> iptables -A INPUT -i lo -j ACCEPT
> iptables -A OUTPUT -o lo -j ACCEPT
мёртво(
>telnet host
Trying host..
telnet: connect to address host: Connection refused
не открывается порт((...
# netstat -lnp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 2749/portmap
tcp 0 0 0.0.0.0:60688 0.0.0.0:* LISTEN 17015/sim
tcp 0 0 127.0.0.1:2544 0.0.0.0:* LISTEN 2677/zmd
tcp 0 0 0.0.0.0:631 0.0.0.0:* LISTEN 3094/cupsd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 3280/master
tcp 0 0 :::22 :::* LISTEN 3344/sshd
tcp 0 0 ::1:25 :::* LISTEN 3280/master
udp 0 0 0.0.0.0:32768 0.0.0.0:* 2631/mdnsd
udp 0 0 0.0.0.0:1308 0.0.0.0:* 17015/sim
udp 0 0 0.0.0.0:5353 0.0.0.0:* 2631/mdnsd
udp 0 0 0.0.0.0:111 0.0.0.0:* 2749/portmap
udp 0 0 0.0.0.0:631 0.0.0.0:* 3094/cupsd
raw 0 0 0.0.0.0:1 0.0.0.0:* 7 4943/ping
Active UNIX domain sockets (only servers)
Proto RefCnt Flags Type State I-Node PID/Program name Path
unix 2 [ ACC ] STREAM LISTENING 13918 4064/gnome-screensa /tmp/orbit-peter/linc-fdf-0-3aa154ce19ee9
unix 2 [ ACC ] STREAM LISTENING 10752 3521/X /tmp/.X11-unix/X0
unix 2 [ ACC ] STREAM LISTENING 41804 20315/mapping-daemo /tmp/mapping-peter
unix 2 [ ACC ] STREAM LISTENING 13132 3871/beagled /home/peter/.beagle/socket
unix 2 [ ACC ] STREAM LISTENING 11925 3808/gconfd-2 /tmp/orbit-peter/linc-ee0-0-434f01344912c
unix 2 [ ACC ] STREAM LISTENING 12091 3751/gnome-session /tmp/orbit-peter/linc-ea7-0-766ca363d0b29
unix 2 [ ACC ] STREAM LISTENING 9678 3280/master public/cleanup
unix 2 [ ACC ] STREAM LISTENING 15855 3871/beagled /tmp/orbit-peter/linc-f1f-0-4a31f2da41fa3
unix 2 [ ACC ] STREAM LISTENING 14267 4144/firefox-bin /tmp/orbit-peter/linc-1030-0-41138aab3003a
unix 2 [ ACC ] STREAM LISTENING 12137 3816/gnome-settings /tmp/orbit-peter/linc-ee8-0-24dcf654e1385
unix 2 [ ACC ] STREAM LISTENING 12271 3823/metacity /tmp/orbit-peter/linc-eef-0-57812998712a
unix 2 [ ACC ] STREAM LISTENING 105555 17367/notification- /tmp/orbit-peter/linc-43d7-0-596b8ee0c799a
unix 2 [ ACC ] STREAM LISTENING 12350 3825/nautilus /tmp/orbit-peter/linc-ef1-0-1c5632b21c81a
unix 2 [ ACC ] STREAM LISTENING 12368 3827/gnome-panel /tmp/orbit-peter/linc-ef3-0-1c5632b23b245
unix 2 [ ACC ] STREAM LISTENING 7297 2600/hald @/tmp/hald-local/dbus-HjjGMqHgxA
unix 2 [ ACC ] STREAM LISTENING 12904 3878/nm-applet /tmp/orbit-peter/linc-f26-0-264aba59a1458
unix 2 [ ACC ] STREAM LISTENING 12117 3814/bonobo-activat /tmp/orbit-peter/linc-ee6-0-75b3e4f17a7b9
unix 2 [ ACC ] STREAM LISTENING 13072 3850/beagle-search /tmp/orbit-peter/linc-f0a-0-3a18b77ff20d0
unix 2 [ ACC ] STREAM LISTENING 12617 3880/gnome-power-ma /tmp/orbit-peter/linc-f12-0-709425b22a3a6
unix 2 [ ACC ] STREAM LISTENING 12630 3879/gnome-volume-m /tmp/orbit-peter/linc-f1b-0-264aba585100d
unix 2 [ ACC ] STREAM LISTENING 13502 3942/mono /tmp/orbit-peter/linc-f66-0-6160219a83c1c
