Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I've recently installed Firestarter and Azureus, and I have some problems with the two of them...
Firestarter: I've accidentally deleted all default configuration, so everytime I shutdown or reboot my computer, I have to go in to firestarter to shut it down or stop the firewall. I'm so frustrated since I didn't took note on the defaults, anyway, neither Web browsing nor Instant Messaging works. Haven't really tryed other things such as yum updating, pings, ftp or something else.
On the other hand Azureus reports a NAT Error on every port I have tried, even though, in iptables ports 6881 trough 6889 are open to UDP and TCP (I think, since My knowledge in iptables, firewalls and such things is quite limited) Yes, I'm a Linux Newbie...
Here it is the result of "iptables -L" with firestarter shuted down:
Code:
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- 10.10.6.7 anywhere tcp flags:!SYN,RST,ACK/SYN
ACCEPT udp -- 10.10.6.7 anywhere
ACCEPT tcp -- 10.10.8.6 anywhere tcp flags:!SYN,RST,ACK/SYN
ACCEPT udp -- 10.10.8.6 anywhere
ACCEPT tcp -- dns.cybercable.net.mx anywhere tcp flags:!SYN,RST,ACK/SYN
ACCEPT udp -- dns.cybercable.net.mx anywhere
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere limit: avg 10/sec burst 5
DROP all -- anywhere 255.255.255.255
DROP all -- anywhere 255.255.255.255
DROP all -- BASE-ADDRESS.MCAST.NET/8 anywhere
DROP all -- anywhere BASE-ADDRESS.MCAST.NET/8
DROP all -- 255.255.255.255 anywhere
DROP all -- anywhere 0.0.0.0
DROP all -- anywhere anywhere state INVALID
LSI all -f anywhere anywhere limit: avg 10/min burst 5
INBOUND all -- anywhere anywhere
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefix `Unknown Input'
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere limit: avg 10/sec burst 5
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefix `Unknown Forward'
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- 10.201.25.118 10.10.6.7 tcp dpt:domain
ACCEPT udp -- 10.201.25.118 10.10.6.7 udp dpt:domain
ACCEPT tcp -- 10.201.25.118 10.10.8.6 tcp dpt:domain
ACCEPT udp -- 10.201.25.118 10.10.8.6 udp dpt:domain
ACCEPT tcp -- 10.201.25.118 dns.cybercable.net.mx tcp dpt:domain
ACCEPT udp -- 10.201.25.118 dns.cybercable.net.mx udp dpt:domain
ACCEPT all -- anywhere anywhere
DROP all -- BASE-ADDRESS.MCAST.NET/8 anywhere
DROP all -- anywhere BASE-ADDRESS.MCAST.NET/8
DROP all -- 255.255.255.255 anywhere
DROP all -- anywhere 0.0.0.0
DROP all -- anywhere anywhere state INVALID
OUTBOUND all -- anywhere anywhere
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefix `Unknown Output'
Chain INBOUND (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpts:6881:6889
ACCEPT udp -- anywhere anywhere udp dpts:6881:6889
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT udp -- anywhere anywhere udp dpt:http
LSI all -- anywhere anywhere
Chain LOG_FILTER (5 references)
target prot opt source destination
Chain LSI (2 references)
target prot opt source destination
LOG_FILTER all -- anywhere anywhere
LOG tcp -- anywhere anywhere tcp flags:SYN,RST,ACK/SYN limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
DROP tcp -- anywhere anywhere tcp flags:SYN,RST,ACK/SYN
LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/RST limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/RST
LOG icmp -- anywhere anywhere icmp echo-request limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
DROP icmp -- anywhere anywhere icmp echo-request
LOG all -- anywhere anywhere limit: avg 5/sec burst 5 LOG level info prefix `Inbound '
DROP all -- anywhere anywhere
Chain LSO (1 references)
target prot opt source destination
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere limit: avg 5/sec burst 5 LOG level info prefix `Outbound '
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
Chain OUTBOUND (1 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpts:bootps:bootpc
ACCEPT udp -- anywhere anywhere udp dpts:bootps:bootpc
ACCEPT tcp -- anywhere anywhere tcp dpts:6881:6889
ACCEPT udp -- anywhere anywhere udp dpts:6881:6889
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT udp -- anywhere anywhere udp dpt:http
LSO all -- anywhere anywhere
Any Ideas on how should I proceed in order to have the both programs running as they should.
Box: Fedora Core 3 with 2.6.12-1.1381_FC3 Kernel i386 Arch.
It might be worth to mention that I do not have any routers or other devices attached to my network, it's a stand alone computer connected directly to my 'cable-modem'
I'm not an expert in iptables, but I know enough to get me by. I'm not sure what the INBOUND chain is used for, but I have mine opened under the INPUT chain:
When typing the code Error occurs stating that ACCEPT is a bad argument
Code:
iptables -A INPUT -p TCP --dport 6881:6889 -i ${WAN} -j ACCEPT
Warning: wierd character in interface `-j' (No aliases, :, ! or *).
Bad argument `ACCEPT'
ACEEPT isn't the problem, it's just saying there is a bad argument in the ACCEPT chain. The problem is in the '-i ${WAN}' part. In my rc.firewall script, I set the variable WAN=eth0 which is the network device that connects to the internet. I have another one, LAN=eth1, which is the network device for all of my network traffic. You need to replace WAN with the network device you are using.
I ran azureus just fine when I configured my iptables correctly. Don't blame Linux for a user error. I would suggest getting rid of that over the top firewall script you're using and start with just the basics. It would be more secure then using windows anyways. Once you get it working fine, you can start building a more secure firewall script that works around azureus.
Let me know if you need any help setting up some basic firewall rules.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.