Re: My customer's are going back to NT if I can't get this fixed!!!

From: David (linuxdave01@yahoo.com)
Date: 08/08/02 

From: David <linuxdave01@yahoo.com>
Date: Wed, 07 Aug 2002 22:41:13 GMT

What if he's using ipchains instead of iptables? By default, RH 7.3 still
uses ipchains... Root command prompt: 'lokkit' choose the customise option
and manually type in 4000:tcp, 4000:udp

Luke Ross wrote:

> Hi,
>
> Stacey Sharp wrote:
>>
>> I've been in this group and others for a while trying to figure this
>> problem
>> out. My customer is telling me to make it work or they want their NT
>> Server back!
>>
>> I have a SQUID proxy/qmail Email/Samba PDC Server running on RHL 7.3.
>> Everything works fine except for a connection to port 4000 which worked
>> on
>> their NT box. There is a specific website that loads a PowerTerm applet
>> for
>> the users to login to a HP-UX system. The PowerTerm program needs to
>> send
>> its authentication information over port 4000. When this is attempted it
>> claims the host (www.specific-site.com) cannot be found. I've been on
>> the phone with this site's TS and they say that port 4000 has to be open
>> for TCP
>> communication. Port 4000 is in the Safe_ports ACL list in squid.conf. I
>> don't see any references to this port in my tcpdump logs, or squid logs.
>> I am attempting this connection without a firewall (iptables) script
>> running. I have read everything I can find on tcpserver, xinetd, and
>> Linux
>> Administration. Everything I'm reading tells me that this communication
>> should be allowed and should work, but it doesn't. Running "nmap
>> localhost"
>> shows me that only ports 22, 25, 110, and 3128 are open. How do I get
>> communication to travel through this port? Does port 4000 have to be
>> always
>> open like 22, 25, 110, and 3128? If so, what server program needs to
>> monitor it? What am I NOT doing right?
>>
>> I've been given one week to figure this out or I will have to revert back
>> to
>> (gulp) their NT box for proxy. Please help me figure out what needs to
>> be
>> done. Let me know what additional info you need.
>
> Give us a clue, is this a NAT set up or do all the clients have real
> external IP addresses? Perhaps...
>
> iptables -I FORWARD 1 -t filter --destination-port 4000 -j FORWARD
>
> - or -
>
> iptables -I POSTROUTING 1 -t nat --destination-port 4000 -j MASQUERADE
>
> may help you, the former is a straighforward iptables-style forward, the
> latter does the same but using IP masquerade (I hope!)
>
> Luke

Relevant Pages

  • RE: redhat-list Digest, Vol 4, Issue 38
    ... Re: Iptables: port 22 open only for my IP ... Windows Services for Unix 3.5 ... It does absolutely nothing if you have a rampant application on your Windows box that opens a port to the outside world. ...
    (RedHat)
  • Firewall Rules Summary
    ... Subject: Firewall Rules Summary ... This script is provided "as is" with no implied warranty. ... this came from various howtos and articles on iptables that existed around ... #specific port denies>1024 tcp ...
    (Focus-Linux)
  • Re: Linux IPTables tutorial pdfs and plain text available.
    ... What you are referring to here are CHAINS. ... create as a user-defined chain in my iptables scripts to reject traffic ... need to allow port 20/tcp only if you're using active FTP. ... This is actually not a bash script, ...
    (comp.security.firewalls)
  • Re: Mitigating SYN flooding with Netfilter or net.ipv4.tcp_syncookies ?
    ... The only chink, if you will, is the protection ... a port scan, ... The soloution to is to use some of the 'experimental' patches to iptables, ... If you do rate limiting after this rule you will have much fewer syns to ...
    (Focus-Linux)
  • Re: portknocking question
    ... This is nice but still requires closing the port as a step when done. ... you can use a time out with the relevant iptables command ... You can easily close the connection automatically. ... In that example, any existing ssh connection, for example, will continue ...
    (Ubuntu)