[gentoo-user] emerge --sync and iptables

public inbox for gentoo-user@lists.gentoo.org
 help / color / mirror / Atom feed

* [gentoo-user] emerge --sync and iptables
@ 2006-03-18 16:46 Dan Sheffner
  2006-03-18 20:39 ` Benno Schulenberg
  0 siblings, 1 reply; 3+ messages in thread
From: Dan Sheffner @ 2006-03-18 16:46 UTC (permalink / raw
  To: gentoo-user

[-- Attachment #1: Type: text/plain, Size: 683 bytes --]

I'm not sure what I have been doing wrong.  I have a local sync server
located at 10.1.10.37 and I'm running iptables on a web server.  What port
do I need to open when I run emerge --sync?  I have tried port 873 like
below and still no luck.  I do not have a firewall running on the sync
server.

below is an example of my firewall rules on the web server

ip=<publicIP>

iptables -F
iptables -P INPUT DROP
iptables -A INPUT -i eth0 -p tcp -d $ip --dport 443 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp -s 10.1.10.0/24 -d $ip --dport 22 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp -s 10.1.10.37 -d $ip --dport 873 -j ACCEPT

Any help would greatly appreciated.

[-- Attachment #2: Type: text/html, Size: 1017 bytes --]

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [gentoo-user] emerge --sync and iptables
  2006-03-18 16:46 [gentoo-user] emerge --sync and iptables Dan Sheffner
@ 2006-03-18 20:39 ` Benno Schulenberg
  2006-03-19  0:19   ` Dan Sheffner
  0 siblings, 1 reply; 3+ messages in thread
From: Benno Schulenberg @ 2006-03-18 20:39 UTC (permalink / raw
  To: gentoo-user

Dan Sheffner wrote:
> iptables -A INPUT -i eth0 -p tcp -d $ip --dport 443 -j ACCEPT
> iptables -A INPUT -i eth0 -p tcp -s 10.1.10.0/24 -d $ip 
> --dport 22 -j ACCEPT

These two are incoming, so --dport is correct.

> iptables -A INPUT -i eth0 -p tcp -s 10.1.10.37 -d  $ip 
> --dport 873 -j ACCEPT

Rsync is outgoing, toward port 873, so the answer is coming back 
from that port: --sport.

Benno
-- 
gentoo-user@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [gentoo-user] emerge --sync and iptables
  2006-03-18 20:39 ` Benno Schulenberg
@ 2006-03-19  0:19   ` Dan Sheffner
  0 siblings, 0 replies; 3+ messages in thread
From: Dan Sheffner @ 2006-03-19  0:19 UTC (permalink / raw
  To: gentoo-user, benno.schulenberg

[-- Attachment #1: Type: text/plain, Size: 677 bytes --]

so port 873 is going out? my default policy for OUTPUT is accept with no
rules. wich port should I accept as the INPUT?

On 3/18/06, Benno Schulenberg <benno.schulenberg@gmail.com> wrote:
>
> Dan Sheffner wrote:
> > iptables -A INPUT -i eth0 -p tcp -d $ip --dport 443 -j ACCEPT
> > iptables -A INPUT -i eth0 -p tcp -s 10.1.10.0/24 -d $ip
> > --dport 22 -j ACCEPT
>
> These two are incoming, so --dport is correct.
>
> > iptables -A INPUT -i eth0 -p tcp -s 10.1.10.37 -d  $ip
> > --dport 873 -j ACCEPT
>
> Rsync is outgoing, toward port 873, so the answer is coming back
> from that port: --sport.
>
> Benno
> --
> gentoo-user@gentoo.org mailing list
>
>

[-- Attachment #2: Type: text/html, Size: 1086 bytes --]

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2006-03-19  0:24 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-03-18 16:46 [gentoo-user] emerge --sync and iptables Dan Sheffner
2006-03-18 20:39 ` Benno Schulenberg
2006-03-19  0:19   ` Dan Sheffner

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox