Visit Jeremy's Blog.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 07-08-2003, 03:47 PM   #1
Registered: Feb 2003
Distribution: Slackware 10
Posts: 38

Rep: Reputation: 15
iptables causing Gnome 2.2 to load slowly for non-root user

I finally have my firewall script nearly 95% ironed out. I can now browse the web and use IRC. WEE!!


Now when I use my user account and I start X it takes Gnome 2.2 upwards of two minutes (or however long it took for me to walk the dog) to start.

This is the offending piece of code:

$IPTABLES -A INPUT -p tcp --dport 6000:6001 -s $LO_IP -j ACCEPT

$IPTABLES -A INPUT -p tcp --dport 6000:6001 -s ! $LO_IP -j LOG --log-prefix "X11 attempt:"

What I THINK the above is supposed to do is:

1) allow xsessions from (localhost)

2) log attempts to connect to X from outside hosts

Any idea how I can have rules that block outside attempts, but allow me to use it?
Old 07-08-2003, 06:56 PM   #2
Registered: Jul 2003
Distribution: RH 7.3 , RH9,RHEL,FC
Posts: 38

Rep: Reputation: 15
I assume your firewall is running on your computer that is on the external interface. Are you allowing all incoming and outgoing traffic from your loopback device ??


as for allowing incoming ip's specifically for your 6000:60010 port range, by jsut setting your default policy on INPUT to drop will deny all external attempts to access it, if you want too allow people to start or send x related programs to other hosts, specify them

$IPTABLES -A INPUT -p tcp -s x.x.x.x --dport 6000:6010 -j ACCEPT
same as your example..

this will allow x.x.x.x to start a program on your computer and let them display it on theres, of course you have to also do

xhost +x.x.x.x and have your xserver set to recieve connections, i know debian turns this off by default, redhat leaves it on.
Old 07-08-2003, 11:10 PM   #3
Registered: Feb 2003
Distribution: Slackware 10
Posts: 38

Original Poster
Rep: Reputation: 15
I don't have anything like that set up, I don't believe (I'm booted in Windows right now and can't check).

I don't want others to access X. Just my user account.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Programs load very slowly! sdat1333 Mandriva 6 11-24-2004 03:41 PM
Dropline gnome, and user unable to load bumbumkoala Slackware 2 11-09-2004 12:36 PM
Gnome: root gets v2.6 but user gets v2.4 alexc Linux - Newbie 4 04-21-2004 01:10 AM
load script during boot not as user root? ziggie216 Linux - General 1 11-20-2003 12:30 PM
iptables: non-root user access? KendersPlace Linux - Networking 2 06-17-2003 08:33 AM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 12:15 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration