Networking problem
Dale Dellutri
daledellutri at gmail.com
Sat May 14 18:49:34 UTC 2011
On Sat, May 14, 2011 at 8:36 AM, JD <jd1008 at gmail.com> wrote:
> On my F14, I am running a firewall that accepts specific connection on
> specific ports from some machines on the LAN.
>
> However, for one machine I made a general rule to accept all connections:
>
> -A INPUT -s 192.168.1.60 -j ACCEPT
>
> After restarting the firewall,
>
> I still am unable to ping that machine and it is unable to ping me.
> That machine is not running a firewall.
>
> I can ping the router and another machine I have on the LAN.
> The machine at 192.168.1.60 can do the same.
>
> What else do I need to do to be able to talk to machine 192.168.1.60
> and it to my fedora machine?
1. You might try looking at the counts to see where the pings are being
rejected. On the target machine, as root:
# iptables -nvL
Note the counts, then use the source machine to try to ping the target
and again:
# iptables -nvL
Which counts have changed? The lines with the changed counts are
the ones activated by the pings. (Of course, you need to do this on a quiet
lan so that the target machine is not being flooded by traffic from other
systems.)
2. iptables problems can be difficult to debug without seeing all the rules,
since the order of the rules is so important. I know you are worried about
security, but you'll need to show them to someone you trust if you can't
solve tis yourself.
--
Dale Dellutri
More information about the users
mailing list