[389-users] 389-ds apparently listens only on loopback

Arian Sanusi arian at kosta.ch
Fri Jul 8 14:26:40 UTC 2011


does that mean it listens only on IPv6?

[root at centos5-test ~]# netstat -tlnp
Aktive Internetverbindungen (Nur Server)
Proto Recv-Q Send-Q Local Address               Foreign
Address             State       PID/Program name  
tcp        0      0 0.0.0.0:9830               
0.0.0.0:*                   LISTEN      2812/httpd.worker  
tcp        0      0 0.0.0.0:646                
0.0.0.0:*                   LISTEN      2160/rpc.statd     
tcp        0      0 0.0.0.0:111                
0.0.0.0:*                   LISTEN      2121/portmap       
tcp        0      0 127.0.0.1:25               
0.0.0.0:*                   LISTEN      2431/sendmail: acce
tcp        0      0 127.0.0.1:6010             
0.0.0.0:*                   LISTEN      3982/0             
tcp        0      0 :::389                     
:::*                        LISTEN      3885/ns-slapd      
tcp        0      0 :::22                      
:::*                        LISTEN      2392/sshd          
tcp        0      0 ::1:6010                   
:::*                        LISTEN      3982/0             
tcp        0      0 :::636                     
:::*                        LISTEN      3885/ns-slapd      


[root at centos5-test ~]# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination        
RH-Firewall-1-INPUT  all  --  anywhere             anywhere           

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination        
RH-Firewall-1-INPUT  all  --  anywhere             anywhere           

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination        

Chain RH-Firewall-1-INPUT (2 references)
target     prot opt source               destination        
ACCEPT     all  --  anywhere             anywhere           
ACCEPT     icmp --  anywhere             anywhere            icmp any
ACCEPT     esp  --  anywhere             anywhere           
ACCEPT     ah   --  anywhere             anywhere           
ACCEPT     udp  --  anywhere             224.0.0.251         udp dpt:mdns
ACCEPT     udp  --  anywhere             anywhere            udp dpt:ipp
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ipp
ACCEPT     all  --  anywhere             anywhere            state
RELATED,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere            state NEW
tcp dpt:ssh
REJECT     all  --  anywhere             anywhere            reject-with
icmp-host-prohibited


On 08.07.2011 16:19, Paul Robert Marino wrote:
> out put from
> 'sudo netstat -tlnp'
> please
> followed by the the out put of
> 'sudo /sbin/iptables -L'
> feel free to obscure the ip's it they are internet visible replace the 
> first 2 octets with 192.168




More information about the 389-users mailing list