents. The printer setup will print a test page, Text files will print, AbiWord files will print, PDF files and HTML pages displayed in Firefox do not print.
I have been taking some stabs at trying to fix this problem by changing some settings. but no joy.
Has anyone seen an issue like this? Any pointers/ideas on where to actually look for the problem.
It seems to me that Xubuntu does not use CUPS to manage it's printers? True? Would installing CUPS be a good idea?
Thanks

Hello,

I am trying to set up SSH on my linux machine. I have all the ssh packages downloaded and have added rules to my iptables i.e.

-A INPUT -p tcp -m tcp --dport 62222 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 21 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT

I also saved all the rules in a file so I could restore the iptables when I reboot the machine.

I also checked to make sure that the ports were open on the network firewall.

So I'm not sure what to do now because everywhere I look it says that once I've added those rules it should work.

Please Help!

Hello!
I'm pretty new to the world of Linux. Right now I use Ubuntu Desktop 14.04 Later down the road I plan to install LAMP to try to run a web server.
Generally speaking, I prefer GUI (as most people, I guess), though I have no problem with CLI (remember myself in 1990 with MS-DOS).
As a regular user I don't think I really need a firewall in Ubuntu. Sticking to installation defaults is fine by me. But as an admin of a web server, I would think that I'm gonna need something beyond the Desktop ed. defaults security-wise. I'm aware of IPtables, of course. But to me it seems a little bit too much to learn, too steep of a learning curve right now. Then there's ufw.
And a GUI front-end of it, which is Gufw. Here opinions vary. Some say, I must learn IPtables, others think that Gufw does its job fine.
So what I'm asking here is not just an OPINION, but also a reasoning behind it. Real life example maybe etc.
Thank you.

Hey. I just got a newer computer (I have two--one home, one at work) that is more powerful. Only problem is I can't edit my Godaddy website from it. The Godaddy site comes up and I can get into it but the editing features don't work.

I've never been able to edit the site from Firefox, but I have (and am still able to) been able to edit it on the older computer from Chrome.

So yeah, I can't edit the site on the newer computer from either browser.

The only difference I can think of (both computers have Xubuntu 14.10) is that on the newer computer I installed the firewall. I may have on the older one too. I'm not sure at this point and not at the computer.

Anyway, would that firewall be a potential cause or would it be something else?

Any suggestions?