Why is my iptables configuration not allowing traffic on localhost?
My iptables config is preventing munin from generating graphs. munin needs TCP port 4949 open on loopback. I don't understand WHY my iptables config isn't working as I explicitly ACCEPT INPUT and OUTPUT on the loopback. Can anyone tell me what's wrong here? I know that I can use: "A INPUT -p tcp -m tcp -s 127.0.0.1 -d 127.0.0.1 --dport 4949 -j ACCEPT" but I want ALL traffic on loopback to pass through.
Code:
*filter |
Quote:
Are you saying that with your current setup, telnet 127.0.0.1 4949 fails to connect to the service? And that it works once you add a specific rule for incoming traffic to 127.0.0.1? I can't find anything in your ruleset that would block loopback traffic in general, although there are some minor errors and the ordering is less than optimal. Your INPUT and FORWARD policies are DROP; Code:
:INPUT DROP [0:0] Code:
# Drop NULL packets Code:
# Reject a syn-flood attack Code:
# Drop XMAS packets Code:
# We want our response packets... Code:
# Anything over the Loopback is OK |
Thanks Ser, I really appreciate the detailed explanation I have really been trying to figure out how to to this as correctly as possible. I will make your suggestions and try the telnet test.
*update port 4949 passed the telnet test so something else must be wrong. In my haste to try and fix the issue I must have fixed the issue by some other means and thought that it was the firewall. So my rules are indeed OK, thanks for helping me confirm that! |
All times are GMT -5. The time now is 02:25 AM. |