unix 2 [ ACC ] STREAM LISTENING 9728 3280/master public/flush
unix 2 [ ACC ] STREAM LISTENING 9732 3280/master private/proxymap
unix 2 [ ACC ] STREAM LISTENING 7984 2677/zmd /var/run/zmd/zmd-remoting.socket
unix 2 [ ACC ] STREAM LISTENING 9736 3280/master private/smtp
unix 2 [ ACC ] STREAM LISTENING 9740 3280/master private/relay
unix 2 [ ACC ] STREAM LISTENING 9744 3280/master public/showq
unix 2 [ ACC ] STREAM LISTENING 9748 3280/master private/error
unix 2 [ ACC ] STREAM LISTENING 9752 3280/master private/discard
unix 2 [ ACC ] STREAM LISTENING 9756 3280/master private/local
unix 2 [ ACC ] STREAM LISTENING 9760 3280/master private/virtual
unix 2 [ ACC ] STREAM LISTENING 9764 3280/master private/lmtp
unix 2 [ ACC ] STREAM LISTENING 9768 3280/master private/anvil
unix 2 [ ACC ] STREAM LISTENING 9772 3280/master private/scache
unix 2 [ ACC ] STREAM LISTENING 9776 3280/master private/maildrop
unix 2 [ ACC ] STREAM LISTENING 9780 3280/master private/cyrus
unix 2 [ ACC ] STREAM LISTENING 9784 3280/master private/uucp
unix 2 [ ACC ] STREAM LISTENING 9788 3280/master private/ifmail
unix 2 [ ACC ] STREAM LISTENING 9792 3280/master private/bsmtp
unix 2 [ ACC ] STREAM LISTENING 9796 3280/master private/procmail
unix 2 [ ACC ] STREAM LISTENING 12826 3863/kdeinit Runnin /tmp/ksocket-peter/kdeinit__0
unix 2 [ ACC ] STREAM LISTENING 7415 2631/mdnsd /var/run/mdnsd
unix 2 [ ACC ] STREAM LISTENING 9708 3280/master private/rewrite
unix 2 [ ACC ] STREAM LISTENING 12095 3751/gnome-session /tmp/.ICE-unix/3751
unix 2 [ ACC ] STREAM LISTENING 12661 3874/dcopserver [kd /tmp/.ICE-unix/dcop3874-1161258514
unix 2 [ ACC ] STREAM LISTENING 9930 3347/atieventsd /var/run/atieventsd.socket
unix 2 [ ACC ] STREAM LISTENING 7143 2539/resmgrd /var/run/.resmgr_socket
unix 2 [ ACC ] STREAM LISTENING 7040 2477/acpid /var/run/acpid.socket
unix 2 [ ACC ] STREAM LISTENING 9712 3280/master private/bounce
unix 2 [ ACC ] STREAM LISTENING 9716 3280/master private/defer
unix 2 [ ACC ] STREAM LISTENING 11903 3799/gpg-agent /tmp/gpg-xqYklF/S.gpg-agent
unix 2 [ ACC ] STREAM LISTENING 12104 3812/gnome-keyring- /tmp/keyring-h2tUyS/socket
unix 2 [ ACC ] STREAM LISTENING 12151 3818/esd /tmp/.esd/socket
unix 2 [ ACC ] STREAM LISTENING 12839 3863/kdeinit Runnin /tmp/ksocket-peter/kdeinit-:0
unix 2 [ ACC ] STREAM LISTENING 10731 3327/gdm /tmp/.gdm_socket
unix 2 [ ACC ] STREAM LISTENING 12852 3829/resapplet /tmp/orbit-peter/linc-ef5-0-1c5632ae32ca4
unix 2 [ ACC ] STREAM LISTENING 11908 3804/dbus-daemon @/tmp/dbus-gBfFNWRpvM
unix 2 [ ACC ] STREAM LISTENING 7064 2540/dbus-daemon /var/run/dbus/system_bus_socket
unix 2 [ ACC ] STREAM LISTENING 12858 3838/gnome-terminal /tmp/orbit-peter/linc-efe-0-1c5632ae333fd
unix 2 [ ACC ] STREAM LISTENING 12995 3887/klauncher [kde /tmp/ksocket-peter/klauncherMzsWJb.slave-socket
