Visit Jeremy's Blog.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 01-04-2004, 03:01 PM   #1
Chip D
LQ Newbie
Registered: Dec 2003
Location: UK
Distribution: Gentoo
Posts: 4

Rep: Reputation: 0
Question rsync through Guarddog/IPTables on Gentoo

One of the last things that I needed to do before I was happy that my Linux installation was to get the firewall running. Long story short, I've ended up using Gaurddog to configure IPTables.

I thought that everything was running fine, but they when I tried to run emerge sync it just hung when trying to connect to a server. Seeing as this was running fine prior to starting the firewall, I am certain that all I need to do is configure Guarddog to allow rsync through, problem of course is how?

I've had a look around and found that the rsync server requires port 837 (I think that's what it was) but the client just uses a "high port".

If someone could give me some advice as to how I would set Guaddog to allow rsync through then I would be grateful.

Old 01-04-2004, 11:07 PM   #2
Registered: Aug 2003
Location: Rochester, MN, U.S.A
Distribution: Gentoo
Posts: 987

Rep: Reputation: 30
I am in the same situation as you. If you find an answer I would love to hear it. I either disable my firewall, or use this method. Emerge gentoolkit and check out the emerge-webrsync utility. This uses port 80 so your firewall will not stop it.
Old 01-05-2004, 12:09 AM   #3
Senior Member
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 69
-bash-2.05b$ grep rsync /etc/services
rsync           873/tcp                 # rsync server
Any time you don't know what port a service uses, your first check should be /etc/services

You must have a very strict, or else misconfigured iptables setup. Normally iptables scripts will allow all TCP traffic back through the firewall if it's in a "RELATED" state, that is, it was requested in some way by your machine. If normal web surfing works, then you must only be keeping state for certain destination ports (such as 80/tcp for web surfing). You need to make sure that your firewall allows you to make outbound connections proto tcp from sport > 1023 and to dport = 873.

Obviously that's not happening right now, so you should check your firewall log to see what traffic is getting blocked (is it the outbound packet from your machine, or the return packet back to it?).
Old 01-05-2004, 06:40 PM   #4
Chip D
LQ Newbie
Registered: Dec 2003
Location: UK
Distribution: Gentoo
Posts: 4

Original Poster
Rep: Reputation: 0
I noticed that there has been a lot of activity at so I decided to run a websync so that I could do an up to date (as possible) emerge -U world. The only thing to come up (as it only takes into account ifo up until yesterday) was rsync version 2.6.0. Installed this, and thought, what the hell, let's try an emerge sync. Worked fine first time. I've not done anything with the firewall at all, and best I can tell it's still running ok, but rsync now works, which is all I wanted.

Just thought I'd share that with you folks.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
IPtables/Guarddog blocking to much. How do I fix this? M$ISBS Linux - Security 7 11-14-2005 10:42 PM
UT2004, Guarddog/iptables, and LAN games - ?? achallenger1 Linux - Games 3 09-19-2005 01:52 PM
Guarddog iptables and DHCP conflict (web-browsing impossible) nomind Linux - Networking 6 09-08-2005 07:18 PM
Windows Rsync Upload to Linux Rsync - permissions inspleak Linux - Software 0 10-12-2004 03:49 PM
Failed Dependencies for Guarddog: Iptables Electronkz Linux - Security 1 04-27-2004 04:42 AM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 02:09 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration