gnome problem with iptables rules
hello
i have system with 2 nic's i have setup iptables with following rules Code:
#!/bin/sh Code:
>service iptables save also gnome takes a lot of time to start and shows the following error There was an error starting the GNOME Settings Daemon. Some things, such as themes, sounds, or background settings may not work correctly. The last error message was: Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken. GNOME will still try to restart the Settings Daemon next time you log in. [/QUOTE] please help me with this thanks in advance |
I applaud your attempts to restrict your system to the fewest number of Internet ports possible. In your case, I think you may have gone too far. On my systems, rpc.statd sits listening on port 789 (ymmv). Given the logging statement that you have put in your output chain, you should have some messages in your logfile indicating that some packets were dropped.
In addition, I think you do not need to restrict either INPUT or OUTPUT on net 127.0.0.1 (the loopback address). Quite a few systems use this address to talk amongst themselves on your server, and you are filtering on this interface as well as eth0 and eth1, as I read the script. The first rule in my INPUT and OUTPUT chains is Code:
... -i lo -j ACCEPT |
thanks
but i added Code:
$IPTABLES -A INPUT -i lo -j ACCEPT Quote:
$IPTABLES -A OUTPUT -i lo -j ACCEPT but the problem persists |
My error. According to the manpage, for the OUTPUT chain, the parameter should be
Code:
...-o lo -j ACCEPT |
All times are GMT -5. The time now is 01:01 PM. |