unix 2 [ ACC ] STREAM LISTENING 13077 3895/gnome-vfs-daem /tmp/orbit-peter/linc-f37-0-61aca87b1d6
unix 2 [ ACC ] STREAM LISTENING 14049 4092/gnomesu /tmp/orbit-peter/linc-ffc-0-66b729b3851c5
unix 2 [ ACC ] STREAM LISTENING 9720 3280/master private/trace
unix 2 [ ACC ] STREAM LISTENING 9724 3280/master private/verify
Active IPX sockets
Proto Recv-Q Send-Q Local Address Foreign Address State
Active AX.25 sockets
Dest Source Device State Vr/Vs Send-Q Recv-Q
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 2749/portmap
tcp 0 0 0.0.0.0:60688 0.0.0.0:* LISTEN 17015/sim
tcp 0 0 127.0.0.1:2544 0.0.0.0:* LISTEN 2677/zmd
tcp 0 0 0.0.0.0:631 0.0.0.0:* LISTEN 3094/cupsd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 3280/master
tcp 0 0 :::22 :::* LISTEN 3344/sshd
tcp 0 0 ::1:25 :::* LISTEN 3280/master
udp 0 0 0.0.0.0:32768 0.0.0.0:* 2631/mdnsd
udp 0 0 0.0.0.0:1308 0.0.0.0:* 17015/sim
udp 0 0 0.0.0.0:5353 0.0.0.0:* 2631/mdnsd
udp 0 0 0.0.0.0:111 0.0.0.0:* 2749/portmap
udp 0 0 0.0.0.0:631 0.0.0.0:* 3094/cupsd
raw 0 0 0.0.0.0:1 0.0.0.0:* 7 4943/ping
Active UNIX domain sockets (only servers)
Proto RefCnt Flags Type State I-Node PID/Program name Path
unix 2 [ ACC ] STREAM LISTENING 13918 4064/gnome-screensa /tmp/orbit-peter/linc-fdf-0-3aa154ce19ee9
unix 2 [ ACC ] STREAM LISTENING 10752 3521/X /tmp/.X11-unix/X0
unix 2 [ ACC ] STREAM LISTENING 41804 20315/mapping-daemo /tmp/mapping-peter
unix 2 [ ACC ] STREAM LISTENING 13132 3871/beagled /home/peter/.beagle/socket
unix 2 [ ACC ] STREAM LISTENING 11925 3808/gconfd-2 /tmp/orbit-peter/linc-ee0-0-434f01344912c
unix 2 [ ACC ] STREAM LISTENING 12091 3751/gnome-session /tmp/orbit-peter/linc-ea7-0-766ca363d0b29
unix 2 [ ACC ] STREAM LISTENING 9678 3280/master public/cleanup
unix 2 [ ACC ] STREAM LISTENING 15855 3871/beagled /tmp/orbit-peter/linc-f1f-0-4a31f2da41fa3
unix 2 [ ACC ] STREAM LISTENING 14267 4144/firefox-bin /tmp/orbit-peter/linc-1030-0-41138aab3003a
unix 2 [ ACC ] STREAM LISTENING 12137 3816/gnome-settings /tmp/orbit-peter/linc-ee8-0-24dcf654e1385
unix 2 [ ACC ] STREAM LISTENING 12271 3823/metacity /tmp/orbit-peter/linc-eef-0-57812998712a
unix 2 [ ACC ] STREAM LISTENING 105555 17367/notification- /tmp/orbit-peter/linc-43d7-0-596b8ee0c799a
unix 2 [ ACC ] STREAM LISTENING 12350 3825/nautilus /tmp/orbit-peter/linc-ef1-0-1c5632b21c81a
unix 2 [ ACC ] STREAM LISTENING 12368 3827/gnome-panel /tmp/orbit-peter/linc-ef3-0-1c5632b23b245
unix 2 [ ACC ] STREAM LISTENING 7297 2600/hald @/tmp/hald-local/dbus-HjjGMqHgxA
unix 2 [ ACC ] STREAM LISTENING 12904 3878/nm-applet /tmp/orbit-peter/linc-f26-0-264aba59a1458
unix 2 [ ACC ] STREAM LISTENING 12117 3814/bonobo-activat /tmp/orbit-peter/linc-ee6-0-75b3e4f17a7b9
unix 2 [ ACC ] STREAM LISTENING 13072 3850/beagle-search /tmp/orbit-peter/linc-f0a-0-3a18b77ff20d0
