|
You are correct in assuming a problem with the firewall. However at this point I have shut it down. I also noticed that the settings for the firewall are set to "High". When I use "lokkit" to change it to "Medum", it allows me to make the change. But when I go back in with "lokkit", it is still set to "High".
When I installed Red Hat, I opted for the "Medium" setting on the firewall. So how or why is it set to "High"? Thanks |
Your firewall could be getting activated via a script called by rc.local or something like that.
What does the bottom of /etc/rc.d/rc.local look like? Do you have an rc.firewall script somewhere? You don't need NAT because your Linksys thingy is doing NAT, not your Linux box. What does "service --status-all" show... it should show some firewall stuff if its running. -KevinJ |
The rc.local file has two entries:
1) touch /var/lock/subsys/local 2) /etc/rc.d/rc.firewall-2.4 As stated on line #2 above the firewall script is in "/etc/rc.d/". As for the results of the "service --status-all" usage: aep1000 [start|stop|restart|condrestart] anacron dead but subsys locked apmd (pid 684) is running... atd (pid 823) is running... Configured Mount Points: ------------------------ Active Mount Points: -------------------- Broadcom BCM5820 init script Copyright (c) 2001 Broadcom Corporation usage: bcm5820 [start|stop|restart|condrestart] crond (pid 774) is running... Chain INPUT (policy ACCEPT) target prot opt source destination RH-Lokkit-0-50-INPUT all -- 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain RH-Lokkit-0-50-INPUT (1 references) target prot opt source destination ACCEPT udp -- 206.141.192.60 0.0.0.0/0 udp spt:53 dpts:1025:65535 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 flags:0x16/0x02 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:23 flags:0x16/0x02 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 flags:0x16/0x02 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 flags:0x16/0x02 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:0:1023 flags:0x16/0x02 reject-with icmp-port-unreachable REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:2049 flags:0x16/0x02 reject-with icmp-port-unreachable REJECT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpts:0:1023 reject-with icmp-port-unreachable REJECT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:2049 reject-with icmp-port-unreachable REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:6000:6009 flags:0x16/0x02 reject-with icmp-port-unreachable REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:7100 flags:0x16/0x02 reject-with icmp-port-unreachable gpm (pid 765) is running... httpd is stopped Table: filter Chain INPUT (policy ACCEPT) target prot opt source destination RH-Lokkit-0-50-INPUT all -- anywhere anywhere Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain RH-Lokkit-0-50-INPUT (1 references) target prot opt source destination ACCEPT udp -- dns1.chcgil.ameritech.net anywhere udp spt:domain dpts:1025:65535 ACCEPT tcp -- anywhere anywhere tcp dpt:ssh flags:SYN,RST,ACK/SYN ACCEPT tcp -- anywhere anywhere tcp dpt:telnet flags:SYN,RST,ACK/SYN ACCEPT tcp -- anywhere anywhere tcp dpt:smtp flags:SYN,RST,ACK/SYN ACCEPT tcp -- anywhere anywhere tcp dpt:http flags:SYN,RST,ACK/SYN ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere REJECT tcp -- anywhere anywhere tcp dpts:0:1023 flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable REJECT tcp -- anywhere anywhere tcp dpt:nfs flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable REJECT udp -- anywhere anywhere udp dpts:0:1023 reject-with icmp-port-unreachable REJECT udp -- anywhere anywhere udp dpt:nfs reject-with icmp-port-unreachable REJECT tcp -- anywhere anywhere tcp dpts:x11:6009 flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable REJECT tcp -- anywhere anywhere tcp dpt:xfs flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable irattach is stopped No status available for this package lpd (pid 725) is running... Configured devices: lo eth0 Currently active devices: lo eth0 rpc.mountd is stopped nfsd is stopped rpc.rquotad is stopped rpc.statd is stopped nscd is stopped ntpd is stopped Usage: /etc/init.d/oracle {start|stop|restart} portmap (pid 632) is running... master is stopped The random data source exists saslauthd is stopped sendmail (pid 755 745) is running... snmpd is stopped snmptrapd is stopped squid is stopped sshd (pid 696) is running... syslogd (pid 610) is running... klogd (pid 614) is running... tux is stopped xfs (pid 805) is running... xinetd (pid 710) is running... ypbind is stopped |
Okay... so I would just comment out that line in rc.local calling the firewall script,
then make sure that "chkconfig --list iptables" shows OFF for all run levels, then reboot and give HTTP a try again. -KevinJ |
Well, I went ahead and commented out the call to the firewall line.
I then ran "chkconfig --list iptables". It returned "off" for all. I re-booted then I tried mozilla. It again timed out. I then tried "lynx". It also came back with the same results as it did on the message from a few posts back. It basically said that it encounterd a network error. Javier |
what does "service --status-all" show now?
