emilioestevezz Posted April 29, 2005 Report Share Posted April 29, 2005 Hi, i ve configured a Mandrake 10 server, as mail,web, mysql server plus its firewall to share adsl connection to other terminals. I have shorewall as firewall configured to let terminals browse the net , the problem is that i can´t access internet from the server, i need to use cpan to download some modules , but i realize i cant, in the syslog it shows that connection try as REJECTED. I also try to ftp from the server, use lynx to browse the web, wget, etc, but can´t either. So can anyone give me any pointer to solve this, so i can use cpan to access the web??? Thanks Emilio Quote Link to comment Share on other sites More sharing options...
streeter Posted April 29, 2005 Report Share Posted April 29, 2005 Is it the outgoing connection that is being rejected, or the reply? If you post the output of iptables -nvL I could probably give you a rule to type in to enable this (I don't do shorewall, but the rule will add to your config, and can be undone after doing the stuff you need if you like) You may need to install iptables if it's not already installed. Chris Quote Link to comment Share on other sites More sharing options...
emilioestevezz Posted April 29, 2005 Author Report Share Posted April 29, 2005 Is it the outgoing connection that is being rejected, or the reply? If you post the output of iptables -nvL I could probably give you a rule to type in to enable this (I don't do shorewall, but the rule will add to your config, and can be undone after doing the stuff you need if you like) You may need to install iptables if it's not already installed. Chris <{POST_SNAPBACK}> Hi, Chris, thanks for the reply, The output for iptables is too big, but i was able to copy this from the logs maybe it helps: Apr 29 13:02:52 estudioviegas kernel: Shorewall:loc2net:ACCEPT:IN=eth0 OUT=ppp0 SRC=90.0.0.43 DST=200.42.0.108 LEN=70 TOS=0x00 PREC=0x00 TTL=127 ID=22548 PROTO=UDP SPT=1172 DPT=53 LEN=50 Apr 29 13:03:00 estudioviegas kernel: Shorewall:OUTPUT:REJECT:IN= OUT=eth1 SRC=10.0.0.3 DST=10.0.0.2 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=56471 DF PROTO=TCP SPT=35655 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0 Apr 29 13:03:15 estudioviegas kernel: Shorewall:loc2net:ACCEPT:IN=eth0 OUT=ppp0 SRC=90.0.0.14 DST=200.42.0.108 LEN=63 TOS=0x00 PREC=0x00 TTL=127 ID=56583 PROTO=UDP SPT=1032 DPT=53 LEN=43 Apr 29 13:03:23 estudioviegas kernel: Shorewall:loc2net:ACCEPT:IN=eth0 OUT=ppp0 SRC=90.0.0.14 DST=200.42.0.108 LEN=69 TOS=0x00 PREC=0x00 TTL=127 ID=58631 PROTO=UDP SPT=1034 DPT=53 LEN=49 Apr 29 13:03:30 estudioviegas kernel: Shorewall:all2all:REJECT:IN=ppp0 OUT= MAC= SRC=209.200.31.126 DST=200.122.10.107 LEN=40 TOS=0x00 PREC=0x00 TTL=109 ID=47119 DF PROTO=TCP SPT=80 DPT=42 WINDOW=65535 RES=0x00 SYN URGP=0 Apr 29 13:03:50 estudioviegas kernel: Shorewall:loc2net:ACCEPT:IN=eth0 OUT=ppp0 SRC=90.0.0.14 DST=200.42.0.108 LEN=73 TOS=0x00 PREC=0x00 TTL=127 ID=41736 PROTO=UDP SPT=1043 DPT=53 LEN=53 Hope it helps. Quote Link to comment Share on other sites More sharing options...
streeter Posted April 29, 2005 Report Share Posted April 29, 2005 Shorewall does tend to write reams of rules... You can save the output of the command to a file with iptables -nvL >> tables.txt and email it to me at linux@iwpcs.co.uk if you like, together with a brief description of how it's all connected (which ports go where, IP addresses etc...) Chris Quote Link to comment Share on other sites More sharing options...
adolfix Posted April 29, 2005 Report Share Posted April 29, 2005 Do all the other servers and services work (mail,web, mysql server plus its firewall...) ? All the rest is ok ? Or have you other problems too ? And which are they ? Ciao Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.