Port offen - Firewall blockt

Toffel · Jul 30, 2006

Hallo,

ich habe eine TS bei mir installiert auf Server, wenn ich über yast die Firewall ausschalte kommt man ohne weiteres auf den Teamspeakserver, stelle ich sie aber an kommt das der Server offline ist.
Ich habe den Port freigeschaltet 8767, das Webinterface ist immer erreichbar und der Port dafür ist auch freigeschaltet.

Ich weiß es nicht mehr weiter, fakt ist das die Firewall blockt obwohl der Port offen ist.

Kann mir jemand weiterhelfen?

Danke und bis bald Toffel.

marneus · Jul 30, 2006

*an Glaskugel reib*

Ich nehme mal an, Du hast SuSe und nutzt die Konfiguration über Yast. Wenn nicht, berichtige mich einfach und ich überlege für Dich einfach nochmal neu...

Hast Du die Firewall vorher schon benutzt oder erst seitdem Du den TS Server installiert hast?

Toffel · Jul 30, 2006

Jop, SuSe ist vollkommen richtig, ja und ich habe sie über yast konfiguriert.
Nein, die Firewall läuft schon immer, ich habe auch alles schon mal neugestartet.

marneus · Jul 30, 2006

Vielleicht sollte ich doch versuchen als Medium mein Geld zu verdienen

Dann ist das ja in der Tat relativ strange. Könntest Du mal bitte mit

Code:

iptables -L

den betreffenden Part hier ins Forum kopieren?

Toffel · Jul 30, 2006

Code:

Chain INPUT (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
LOG        all  --  loopback/8           anywhere           LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ANTI-SPOOFING '
LOG        all  --  anywhere             loopback/8         LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ANTI-SPOOFING '
DROP       all  --  loopback/8           anywhere
DROP       all  --  anywhere             loopback/8
LOG        all  --  h622498.serverkompetenz.net  anywhere           LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ANTI-SPOOFING '
DROP       all  --  h622498.serverkompetenz.net  anywhere
input_ext  all  --  anywhere             h622498.serverkompetenz.net
DROP       all  --  anywhere             h622498.serverkompetenz.net
DROP       all  --  anywhere             255.255.255.255
LOG        all  --  anywhere             anywhere           LOG level warning tcp-options ip-options prefix `SuSE-FW-ILLEGAL-TARGET '
DROP       all  --  anywhere             anywhere

Chain FORWARD (policy DROP)
target     prot opt source               destination
TCPMSS     tcp  --  anywhere             anywhere           tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
LOG        icmp --  anywhere             anywhere           icmp time-exceeded LOG level warning tcp-options ip-options prefix `SuSE-FW-TRACEROUTE-ATTEMPT '
ACCEPT     icmp --  anywhere             anywhere           icmp time-exceeded
ACCEPT     icmp --  anywhere             anywhere           icmp port-unreachable
ACCEPT     icmp --  anywhere             anywhere           icmp fragmentation-needed
ACCEPT     icmp --  anywhere             anywhere           icmp network-prohibited
ACCEPT     icmp --  anywhere             anywhere           icmp host-prohibited
ACCEPT     icmp --  anywhere             anywhere           icmp communication-prohibited
DROP       icmp --  anywhere             anywhere           icmp destination-unreachable
ACCEPT     all  --  anywhere             anywhere           state NEW,RELATED,ESTABLISHED
LOG        all  --  anywhere             anywhere           LOG level warning tcp-options ip-options prefix `SuSE-FW-OUTPUT-ERROR '

Chain forward_dmz (0 references)
target     prot opt source               destination

Chain forward_ext (0 references)
target     prot opt source               destination

Chain forward_int (0 references)
target     prot opt source               destination