unix 2 [ ACC ] STREAM LISTENING 12617 3880/gnome-power-ma /tmp/orbit-peter/linc-f12-0-709425b22a3a6
unix 2 [ ACC ] STREAM LISTENING 12630 3879/gnome-volume-m /tmp/orbit-peter/linc-f1b-0-264aba585100d
unix 2 [ ACC ] STREAM LISTENING 13502 3942/mono /tmp/orbit-peter/linc-f66-0-6160219a83c1c
unix 2 [ ACC ] STREAM LISTENING 9728 3280/master public/flush
unix 2 [ ACC ] STREAM LISTENING 9732 3280/master private/proxymap
unix 2 [ ACC ] STREAM LISTENING 7984 2677/zmd /var/run/zmd/zmd-remoting.socket
unix 2 [ ACC ] STREAM LISTENING 9736 3280/master private/smtp
unix 2 [ ACC ] STREAM LISTENING 9740 3280/master private/relay
unix 2 [ ACC ] STREAM LISTENING 9744 3280/master public/showq
unix 2 [ ACC ] STREAM LISTENING 9748 3280/master private/error
unix 2 [ ACC ] STREAM LISTENING 9752 3280/master private/discard
unix 2 [ ACC ] STREAM LISTENING 9756 3280/master private/local
unix 2 [ ACC ] STREAM LISTENING 9760 3280/master private/virtual
unix 2 [ ACC ] STREAM LISTENING 9764 3280/master private/lmtp
unix 2 [ ACC ] STREAM LISTENING 9768 3280/master private/anvil
unix 2 [ ACC ] STREAM LISTENING 9772 3280/master private/scache
unix 2 [ ACC ] STREAM LISTENING 9776 3280/master private/maildrop
unix 2 [ ACC ] STREAM LISTENING 9780 3280/master private/cyrus
unix 2 [ ACC ] STREAM LISTENING 9784 3280/master private/uucp
unix 2 [ ACC ] STREAM LISTENING 9788 3280/master private/ifmail
unix 2 [ ACC ] STREAM LISTENING 9792 3280/master private/bsmtp
unix 2 [ ACC ] STREAM LISTENING 9796 3280/master private/procmail
unix 2 [ ACC ] STREAM LISTENING 12826 3863/kdeinit Runnin /tmp/ksocket-peter/kdeinit__0
unix 2 [ ACC ] STREAM LISTENING 7415 2631/mdnsd /var/run/mdnsd
unix 2 [ ACC ] STREAM LISTENING 9708 3280/master private/rewrite
unix 2 [ ACC ] STREAM LISTENING 12095 3751/gnome-session /tmp/.ICE-unix/3751
unix 2 [ ACC ] STREAM LISTENING 12661 3874/dcopserver [kd /tmp/.ICE-unix/dcop3874-1161258514
unix 2 [ ACC ] STREAM LISTENING 9930 3347/atieventsd /var/run/atieventsd.socket
unix 2 [ ACC ] STREAM LISTENING 7143 2539/resmgrd /var/run/.resmgr_socket
unix 2 [ ACC ] STREAM LISTENING 7040 2477/acpid /var/run/acpid.socket
unix 2 [ ACC ] STREAM LISTENING 9712 3280/master private/bounce
unix 2 [ ACC ] STREAM LISTENING 9716 3280/master private/defer
unix 2 [ ACC ] STREAM LISTENING 11903 3799/gpg-agent /tmp/gpg-xqYklF/S.gpg-agent
unix 2 [ ACC ] STREAM LISTENING 12104 3812/gnome-keyring- /tmp/keyring-h2tUyS/socket
unix 2 [ ACC ] STREAM LISTENING 12151 3818/esd /tmp/.esd/socket
unix 2 [ ACC ] STREAM LISTENING 12839 3863/kdeinit Runnin /tmp/ksocket-peter/kdeinit-:0
unix 2 [ ACC ] STREAM LISTENING 10731 3327/gdm /tmp/.gdm_socket
unix 2 [ ACC ] STREAM LISTENING 12852 3829/resapplet /tmp/orbit-peter/linc-ef5-0-1c5632ae32ca4
unix 2 [ ACC ] STREAM LISTENING 11908 3804/dbus-daemon @/tmp/dbus-gBfFNWRpvM
