-   Linux - Networking (
-   -   iptables issue outbound ports? (

lsteacke 11-15-2011 02:33 PM

iptables issue outbound ports?
Hey all,
I recently ran into a funny issue with what appears to be iptables. I have a php script that needs to contact a mysql server remotely, and it does so through a couple outgoing ports. (ports 10060, 27017 and 27167)

I opened them up in the firewall (csf), but after a few successful connections, I start to get no connection past the SYN_SENT portion. That is until I issue the following commands.


[root@blah ~]# telnet 27617
[root@blah ~]# /etc/init.d/iptables restart
Flushing firewall rules:                                  [  OK  ]
Setting chains to policy ACCEPT: mangle filter nat        [  OK  ]
Unloading iptables modules:                                [  OK  ]
[root@blah ~]# telnet 27617
Connected to
Escape character is '^]'.

Any ideas?

unSpawn 11-16-2011 06:33 AM


Originally Posted by lsteacke (Post 4524863)
Any ideas?

Yeah, but only that changing any conditions like resetting iptables state and rules without recording any diagnostics output beforehand doesn't really help solve things. Running 'telnet' may seem nice but it doesn't convey anything except the connection gets stuck. Next time using tcptraceroute (and not ping or traceroute as you're not interested in ICMP or UDP connections) instead and temporarily adding "-j LOG" rules to check rule traversal may help.

All times are GMT -5. The time now is 10:02 PM.