Chain input_dmz (0 references)
target     prot opt source               destination
LOG        all  --  h622498.serverkompetenz.net  anywhere           LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ANTI-SPOOF-idmz '
DROP       all  --  h622498.serverkompetenz.net  anywhere
ACCEPT     icmp --  anywhere             anywhere           icmp echo-request
ACCEPT     icmp --  anywhere             anywhere           state RELATED,ESTABLISHED icmp echo-reply
ACCEPT     icmp --  anywhere             anywhere           state RELATED,ESTABLISHED icmp destination-unreachable
ACCEPT     icmp --  anywhere             anywhere           state RELATED,ESTABLISHED icmp time-exceeded
ACCEPT     icmp --  anywhere             anywhere           state RELATED,ESTABLISHED icmp parameter-problem
ACCEPT     icmp --  anywhere             anywhere           state RELATED,ESTABLISHED icmp timestamp-reply
ACCEPT     icmp --  anywhere             anywhere           state RELATED,ESTABLISHED icmp address-mask-reply
LOG        icmp --  anywhere             anywhere           icmp redirect LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG        icmp --  anywhere             anywhere           icmp source-quench LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG        icmp --  anywhere             anywhere           icmp timestamp-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG        icmp --  anywhere             anywhere           icmp address-mask-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT
'
LOG        icmp --  anywhere             anywhere           icmp type 2 LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
DROP       icmp --  anywhere             anywhere
reject_func  tcp  --  anywhere             anywhere           tcp dpt:ident flags:SYN,RST,ACK/SYN
LOG        tcp  --  anywhere             anywhere           tcp dpt:ftp flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP '
DROP       tcp  --  anywhere             anywhere           tcp dpt:ftp flags:SYN,RST,ACK/SYN
LOG        tcp  --  anywhere             anywhere           tcp dpt:domain flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP
 '
DROP       tcp  --  anywhere             anywhere           tcp dpt:domain flags:SYN,RST,ACK/SYN
LOG        tcp  --  anywhere             anywhere           tcp dpt:sunrpc flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP
 '
DROP       tcp  --  anywhere             anywhere           tcp dpt:sunrpc flags:SYN,RST,ACK/SYN
LOG        tcp  --  anywhere             anywhere           tcp dpt:mysql flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP
'
DROP       tcp  --  anywhere             anywhere           tcp dpt:mysql flags:SYN,RST,ACK/SYN
LOG        tcp  --  anywhere             anywhere           tcp dpt:ca-idms flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DRO
P '
DROP       tcp  --  anywhere             anywhere           tcp dpt:ca-idms flags:SYN,RST,ACK/SYN
LOG        tcp  --  anywhere             anywhere           tcp dpt:22223 flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP
'
DROP       tcp  --  anywhere             anywhere           tcp dpt:22223 flags:SYN,RST,ACK/SYN
ACCEPT     tcp  --  anywhere             anywhere           state RELATED,ESTABLISHED tcp dpts:1024:65535
ACCEPT     tcp  --  anywhere             anywhere           state ESTABLISHED tcp dpts:ipcserver:65535 flags:!SYN,RST,ACK/SYN
ACCEPT     tcp  --  anywhere             anywhere           state ESTABLISHED tcp dpt:ftp-data flags:!SYN,RST,ACK/SYN
ACCEPT     udp  --  rns30.rl.b.rz-ip.net  anywhere           state NEW,RELATED,ESTABLISHED udp spt:domain dpts:1024:65535
ACCEPT     udp  --  rns20.rl.b.rz-ip.net  anywhere           state NEW,RELATED,ESTABLISHED udp spt:domain dpts:1024:65535
DROP       udp  --  anywhere             anywhere           udp dpt:fsp
DROP       udp  --  anywhere             anywhere           udp dpt:domain
DROP       udp  --  anywhere             anywhere           udp dpt:domain
DROP       udp  --  anywhere             anywhere           udp dpt:bootpc
DROP       udp  --  anywhere             anywhere           udp dpt:sunrpc
DROP       udp  --  anywhere             anywhere           udp dpt:sunrpc
DROP       udp  --  anywhere             anywhere           udp dpt:mysql
DROP       udp  --  anywhere             anywhere           udp dpt:ca-idms
DROP       udp  --  anywhere             anywhere           udp dpt:22223
ACCEPT     udp  --  anywhere             anywhere           state NEW,RELATED,ESTABLISHED udp dpts:1024:65535
LOG        tcp  --  anywhere             anywhere           tcp flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG        icmp --  anywhere             anywhere           icmp source-quench LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG        icmp --  anywhere             anywhere           icmp redirect LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG        icmp --  anywhere             anywhere           icmp echo-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG        icmp --  anywhere             anywhere           icmp timestamp-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG        icmp --  anywhere             anywhere           icmp address-mask-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG        udp  --  anywhere             anywhere           LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG        all  --  anywhere             anywhere           state INVALID LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT-INVALID '
DROP       all  --  anywhere             anywhere

