Snort mailing list archives
Snort / Base installation problem -- Related to IPTABLES -- I think
From: "Timothy A. Holmes" <tholmes () mcaschool net>
Date: Thu, 3 Nov 2005 06:50:55 -0500
Good Morning Folks Ive been working my way through Patrick Harper's install for Fedora, and everything is working well except for IPTABLES Somehow I have gotten something messed up, so that I cannot get access to the webpages hosted on the snort box -- either by http or https, the problem goes away when I turn off IPTABLES here is the iptables file [root@Moatmonster snort]# cd /etc/sysconfig [root@Moatmonster sysconfig]# cat iptables # Firewall configuration written by system-config-securitylevel # Manual customization of this file is not recommended. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :RH-Firewall-1-INPUT - [0:0] -A INPUT -j RH-Firewall-1-INPUT -A FORWARD -j RH-Firewall-1-INPUT -A RH-Firewall-1-INPUT -i lo -j ACCEPT -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j REJECT -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT COMMIT [root@Moatmonster sysconfig]# Here is the output of iptables -L [root@Moatmonster sysconfig]# iptables -L Chain FORWARD (policy ACCEPT) target prot opt source destination RH-Firewall-1-INPUT all -- anywhere anywhere Chain INPUT (policy ACCEPT) target prot opt source destination RH-Firewall-1-INPUT all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain RH-Firewall-1-INPUT (2 references) target prot opt source destination ACCEPT all -- anywhere anywhere REJECT icmp -- anywhere anywhere icmp any reject-with icmp-port-unreachable ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh REJECT all -- anywhere anywhere reject-with icmp-host-prohibited ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:https [root@Moatmonster sysconfig]# Right now I have the firewall turned off (the box is still in setup, not production) so that I can continue to work on it, but if you can point out my problem, I would be most thankful Timothy A. Holmes IT Manager / Network Admin / Web Master / Computer Teacher Medina Christian Academy A Higher Standard... Jeremiah 33:3 Jeremiah 29:11 Esther 4:14 ------------------------------------------------------- SF.Net email is sponsored by: Tame your development challenges with Apache's Geronimo App Server. Download it for free - -and be entered to win a 42" plasma tv or your very own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort / Base installation problem -- Related to IPTABLES -- I think Timothy A. Holmes (Nov 03)
- Re: Snort / Base installation problem -- Related to IPTABLES -- I think Alejandro Flores (Nov 03)
- Re: Snort / Base installation problem -- Related to IPTABLES -- I think Jeff Kell (Nov 03)
- RE: Snort / Base installation problem -- Related to IPTABLES -- I think Patrick Harper (Nov 03)