LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 07-10-2012, 04:11 AM   #1
sandeepc04
Member
 
Registered: Jun 2012
Location: India
Posts: 66

Rep: Reputation: Disabled
Iptables is blocking MS-SQL DB


Hi friends,

I have RHEL-5 with IPTABLES, and in widows 2003 having Enterprises Manager (SQL-2000) installed, In this some local DB Connected and some remotely/Public DB connected, When i on iptables service it is blocking remotely/public IP DB but local DB are opening, no issue with local connected DB but the problem is getting only with connected to public IP DB. I have opened below SQL ports Even its not working

# vi iptables
-A RH-Firewall-1-INPUT -p tcp --dport 118 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp --dport 156 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp --dport 1433 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp --dport 1434 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp --dport 1533 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp --dport 3306 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp --dport 5432 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp --dport 6432 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp --dport 19812 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp --dport 25565 -j ACCEPT





Thanks and Regards.
Sandeep CC

Last edited by sandeepc04; 07-10-2012 at 04:19 AM.
 
Old 07-10-2012, 04:59 AM   #2
lithos
Senior Member
 
Registered: Jan 2010
Location: SI : 45.9531, 15.4894
Distribution: CentOS, OpenNA/Trustix, testing desktop openSuse 12.1 /Cinnamon/KDE4.8
Posts: 1,144

Rep: Reputation: 217Reputation: 217Reputation: 217
Hi,

you probably need to allow "OUTPUT" ports for MSSql 1433 & 1434, not just INPUT.
 
Old 07-10-2012, 06:09 AM   #3
sandeepc04
Member
 
Registered: Jun 2012
Location: India
Posts: 66

Original Poster
Rep: Reputation: Disabled
lithos,

Thanks for your reply, I am very week in iptables, can you give me, suitable OUTPUT command for my iptables?


NOTE:

I am editing direct iptables file in /etc/sysconfig/iptables

Regards,
Sandeep CC
 
Old 07-10-2012, 11:38 AM   #4
lithos
Senior Member
 
Registered: Jan 2010
Location: SI : 45.9531, 15.4894
Distribution: CentOS, OpenNA/Trustix, testing desktop openSuse 12.1 /Cinnamon/KDE4.8
Posts: 1,144

Rep: Reputation: 217Reputation: 217Reputation: 217
well, I will give you first some IPTABLES examples

Then in your case it should be something like:
Code:
# Allow full outgoing connection but no incomming stuff
-A OUTPUT -o eth0 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT         <--- if your network interface is not eth0 , change accordingly
-A OUTPUT -p tcp --sport 1024:65535 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
this should/will allow ALL outgoing traffic from your server!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
blocking an IP using iptables picox Linux - Security 7 12-10-2010 02:00 PM
Iptables blocking , well...everything crispyleif Linux - Networking 2 12-12-2008 03:22 AM
iptables is blocking nfs author_unknown Linux - Networking 5 09-22-2008 11:28 AM
Blocking almost everything with iptables GeneralDark Linux - Security 18 12-04-2007 04:36 PM
Blocking an IP with iptables asif2k Linux - Security 4 04-18-2006 11:22 PM


All times are GMT -5. The time now is 01:40 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration