How do I configure iptables so I can use gnome ip messenger? I did
g2ipmsg&
netstat -na|more
but I could not find which port it uses. I'm not familiar with iptables but I know I don't want to leave it off and that's the only way g2ipmsg will work, otherwise I get "no route to host". Does anybody know what port it uses or how to find out so I can read the iptables man page and write the correct configuration for this? It probably would come in handy in the future if I just knew how to do this kind of thing. Thank you very much in advance.
If I run
iptables -F
and flush all chains g2ipmsg works okay, but what is this doing to my firewall? Am I still safe? Here is the content of my /etc/sysconfig/iptables file:
# Generated by iptables-save v1.3.7 on Tue Dec 2 09:28:25 2008
*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A POSTROUTING -o ppp0 -j MASQUERADE
COMMIT
# Completed on Tue Dec 2 09:28:25 2008
# Generated by iptables-save v1.3.7 on Tue Dec 2 09:28:25 2008
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p esp -j ACCEPT
-A RH-Firewall-1-INPUT -p ah -j ACCEPT
-A RH-Firewall-1-INPUT -d 224.0.0.251 -p udp -m udp --dport 5353 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 6881 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Tue Dec 2 09:28:25 2008

You might want to setup logging to see what ports are getting blocked by iptables. Here is a good tutorial on the process. From there you can open the required ports.

http://www.redhatmagazine.com/2007/0...prise-linux-4/

Thank you, tuxtutor. I ran it like that for awhile, logging, and I couldn't make heads or tails out of the results. But I did have some success. Here's my /etc/sysconfig/iptables file after some playing around with it:
# Generated by iptables-save v1.3.7 on Tue Dec 2 09:28:25 2008
*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A POSTROUTING -o ppp0 -j MASQUERADE
COMMIT
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
#-A FORWARD -j REJECT --reject-with icmp-host-prohibited
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p esp -j ACCEPT
-A RH-Firewall-1-INPUT -p ah -j ACCEPT
-A RH-Firewall-1-INPUT -d 224.0.0.251 -p udp -m udp --dport 5353 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 6881 -j ACCEPT
#log
#-A RH-Firewall-1-INPUT -j LOG
#-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited

COMMIT
# Completed on Tue Dec 2 09:28:25 2008

Notice I commented out line 13. Now g2ipmsg works fine. But I'm wondering how safe this is, not from the local network but from the internet.

SharpyWarpy,

I am not a iptables expert but are you using this box as a router?
Line 13 is a forward chain reject. Saying reject all any source any destination but your default policy is to accept. This chain is used primarily for routing so unless this box is performing routing I don't see how that change could have fixed the issue.

If you mean is the client machine connected via a crossover ethernet cable directly to this one then the answer is yes, this one is being used as a router.