-KevinJ |
Just out of curiosity... do you get anything when you type:
service iptables status or service ipchains status ? If you do, try as I said before.... "service iptables stop" or "service ipchains stop" -KevinJ |
Here are the contents:
iptables 0:off 1:off 2:off 3:off 4:off 5:on 6:off usage: aep1000 [start|stop|restart|condrestart] anacron dead but subsys locked apmd (pid 685) is running... atd (pid 824) is running... Configured Mount Points: ------------------------ Active Mount Points: -------------------- Broadcom BCM5820 init script Copyright (c) 2001 Broadcom Corporation usage: bcm5820 [start|stop|restart|condrestart] crond (pid 775) is running... Chain INPUT (policy ACCEPT) target prot opt source destination RH-Lokkit-0-50-INPUT all -- 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain RH-Lokkit-0-50-INPUT (1 references) target prot opt source destination ACCEPT udp -- 206.141.192.60 0.0.0.0/0 udp spt:53 dpts:1025:65535 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 flags:0x16/0x02 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:23 flags:0x16/0x02 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 flags:0x16/0x02 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 flags:0x16/0x02 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:0:1023 flags:0x16/0x02 reject-with icmp-port-unreachable REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:2049 flags:0x16/0x02 reject-with icmp-port-unreachable REJECT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpts:0:1023 reject-with icmp-port-unreachable REJECT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:2049 reject-with icmp-port-unreachable REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:6000:6009 flags:0x16/0x02 reject-with icmp-port-unreachable REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:7100 flags:0x16/0x02 reject-with icmp-port-unreachable gpm (pid 766) is running... httpd is stopped Table: filter Chain INPUT (policy ACCEPT) target prot opt source destination RH-Lokkit-0-50-INPUT all -- anywhere anywhere Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain RH-Lokkit-0-50-INPUT (1 references) target prot opt source destination ACCEPT udp -- dns1.chcgil.ameritech.net anywhere udp spt:domain dpts:1025:65535 ACCEPT tcp -- anywhere anywhere tcp dpt:ssh flags:SYN,RST,ACK/SYN ACCEPT tcp -- anywhere anywhere tcp dpt:telnet flags:SYN,RST,ACK/SYN ACCEPT tcp -- anywhere anywhere tcp dpt:smtp flags:SYN,RST,ACK/SYN ACCEPT tcp -- anywhere anywhere tcp dpt:http flags:SYN,RST,ACK/SYN ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere REJECT tcp -- anywhere anywhere tcp dpts:0:1023 flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable REJECT tcp -- anywhere anywhere tcp dpt:nfs flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable REJECT udp -- anywhere anywhere udp dpts:0:1023 reject-with icmp-port-unreachable REJECT udp -- anywhere anywhere udp dpt:nfs reject-with icmp-port-unreachable REJECT tcp -- anywhere anywhere tcp dpts:x11:6009 flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable REJECT tcp -- anywhere anywhere tcp dpt:xfs flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable irattach is stopped No status available for this package lpd (pid 726) is running... Configured devices: lo eth0 Currently active devices: lo eth0 rpc.mountd is stopped nfsd is stopped rpc.rquotad is stopped rpc.statd is stopped nscd is stopped ntpd is stopped Usage: /etc/init.d/oracle {start|stop|restart} portmap (pid 633) is running... master is stopped The random data source exists saslauthd is stopped sendmail (pid 756 746) is running... snmpd is stopped snmptrapd is stopped squid is stopped sshd (pid 697) is running... syslogd (pid 611) is running... klogd (pid 615) is running... tux is stopped xfs (pid 806) is running... xinetd (pid 711) is running... ypbind is stopped Please note the first line shows the results from "chkconfig --list iptables" |
well.. your firewall is running and thats probably what is causing the problem. I have given you all the suggestions I have for stopping it.
I don't know what else to do. -KevinJ |
Quote:
The result to "service iptables status" follows: Table: filter Chain INPUT (policy ACCEPT) target prot opt source destination RH-Lokkit-0-50-INPUT all -- anywhere anywhere Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain RH-Lokkit-0-50-INPUT (1 references) target prot opt source destination ACCEPT udp -- dns1.chcgil.ameritech.net anywhere udp spt:domain dpts:1025:65535 ACCEPT tcp -- anywhere anywhere tcp dpt:ssh flags:SYN,RST,ACK/SYN ACCEPT tcp -- anywhere anywhere tcp dpt:telnet flags:SYN,RST,ACK/SYN ACCEPT tcp -- anywhere anywhere tcp dpt:smtp flags:SYN,RST,ACK/SYN ACCEPT tcp -- anywhere anywhere tcp dpt:http flags:SYN,RST,ACK/SYN ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere REJECT tcp -- anywhere anywhere tcp dpts:0:1023 flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable REJECT tcp -- anywhere anywhere tcp dpt:nfs flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable REJECT udp -- anywhere anywhere udp dpts:0:1023 reject-with icmp-port-unreachable REJECT udp -- anywhere anywhere udp dpt:nfs reject-with icmp-port-unreachable REJECT tcp -- anywhere anywhere tcp dpts:x11:6009 flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable REJECT tcp -- anywhere anywhere tcp dpt:xfs flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable This is most likely the problem, but where could it be getting this values from? I have the firewall line commented from the "rc.local" file.:confused: |
If "service iptables stop" doesn't clear that up... I have no idea what could be the problem.
-Kevin |
I was poking around my box after your last message. While looking around, I found "Konqueror" so I gave it a try. I did not make any changes. I am using it as it was installed. I am able to surf the web without any problems.
That means the problem is not the firewall the problem is with mozilla. I am considering removing mozilla and re-installing it one more time. Thanks for all the help. Javier |
But why the heck wouldn't Lynx work? That's weird.
-KevinJ |
That is one for the books.
|
| All times are GMT -5. The time now is 10:27 AM. |