Chain input_ext (1 references)
target     prot opt source               destination
ACCEPT     icmp --  h622498.serverkompetenz.net  anywhere           icmp source-quench
ACCEPT     icmp --  anywhere             anywhere           icmp echo-request
ACCEPT     icmp --  anywhere             anywhere           state RELATED,ESTABLISHED icmp echo-reply
ACCEPT     icmp --  anywhere             anywhere           state RELATED,ESTABLISHED icmp destination-unreachable
ACCEPT     icmp --  anywhere             anywhere           state RELATED,ESTABLISHED icmp time-exceeded
ACCEPT     icmp --  anywhere             anywhere           state RELATED,ESTABLISHED icmp parameter-problem
ACCEPT     icmp --  anywhere             anywhere           state RELATED,ESTABLISHED icmp timestamp-reply
ACCEPT     icmp --  anywhere             anywhere           state RELATED,ESTABLISHED icmp address-mask-reply
LOG        icmp --  anywhere             anywhere           icmp redirect LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG        icmp --  anywhere             anywhere           icmp source-quench LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG        icmp --  anywhere             anywhere           icmp timestamp-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG        icmp --  anywhere             anywhere           icmp address-mask-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT
'
LOG        icmp --  anywhere             anywhere           icmp type 2 LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
DROP       icmp --  anywhere             anywhere
ACCEPT     tcp  --  anywhere             anywhere           state NEW,RELATED,ESTABLISHED tcp dpt:14534
ACCEPT     tcp  --  anywhere             anywhere           state NEW,RELATED,ESTABLISHED tcp dpt:ftp
ACCEPT     tcp  --  anywhere             anywhere           state NEW,RELATED,ESTABLISHED tcp dpt:22222
ACCEPT     tcp  --  anywhere             anywhere           state NEW,RELATED,ESTABLISHED tcp dpt:mysql
ACCEPT     tcp  --  anywhere             anywhere           state NEW,RELATED,ESTABLISHED tcp dpt:ca-idms
ACCEPT     tcp  --  anywhere             anywhere           state NEW,RELATED,ESTABLISHED tcp dpt:51234
ACCEPT     tcp  --  anywhere             anywhere           state NEW,RELATED,ESTABLISHED tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere           state NEW,RELATED,ESTABLISHED tcp dpt:8767
ACCEPT     tcp  --  anywhere             anywhere           state NEW,RELATED,ESTABLISHED tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere           state NEW,RELATED,ESTABLISHED tcp dpt:pop3
ACCEPT     tcp  --  anywhere             anywhere           state NEW,RELATED,ESTABLISHED tcp dpt:rsync
ACCEPT     tcp  --  anywhere             anywhere           state NEW,RELATED,ESTABLISHED tcp dpt:smtp
reject_func  tcp  --  anywhere             anywhere           tcp dpt:ident flags:SYN,RST,ACK/SYN
