* [gentoo-user] distcc and iptables
@ 2005-07-26 13:01 Antonio Coralles
2005-07-26 13:04 ` Dave Nebinger
0 siblings, 1 reply; 4+ messages in thread
From: Antonio Coralles @ 2005-07-26 13:01 UTC (permalink / raw
To: gentoo-user
What is the best way to configure iptables in a way, so that spefic
hosts may connect to distccd ?
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 4+ messages in thread
* RE: [gentoo-user] distcc and iptables
2005-07-26 13:01 [gentoo-user] distcc and iptables Antonio Coralles
@ 2005-07-26 13:04 ` Dave Nebinger
0 siblings, 0 replies; 4+ messages in thread
From: Dave Nebinger @ 2005-07-26 13:04 UTC (permalink / raw
To: gentoo-user; +Cc: noche.suapie
> What is the best way to configure iptables in a way, so that spefic
> hosts may connect to distccd ?
The following command should do it if you substitute the () with your local
values.
iptables -I INPUT -i (network interface) -p tcp -s (src ip addr) --dport
3632 -j ACCEPT
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 4+ messages in thread
* RE: [gentoo-user] distcc and iptables
2005-07-26 17:01 ` Antonio Coralles
@ 2005-07-26 16:58 ` Dave Nebinger
0 siblings, 0 replies; 4+ messages in thread
From: Dave Nebinger @ 2005-07-26 16:58 UTC (permalink / raw
To: gentoo-user; +Cc: noche.suapie
> but distcc doesn't work ...
Ah, did you edit /etc/conf.d/distccd to add the --allow and --listen
options? If you don't specifically enable them the remote system will not
be able to get to distcc on the box.
Locally I use a line as follows to enable the internal lan to hit distccd:
DISTCCD_OPTS="${DISTCCD_OPTS} --allow 192.168.0.0/24 --allow 127.0.0.1
--listen 192.168.0.1"
This says allow the internal lan, allow localhost, and set up a listener on
the local ip address.
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [gentoo-user] distcc and iptables
[not found] <fc.3b9aca0089fc2c013b9aca00012cfc89.47d0c21@reflex.at>
@ 2005-07-26 17:01 ` Antonio Coralles
2005-07-26 16:58 ` Dave Nebinger
0 siblings, 1 reply; 4+ messages in thread
From: Antonio Coralles @ 2005-07-26 17:01 UTC (permalink / raw
To: gentoo-user
Dave Nebinger wrote:
>> What is the best way to configure iptables in a way, so that spefic
>> hosts may connect to distccd ?
>
> The following command should do it if you substitute the () with your
> local
> values.
>
> iptables -I INPUT -i (network interface) -p tcp -s (src ip addr) --dport
> 3632 -j ACCEPT
>
>
Hmm, iptables -L now returns
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- 192.168.0.250 anywhere tcp dpt:distcc
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
REJECT udp -- anywhere anywhere udp
dpt:bootps reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere udp
dpt:domain reject-with icmp-port-unreachable
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:distcc
DROP tcp -- anywhere anywhere tcp dpts:0:1023
DROP udp -- anywhere anywhere udp dpts:0:1023
Chain FORWARD (policy ACCEPT)
target prot opt source destination
DROP all -- anywhere 192.168.0.0/16
ACCEPT all -- 192.168.0.0/16 anywhere
ACCEPT all -- anywhere 192.168.0.0/16
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
but distcc doesn't work ...
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2005-07-26 17:02 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-07-26 13:01 [gentoo-user] distcc and iptables Antonio Coralles
2005-07-26 13:04 ` Dave Nebinger
[not found] <fc.3b9aca0089fc2c013b9aca00012cfc89.47d0c21@reflex.at>
2005-07-26 17:01 ` Antonio Coralles
2005-07-26 16:58 ` Dave Nebinger
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox