LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 05-21-2003, 06:10 PM   #1
yocompia
Member
 
Registered: Apr 2003
Location: Chicago, IL
Distribution: openbsd 3.6, slackware 10.0
Posts: 244

Rep: Reputation: 30
firewall + mandrake update = bad, etc.


i've setup mdk 9.0 with a guarddog firewall and i can't access the mandrakeupdate updates. whenever i try to do this there is a mention of dropped packets and grpmi runs really slow for ~2 min., then dictates that the site couldn't be contacted. i believe this is b/c of some firewall setting, but don't know what the deal is. here's a syslog of what was going on:

May 21 16:53:34 localhost MandrakeUpdate[2707]: Installing package ftp://ftp.stealth.net/pub/mirrors/ft....1mdk.i586.rpm
May 21 16:53:34 localhost MandrakeUpdate[2707]: Installing package ftp://ftp.stealth.net/pub/mirrors/ft....2mdk.i586.rpm
May 21 16:53:34 localhost MandrakeUpdate[2707]: Installing package ftp://ftp.stealth.net/pub/mirrors/ft....2mdk.i586.rpm
May 21 16:53:34 localhost MandrakeUpdate[2707]: Installing package ftp://ftp.stealth.net/pub/mirrors/ft....2mdk.i586.rpm
May 21 16:53:34 localhost MandrakeUpdate[2707]: Installing package ftp://ftp.stealth.net/pub/mirrors/ft....1mdk.i586.rpm
May 21 16:53:34 localhost MandrakeUpdate[2707]: Installing package ftp://ftp.stealth.net/pub/mirrors/ft....1mdk.i586.rpm

May 21 16:53:38 localhost kernel: DROPPED IN= OUT=ppp0 SRC=MY.IP.AD.RS DST=206.252.192.18 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=14338 DF PROTO=TCP SPT=1046 DPT=55185 SEQ=3975041913 ACK=0 WINDOW=5808 RES=0x00 SYN URGP=0 OPT (020405AC0101040201030300)

May 21 16:53:59 localhost last message repeated 3 times

May 21 16:54:00 localhost CROND[2900]: (root) CMD ( /usr/share/msec/promisc_check.sh)
May 21 16:54:00 localhost CROND[2903]: (root) CMD ( /usr/share/msec/promisc_check.sh)

i also have a problem with crond running promisc_check.sh EVERY minute (as noted above). the only place i found a reference to this script is in /etc/cron.d/msec, where it lists

*/1 * * * * root /usr/share/msec/promisc_check.sh

but i would suppose this would only run it hourly at hour+1minute. what gives?
 
Old 05-21-2003, 06:32 PM   #2
manthram
Member
 
Registered: Feb 2002
Location: Fairfax, VA
Distribution: RedHat 8, Mandrake9.1, Slack9
Posts: 456

Rep: Reputation: 31
check your firewall rules. if you are using iptables you can check the rules by 'iptables -L'

the promisc_check is scheduled to run every minute that is what the script says. if you want it to run every first mt of the hr you have to have this

* */1 * * * root /usr/share/msec/promisc_check.sh
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
is this a bad idea ? fileserver/firewall... epoo Linux - Security 8 05-07-2005 03:44 PM
New to firewall logs... is there anything bad?? jimdaworm Linux - Security 3 04-01-2005 09:05 AM
bad iptables update jeffpoulsen Linux - Networking 3 06-25-2004 11:59 AM
recover from bad update jeffpoulsen Linux - General 0 02-11-2004 06:47 PM
ntpdate + firewall + no update countcobolt Linux - Networking 3 12-09-2003 04:50 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 01:20 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration