Re: route on which port

From: Eirik Seim (eirik@mi.uib.no)
Date: 04/18/02


From: eirik@mi.uib.no (Eirik Seim)
Date: 18 Apr 2002 21:14:25 GMT

On Thu, 18 Apr 2002 16:01:43 +0200, Wolfgang Kueter wrote:
> Eirik Seim wrote:
>
> > On Thu, 18 Apr 2002 14:31:06 +0200, Bafi wrote:
> >> After starting iptables route can't get name of router. WHich port
> >> should I open to allow routed?
>
> > routed uses RIP, try allowing port 520/udp.
>
> Oooops, Eirik, this looks more like a DNS problem to me. Might be
> neccessary to allow DNS traffic in the INPIT and OUTPUT chain to/from
> the DNS server.

Ehrm.. eh.. well. Looks like he kind of asks for two things, and I only
see the last part, totally ignoring everything else. Must be something I ate.
Thanks for correcting :)

> Besides that running routed on a firewall/packet-filter
> usually is not a very good idea.

It certainly isn't. It looked to me as if he needed to _pass_ RIP packets,
not to have routed running on the firewall..

> iptables -nL should display the loaded ruleset and help debugging this.

And if the default policy is block, there should probably be a rule that
opens up port 53/udp.

- Eirik

-- 
New and exciting signature!



Relevant Pages

  • RE: redhat-list Digest, Vol 4, Issue 38
    ... Re: Iptables: port 22 open only for my IP ... Windows Services for Unix 3.5 ... It does absolutely nothing if you have a rampant application on your Windows box that opens a port to the outside world. ...
    (RedHat)
  • Re: Event ID: 5504
    ... User Datagram Protocol, Src Port: 1273, Dst Port: domain ... Authority RRs: 0 ... and if its an issue with the Windows DNS ... > assuming (none of us have asked your config yet) that you have all your ...
    (microsoft.public.win2000.dns)
  • Re: Enabling telnet, ftp, pop3 for root...
    ... MASIVE security improvement over just having an open port sitting there. ... only OPENS THE PORT! ... While I could be wrong on that, it's the most likely scenerio with three possible levels of security: low, if you're only using a password, mediocre if you're using a key protected by a password, and relatively high if you're using a key that you are protecting with a complex passphrase and swapping out routinely. ... Point being, when there are already such networks on the Internet -- and not just in the United States -- with a wide range of ISPs, it's not at all outside the realm of possibility that somebody has a box that is listening to all the traffic on your node and analyzing it. ...
    (alt.os.linux)
  • Re: USB device detection via query registry information
    ... Similarly vendors need to be given a hard time if they fail to provide a driver compatible with a new Windows version for products released in the last 3 years or offered for sale in the last 12 months. ... it correctly enforces exclusivity to the port ... serenum and sermouse are out-of-the-box XP as far as I can ... serenum opens the port, detects the device, ...
    (microsoft.public.development.device.drivers)
  • Re: OT: Trend Micro WFBS beta starting soon
    ... Trend firewall, even set to High, has inbound NetBIOS ports open. ... default 3389 port, web browsing, email, etc. ... it opens inbound NetBIOS connections until the laptop is rebooted. ...
    (microsoft.public.windows.server.sbs)