unix 2 [ ACC ] STREAM LISTENING 7064 2540/dbus-daemon /var/run/dbus/system_bus_socket
unix 2 [ ACC ] STREAM LISTENING 12858 3838/gnome-terminal /tmp/orbit-peter/linc-efe-0-1c5632ae333fd
unix 2 [ ACC ] STREAM LISTENING 12995 3887/klauncher [kde /tmp/ksocket-peter/klauncherMzsWJb.slave-socket
unix 2 [ ACC ] STREAM LISTENING 13077 3895/gnome-vfs-daem /tmp/orbit-peter/linc-f37-0-61aca87b1d6
unix 2 [ ACC ] STREAM LISTENING 14049 4092/gnomesu /tmp/orbit-peter/linc-ffc-0-66b729b3851c5
unix 2 [ ACC ] STREAM LISTENING 9720 3280/master private/trace
unix 2 [ ACC ] STREAM LISTENING 9724 3280/master private/verify
Active IPX sockets
Proto Recv-Q Send-Q Local Address Foreign Address State
Active AX.25 sockets
Dest Source Device State Vr/Vs Send-Q Recv-Q
Возможно нужно учесть, что если телнетишся с удаленного хоста, то телнет-клиент усаживается на любой свободный порт. А судя по правилам соединения рубятся со всех портов кроме 4462 - вот он и получает отлуп. По идее то же самое с nmap - полагаю, что syn он посылает тоже не с sport 4462. Хотя вывод netstat действительно не обнадеживает.
%chmod -x /bin/chmod
klmntmp, что-то я вас вообще не понимаю...
4462 - это порт на вашем локальном комьютере к которому вы хотите получить доступ извне либо это порт на даленном компьютере к которому вы хотите разрешить доступ?
В первом случае хочу вас огорчить - пор 4462 не прослушивается ни одним приложением.
4462 - это порт на вашем локальном комьютере к которому вы хотите получить доступ извне либо это порт на даленном компьютере к которому вы хотите разрешить доступ?
В первом случае хочу вас огорчить - пор 4462 не прослушивается ни одним приложением.
Опыт растет прямо пропорционально выведенному из строя оборудованию
>iptables -A OUTPUT -p tcp -o eth0 --dport 4462 -j ACCEPT
>iptables -A INPUT -p tcp -i eth0 --sport 4462 -j ACCEPT
добавил
>перезапустил rcnetwork
rcnetwork start почистил таблицу фаервола и поднял старые правила.
Все правильно.
Возможно "правильный" вариант:
iptables-save > act
vim act
{куда положено вставить нужные правила}
iptables-restore < act
rcnetwork save
rcnetwork restart
Хотя возможно rcnetwork save и не будет, я не знаком с suse.
>iptables -A INPUT -p tcp -i eth0 --sport 4462 -j ACCEPT
добавил
>перезапустил rcnetwork
rcnetwork start почистил таблицу фаервола и поднял старые правила.
Все правильно.
Возможно "правильный" вариант:
iptables-save > act
vim act
{куда положено вставить нужные правила}
iptables-restore < act
rcnetwork save
rcnetwork restart
Хотя возможно rcnetwork save и не будет, я не знаком с suse.
Join jabber.org.by. avb@jabber.org.by
вопрос супер тривиальный, ты просто вопросы задавать не умеешь.
Join jabber.org.by. avb@jabber.org.by
-
Mr. Anderson
- Неотъемлемая часть форума
- Сообщения: 373
- Зарегистрирован: 10 окт 2005, 14:35