LOG        tcp  --  anywhere             anywhere           tcp dpt:domain flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP
 '
DROP       tcp  --  anywhere             anywhere           tcp dpt:domain flags:SYN,RST,ACK/SYN
LOG        tcp  --  anywhere             anywhere           tcp dpt:sunrpc flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP
 '
DROP       tcp  --  anywhere             anywhere           tcp dpt:sunrpc flags:SYN,RST,ACK/SYN
LOG        tcp  --  anywhere             anywhere           tcp dpt:22223 flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP
'
DROP       tcp  --  anywhere             anywhere           tcp dpt:22223 flags:SYN,RST,ACK/SYN
ACCEPT     tcp  --  anywhere             anywhere           state RELATED,ESTABLISHED tcp dpts:1024:65535
ACCEPT     tcp  --  anywhere             anywhere           state ESTABLISHED tcp dpts:ipcserver:65535 flags:!SYN,RST,ACK/SYN
ACCEPT     tcp  --  anywhere             anywhere           state ESTABLISHED tcp dpt:ftp-data flags:!SYN,RST,ACK/SYN
ACCEPT     udp  --  rns30.rl.b.rz-ip.net  anywhere           state NEW,RELATED,ESTABLISHED udp spt:domain dpts:1024:65535
ACCEPT     udp  --  rns20.rl.b.rz-ip.net  anywhere           state NEW,RELATED,ESTABLISHED udp spt:domain dpts:1024:65535
DROP       udp  --  anywhere             anywhere           udp dpt:domain
DROP       udp  --  anywhere             anywhere           udp dpt:domain
DROP       udp  --  anywhere             anywhere           udp dpt:domain
DROP       udp  --  anywhere             anywhere           udp dpt:bootpc
DROP       udp  --  anywhere             anywhere           udp dpt:sunrpc
DROP       udp  --  anywhere             anywhere           udp dpt:sunrpc
DROP       udp  --  anywhere             anywhere           udp dpt:22223
ACCEPT     udp  --  anywhere             anywhere           state NEW,RELATED,ESTABLISHED udp dpts:1024:65535
LOG        tcp  --  anywhere             anywhere           tcp flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG        icmp --  anywhere             anywhere           icmp source-quench LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG        icmp --  anywhere             anywhere           icmp redirect LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG        icmp --  anywhere             anywhere           icmp echo-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG        icmp --  anywhere             anywhere           icmp timestamp-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG        icmp --  anywhere             anywhere           icmp address-mask-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG        udp  --  anywhere             anywhere           LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG        all  --  anywhere             anywhere           state INVALID LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT-INVALID '
DROP       all  --  anywhere             anywhere

