public inbox for gentoo-user@lists.gentoo.org
 help / color / mirror / Atom feed
* [gentoo-user] distcc and iptables
@ 2005-07-26 13:01 Antonio Coralles
  2005-07-26 13:04 ` Dave Nebinger
  0 siblings, 1 reply; 4+ messages in thread
From: Antonio Coralles @ 2005-07-26 13:01 UTC (permalink / raw
  To: gentoo-user

What is the best way to configure iptables in a way, so that spefic 
hosts may connect to distccd ?
-- 
gentoo-user@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 4+ messages in thread

* RE: [gentoo-user] distcc and iptables
  2005-07-26 13:01 [gentoo-user] distcc and iptables Antonio Coralles
@ 2005-07-26 13:04 ` Dave Nebinger
  0 siblings, 0 replies; 4+ messages in thread
From: Dave Nebinger @ 2005-07-26 13:04 UTC (permalink / raw
  To: gentoo-user; +Cc: noche.suapie

> What is the best way to configure iptables in a way, so that spefic
> hosts may connect to distccd ?

The following command should do it if you substitute the () with your local
values.

iptables -I INPUT -i (network interface) -p tcp -s (src ip addr) --dport
3632 -j ACCEPT


-- 
gentoo-user@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 4+ messages in thread

* RE: [gentoo-user] distcc and iptables
  2005-07-26 17:01 ` Antonio Coralles
@ 2005-07-26 16:58   ` Dave Nebinger
  0 siblings, 0 replies; 4+ messages in thread
From: Dave Nebinger @ 2005-07-26 16:58 UTC (permalink / raw
  To: gentoo-user; +Cc: noche.suapie

> but distcc doesn't work ...

Ah, did you edit /etc/conf.d/distccd to add the --allow and --listen
options?  If you don't specifically enable them the remote system will not
be able to get to distcc on the box.

Locally I use a line as follows to enable the internal lan to hit distccd:

DISTCCD_OPTS="${DISTCCD_OPTS} --allow 192.168.0.0/24 --allow 127.0.0.1
--listen 192.168.0.1"

This says allow the internal lan, allow localhost, and set up a listener on
the local ip address.


-- 
gentoo-user@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [gentoo-user] distcc and iptables
       [not found] <fc.3b9aca0089fc2c013b9aca00012cfc89.47d0c21@reflex.at>
@ 2005-07-26 17:01 ` Antonio Coralles
  2005-07-26 16:58   ` Dave Nebinger
  0 siblings, 1 reply; 4+ messages in thread
From: Antonio Coralles @ 2005-07-26 17:01 UTC (permalink / raw
  To: gentoo-user

Dave Nebinger wrote:

>> What is the best way to configure iptables in a way, so that spefic
>> hosts may connect to distccd ?
>
> The following command should do it if you substitute the () with your 
> local
> values.
>
> iptables -I INPUT -i (network interface) -p tcp -s (src ip addr) --dport
> 3632 -j ACCEPT
>
>
Hmm, iptables -L now returns

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     tcp  --  192.168.0.250        anywhere            tcp dpt:distcc
ACCEPT     all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere
REJECT     udp  --  anywhere             anywhere            udp 
dpt:bootps reject-with icmp-port-unreachable
REJECT     udp  --  anywhere             anywhere            udp 
dpt:domain reject-with icmp-port-unreachable
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ssh
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:distcc
DROP       tcp  --  anywhere             anywhere            tcp dpts:0:1023
DROP       udp  --  anywhere             anywhere            udp dpts:0:1023

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
DROP       all  --  anywhere             192.168.0.0/16
ACCEPT     all  --  192.168.0.0/16       anywhere
ACCEPT     all  --  anywhere             192.168.0.0/16

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

but distcc doesn't work ...
-- 
gentoo-user@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2005-07-26 17:02 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-07-26 13:01 [gentoo-user] distcc and iptables Antonio Coralles
2005-07-26 13:04 ` Dave Nebinger
     [not found] <fc.3b9aca0089fc2c013b9aca00012cfc89.47d0c21@reflex.at>
2005-07-26 17:01 ` Antonio Coralles
2005-07-26 16:58   ` Dave Nebinger

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox