I want to use an irc proxy that is at port 6667 on localhost and go through that to connect to IRC. Problem is, I can't get it to work. I get something like this:

Socket(5), Error (98):Failed to bind listening socket.
sockListen: bind failed: host(127.0.0.1), port(6667)Failed to bind listening socket.

The proxy said it is accepting on port 6667 but comes up with the errors above.

I have bind installed:

# rpm -qa | grep bind
bind-utils-9.2.1-16
ypbind-1.11-4
bind-9.2.1-16

I was reading posts in this forum and stumbled upon one on how to stealth your linux box, so I grabbed the iptables from that and based mine on it:

*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Lokkit-0-50-INPUT - [0:0]
-A INPUT -j RH-Lokkit-0-50-INPUT
-A FORWARD -j RH-Lokkit-0-50-INPUT
-A RH-Lokkit-0-50-INPUT -i lo -j ACCEPT
-A RH-Lokkit-0-50-INPUT -m state --state INVALID -j DROP
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 0:8080 --syn -j DROP
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 8081:65535 --syn -j DROP
-A RH-Lokkit-0-50-INPUT -p udp -m udp --dport 0:8080 -j DROP
#-A RH-Lokkit-0-50-INPUT -p udp -m udp --dport 8081:65535 -j DROP
COMMIT

Now I commented the last line out before COMMIT because I was experimenting with it and it wouldn't even let me get to the web. Commented out, it lets me connect (what should be the right one?)

And how do I open port 6667in this mess but in a secure way?

Suggestions welcome. I've tried Lokkit, Firestarter and Bastille and none of those make the system as stealth as I'd like, and yet open just the ports I want securely.

I don't know anything about networking and firewalls, obviously so if someone can help... the thread about stealthing was hard enough to follow.

The only difference with stealthing is that you want to use the DROP target instead of REJECT. Also if you are going to be allowing incoming connections (like IRC) then you won't able to be "fully-stealthed". Personally I think stealthing is of minor importance compared to other things, but that's my opinion.

When working with your firewall, you should never manually edit the /etc/sysconfig/iptables file directly. Always use either the command line or use a script. The format of the file is important and editing it can cause your firewall to fail to load even if the syntax you've used is 100% correct.

As far as opening up the port, just do as root:

iptables -I INPUT -p tcp --dport 6667 -j ACCEPT

You'll also probably need to allow established and related connections through:

iptables -I INPUT -p tcp -m state --state RELATED,ESTABLISHED -j ACCEPT

But to get back to initial problem, your firewall shouldn't effect the ability of the IRC proxy to bind to a socket. Also when it says "bind" in the error message, that doesn't refer to the DNS packages named Bind. It actually means the IRC proxy failed to set up an open listening socket on that IP address and port (aka to bind to that port). So that error message is more likely due to a configuration error or another copy of the program already running on that port. You can test that, by turning off you firewall briefly with: service iptables stop. Then make sure nothing is already running on that port with netstat -al | grep 6667. Then try to start the IRC program and see if you still get the message. If you do, then you know it's something with the config. Go back through the README or other docs and see if you can troubleshooot it.

Thanks for the extra IP Tables info. As for the port thing, I saw it really was a misconfiguration of the IRC proxy. I looked at the config files and finally got it set up right. Now it's working.

Thanks for the help.

Cool.

Check out the netfilter website (www.netfilter.org) for more info on iptables, in particular the frozen tux tutorial is pretty good. There's also some good links to iptables info at the Security references thread (towards the top of the forum). Good Luck.