can't ftp, telnet, or ssh to FC2T2 box
Mr. Adam ALLEN
adam at dynamicinteraction.co.uk
Wed Apr 7 20:44:31 UTC 2004
On Wed, 2004-04-07 at 20:09, shrek-m at gmx.de wrote:
> Alan Cox wrote:
>
> >Sounds like an installer bug -> bugzilla it if its not already there.
>
> sorry,
> i am busy and my test2 installation is (temporary) overwritten with fc1
>
Unfortunately I have that busy feeling too :-( but a few solutions
(I've no time to reinstall since in a few days the laptop will be my
production box for a week).
I've never set NTP during install on the laptop, since most of the time
it's offline.
/etc/init.d/ntpd looks as though it does a sane check to make sure that
any iptables configured on the box is that of the RH firewall.
FWCHAIN="RH-Firewall-1-INPUT" # Is there a firewall running, and does it look like one we configured?
FWACTIVE=''
if [ -f /proc/net/ip_tables_names ]; then
if iptables -L -n 2>/dev/null | grep -q $FWCHAIN ; then
FWACTIVE=1
fi
fi
....
if [ -n "$FWACTIVE" -a "$FIREWALL_MODS" != "no" ]; then
for server in `echo $tickers $timeservers | tr ' ' '\n' | sort
-u`; do echo -n $"$prog: Opening firewall for input from
$server port 123"
iptables -I $FWCHAIN -m udp -p udp -s $server/32 \
--sport 123 -d 0/0 --dport 123 -j ACCEPT \
&& success || failure
echo
done
fi
That at least looks as though it should fail to execute the code to
punch NTP through the firewall if "RH-Firewall" is absent from the
iptables -a (Actually it should fail because /proc/net/ip_tables_names
should be active until some iptable modules are inserted into the
kernel).
I was questioning if this was an anaconda issue, but I don't think this
is an issue in the NTP init script, but something else somewhere.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=118667
This looks to describe the problem (and at least has the right dates in
it). I don't think I can add anything other than "me too" to the bug
report though.
--
Regards,
Adam Allen.
adam at dynamicinteraction.co.uk
pgp http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x553349DB
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.fedoraproject.org/pipermail/test/attachments/20040407/db5e143f/attachment.bin
More information about the test
mailing list