LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 12-01-2016, 11:13 AM   #1
end
Member
 
Registered: Aug 2016
Posts: 260

Rep: Reputation: Disabled
LTSP


hi

i installed and configured LTSP ubuntu server virtuali with kvm on centos.
centos is connected to router with 0.1 subnet, ltsp is 122.1 subnet.
i do prerouting on centos to ltsp, but when i connect laptop to router and try networkboot canot get ltsp. So any advice or link or something that can help get connection to ltsp. i followed this tutorial to install

https://ubuntuforums.org/showthread.php?t=2173749
 
Old 12-04-2016, 09:47 AM   #2
end
Member
 
Registered: Aug 2016
Posts: 260

Original Poster
Rep: Reputation: Disabled
re

hi

now i installed non virtual ltsp and its working, but i cant figur out what is all ports used by ltsp. now i set up iptables drop rules as defoult rules, and now i need open all ports ltsp use i put 53, 68,69, 22 but im still unable to get connection. so what ports i need open.
when i put default policy to accept its workink of course.

Thanks
 
Old 12-04-2016, 10:00 AM   #3
Turbocapitalist
LQ Guru
 
Registered: Apr 2005
Distribution: Linux Mint, Devuan, OpenBSD
Posts: 5,668
Blog Entries: 3

Rep: Reputation: 2904Reputation: 2904Reputation: 2904Reputation: 2904Reputation: 2904Reputation: 2904Reputation: 2904Reputation: 2904Reputation: 2904Reputation: 2904Reputation: 2904
You can set the last rule in your iptables INPUT chain to be REJECT, that will save some time. Then, during testing, set the second to last rule in the INPUT chain to LOG and check your logs as you try to connect. Open the incoming ports as needed. Then once it is working, take out the second to last rule (LOG).
 
1 members found this post helpful.
Old 12-04-2016, 10:50 AM   #4
end
Member
 
Registered: Aug 2016
Posts: 260

Original Poster
Rep: Reputation: Disabled
re

i put log to see what is droped, now i open that ports, and now half of image is loaded and stuck.

i cant find iptables configuration file on ubuntu i whant try this where is its not in sysconfig

IPTABLES_MODULES="nf_conntrack_netbios_ns ip_conntrack_tftp"

Last edited by end; 12-04-2016 at 10:51 AM.
 
Old 12-04-2016, 10:56 AM   #5
Turbocapitalist
LQ Guru
 
Registered: Apr 2005
Distribution: Linux Mint, Devuan, OpenBSD
Posts: 5,668
Blog Entries: 3

Rep: Reputation: 2904Reputation: 2904Reputation: 2904Reputation: 2904Reputation: 2904Reputation: 2904Reputation: 2904Reputation: 2904Reputation: 2904Reputation: 2904Reputation: 2904
Ubuntu uses UFW (Uncomplicated Firewall) as a front end for iptables by default. You'll have to work with or around that. You shouldn't change anything in sysconfig.

Code:
man ufw
sudo ufw status verbose
 
1 members found this post helpful.
Old 12-05-2016, 10:36 AM   #6
end
Member
 
Registered: Aug 2016
Posts: 260

Original Poster
Rep: Reputation: Disabled
hi

i ended up with this rules, i didnt test any applications but im able to mount file sistem and get login screen

Code:
#!/bin/bash

iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X

iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP

iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT

iptables -I INPUT -p tcp -m tcp -m multiport --sports 80,443 -m state --state ESTABLISHED -j ACCEPT
iptables -I OUTPUT -p tcp -m tcp -m multiport --dports 80,443 -m state --state NEW,ESTABLISHED -j ACCEPT

iptables -I INPUT -p udp -m udp --sport 53 -m state --state ESTABLISHED -j ACCEPT
iptables -I OUTPUT -p udp -m udp --dport 53 -m state --state NEW -j ACCEPT

iptables -A INPUT -p tcp --match multiport --sports 30000:56000 -j ACCEPT
iptables -A OUTPUT -p tcp --match multiport --dports 30000:56000 -j ACCEPT

iptables -A INPUT -p udp --match multiport --sports 2070:2076 -j ACCEPT
iptables -A OUTPUT -p udp --match multiport --dports 2070:2076 -j ACCEPT

iptables -A INPUT -p udp --match multiport --sports 49152:56000 -j ACCEPT
iptables -A OUTPUT -p udp --match multiport --dports 49152:56000 -j ACCEPT

iptables -I INPUT -p udp -m udp -m multiport --sports 2049,22,10809,69,68,67,8099,138,137 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
iptables -I OUTPUT -p udp -m udp -m multiport --dports 2049,22,10809,69,68,67,8099,138,137 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT


iptables -A INPUT -j LOG
iptables -A OUTPUT -j LOG
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Ltsp shishirkotkar Linux - Newbie 1 03-09-2008 08:06 AM
Ltsp colinstu Linux - Software 1 01-06-2006 12:27 AM
Compiling driver for LTSP 2.4.26-ltsp-2 ardian Linux - Software 2 10-21-2005 01:40 AM
Ltsp acdc Linux - Networking 1 06-11-2004 12:38 PM
Ltsp acdc Linux - Software 1 06-11-2004 04:53 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 07:40 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration