Big Problem Please Help!!!! Quick

unixfreak · 08-24-2004, 01:27 PM

I AM SCREWED BIG TIME!!!!!!!!!

Im using Mandrake 9.1

I Pasted this Rule-based script (below) in the rc.local file.

# optional, for over the top paranoid (and possibly limiting) security
iptables -A OUTPUT -o lo -s 127.0.0.1 -s 127.0.0.1 -j ACCEPT
iptables -A OUPTUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -p tcp --dport http -j ACCEPT
iptables -A OUTPUT -p tcp --dport https -j ACCEPT
iptables -A OUTPUT -p tcp --dport ftp -j ACCEPT
iptables -A OUTPUT -p tcp --dport pop3 -j ACCEPT
iptables -A OUTPUT -p tcp --dport smtp -j ACCEPT
iptables -A OUTPUT -p icmp --icmp-type echo-request -j ACCEPT
iptables -P OUTPUT DROP

WHEN I REBOOT UP LINUX, IT SHOWS INITIALIZING SERVICES FOR ABOUT 5 MINUTES AND THEN IT STARTS TO LOAD UP THE APPLICATIONS AND ICONS ON THE DESKTOP VERY VERY SLOWLY.

NOW HOW COULD I FIX THIS PROBLEM???

i can't even open up GEDIT to UNFIX the problem.

otish1000c · 08-24-2004, 01:41 PM

stop shorewall by styping in terminal as root.......

Code:

service shorewall stop

(enter)

then, go to /etc/shorewall/rules & edit the file so the last line looks like this.........

Code:

#
##############################################################################
#ACTION		SOURCE	DEST	PROTO	DEST	SOURCE	ORIGINAL	RATE	USER					
#					PORT	PORT(S)	DEST		LIMIT	SET

#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE

IE: no rules set. then, don't set no more steenking rules that you're not sure about!

otis

XavierP · 08-24-2004, 01:41 PM

Moved: This thread is more suitable in Linux-Security and has been moved accordingly to help your thread/question get the exposure it deserves.

And using a more descriptive title and not SHOUTING in tyour thread is likely to gain you much more of a response.

masand · 08-24-2004, 01:42 PM

hi

when linux loads up
enter into inteacrtive mode by pressing 'i' ( i hope it is there in mandrke as in redhat)

do not start thye serices and see if then u can edit the rc.local

also u can try to go in to rescue mode an there u can edit ur rc.local file

regards

acid_kewpie · 08-24-2004, 01:43 PM

any reason this thread couldn't have been called "iptables rules making system unusable" or similar?

colnago · 08-24-2004, 01:45 PM

I would guess that you have your host set up as you internet address in /etc/hosts rather than 127.0.0.1. Just speculation on my part really. Anyway, try ctrl-alt-f1 and login as root, then flush your iptables rules: 'iptables -F' on the command line. Use something like this until you get the other rules straightened out, it works for me, it is so much like yours I don't know what was wrong, I guess something is needed outbound that is not in your accept list:

Code:

   iptables -F
   iptables -P OUTPUT ACCEPT
   iptables -P FORWARD DROP
   iptables -P INPUT DROP
   iptables -A INPUT -i lo -j ACCEPT
   iptables -A OUTPUT -o lo -j ACCEPT
   iptables -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT

unixfreak · 08-24-2004, 01:48 PM

Please be more specific.

I know nothing about Linux. Please explain how could I get into the resue mode. There is a Interactive setup when it boots.

What do I from there to unfix this.

Please.... I need specific explainations.

unixfreak · 08-24-2004, 01:49 PM

I DO NOT WANT TO MESS WITH ANY SCRIPTS FROM NOW ON. I just want to get back into GEDIT and undo what I had Pasted.
For right now, I want to start from scratch.
I want to unfix this, so please explain. Im dieng in nervous wreck here.
I want to be able to get back in GEDIT to delete the script.

The problem was caused by all this

http://www.linuxquestions.org/questi...hreadid=221411

Post#5

acid_kewpie · 08-24-2004, 02:05 PM

don't use gedit... boot to single user mode and fix it from a console. when your lilo or grub screen appears, press esc (lilo) or E (grub) and add a "1" to the boot line and then load it. this will not load any advanced stuf like iptables, so it will respond just fine. then try to use pico (if installed) or vi or emacs to load that file, delete as appropriate, and save. and then reboot. sorted.

and please keep an eye on that caps lock button.....

colnago · 08-24-2004, 02:06 PM

Did you try ctrl-alt-f1, do this when the system is slowly doing its thing. This should get you a terminal where you can flush the rules. Then ctrl-alt-f7 to get back to the desktop and it should be normal speed then.

unixfreak · 08-24-2004, 02:22 PM

OK, I AM TOTALLY CONFUSED!!!!!!!!!!!!!

When should I use the ctrl-alt-f1????????? When the GRUB window opens? or WHAT????

Thats the problem...is that I dont know when to do ctrl-alt-f1. Please explain.

And how should I flush the rules.
I do not know what to type in the terminal. Please explain step-by-step. As I do not understand Linux at all.

Please explain. I am new and lost this. So im confused I need to get this working by 30 minutes.

unixfreak · 08-24-2004, 02:53 PM

I typed iptables -F and nothing seemed to happen.

I dont know, but I have to say that my Linux is pretty messed up now. I dont know what I had done.

I need simple answers here. Please I need to get into GEDIT and delete the script somehow.

And as I recall, The iptables is not even running.

masand · 08-24-2004, 03:09 PM

hi there
why don't u go to linux rescue mode and delete the entry in rc.local file
regards

unixfreak · 08-24-2004, 03:17 PM

OK, BUT HOW??????????????????????

I NEED SPECIFIC ANSWERS HERE FOR CRYING OUT LOUD!!!!

When the GRUB window loads how do I get into the Rescue Mode???

For cring out load.

acid_kewpie · 08-24-2004, 03:25 PM

i've already given you instructions on exactly how to do this. you seem to be taking the different approaches detailed (all of which are valid) and picking random bits out into somethign that no longer makes sense.

hit esc or e on the lilo or grub boot menu, add a 1 to the line, and boot it.

being abusive and aggressive to benevolent members will not settle well. please abide by the rules of this site if you wish to remain a welcome member.