Chain input_int (0 references)
target     prot opt source               destination
LOG        all  --  h622498.serverkompetenz.net  anywhere           LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ANTI-SPOOF-iint '
DROP       all  --  h622498.serverkompetenz.net  anywhere
ACCEPT     icmp --  anywhere             anywhere           icmp echo-request
ACCEPT     icmp --  anywhere             anywhere           state RELATED,ESTABLISHED icmp echo-reply
ACCEPT     icmp --  anywhere             anywhere           state RELATED,ESTABLISHED icmp destination-unreachable
ACCEPT     icmp --  anywhere             anywhere           state RELATED,ESTABLISHED icmp time-exceeded
ACCEPT     icmp --  anywhere             anywhere           state RELATED,ESTABLISHED icmp parameter-problem
ACCEPT     icmp --  anywhere             anywhere           state RELATED,ESTABLISHED icmp timestamp-reply
ACCEPT     icmp --  anywhere             anywhere           state RELATED,ESTABLISHED icmp address-mask-reply
LOG        icmp --  anywhere             anywhere           icmp redirect LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG        icmp --  anywhere             anywhere           icmp source-quench LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG        icmp --  anywhere             anywhere           icmp timestamp-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG        icmp --  anywhere             anywhere           icmp address-mask-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT
'
LOG        icmp --  anywhere             anywhere           icmp type 2 LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
DROP       icmp --  anywhere             anywhere
reject_func  tcp  --  anywhere             anywhere           tcp dpt:ident flags:SYN,RST,ACK/SYN
LOG        tcp  --  anywhere             anywhere           tcp dpt:ftp flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP '
DROP       tcp  --  anywhere             anywhere           tcp dpt:ftp flags:SYN,RST,ACK/SYN
LOG        tcp  --  anywhere             anywhere           tcp dpt:domain flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP
 '
DROP       tcp  --  anywhere             anywhere           tcp dpt:domain flags:SYN,RST,ACK/SYN
LOG        tcp  --  anywhere             anywhere           tcp dpt:sunrpc flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP
 '
DROP       tcp  --  anywhere             anywhere           tcp dpt:sunrpc flags:SYN,RST,ACK/SYN
LOG        tcp  --  anywhere             anywhere           tcp dpt:mysql flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP
'
DROP       tcp  --  anywhere             anywhere           tcp dpt:mysql flags:SYN,RST,ACK/SYN
LOG        tcp  --  anywhere             anywhere           tcp dpt:ca-idms flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DRO
P '
DROP       tcp  --  anywhere             anywhere           tcp dpt:ca-idms flags:SYN,RST,ACK/SYN
LOG        tcp  --  anywhere             anywhere           tcp dpt:22223 flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP
'
DROP       tcp  --  anywhere             anywhere           tcp dpt:22223 flags:SYN,RST,ACK/SYN
ACCEPT     tcp  --  anywhere             anywhere           state RELATED,ESTABLISHED tcp dpts:1024:65535
ACCEPT     tcp  --  anywhere             anywhere           state ESTABLISHED tcp dpts:ipcserver:65535 flags:!SYN,RST,ACK/SYN
ACCEPT     tcp  --  anywhere             anywhere           state ESTABLISHED tcp dpt:ftp-data flags:!SYN,RST,ACK/SYN
ACCEPT     udp  --  anywhere             anywhere           state NEW,RELATED,ESTABLISHED udp dpt:filenet-tms
ACCEPT     udp  --  anywhere             anywhere           state NEW,RELATED,ESTABLISHED udp dpt:filenet-rpc
ACCEPT     udp  --  rns30.rl.b.rz-ip.net  anywhere           state NEW,RELATED,ESTABLISHED udp spt:domain dpts:1024:65535
ACCEPT     udp  --  rns20.rl.b.rz-ip.net  anywhere           state NEW,RELATED,ESTABLISHED udp spt:domain dpts:1024:65535
DROP       udp  --  anywhere             anywhere           udp dpt:fsp
DROP       udp  --  anywhere             anywhere           udp dpt:domain
DROP       udp  --  anywhere             anywhere           udp dpt:domain
DROP       udp  --  anywhere             anywhere           udp dpt:bootpc
DROP       udp  --  anywhere             anywhere           udp dpt:sunrpc
DROP       udp  --  anywhere             anywhere           udp dpt:sunrpc
DROP       udp  --  anywhere             anywhere           udp dpt:mysql
DROP       udp  --  anywhere             anywhere           udp dpt:ca-idms
DROP       udp  --  anywhere             anywhere           udp dpt:22223
ACCEPT     udp  --  anywhere             anywhere           state NEW,RELATED,ESTABLISHED udp dpts:1024:65535
LOG        tcp  --  anywhere             anywhere           tcp flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG        icmp --  anywhere             anywhere           icmp source-quench LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG        icmp --  anywhere             anywhere           icmp redirect LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG        icmp --  anywhere             anywhere           icmp echo-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG        icmp --  anywhere             anywhere           icmp timestamp-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG        icmp --  anywhere             anywhere           icmp address-mask-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG        udp  --  anywhere             anywhere           LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG        all  --  anywhere             anywhere           state INVALID LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT-INVALID '
DROP       all  --  anywhere             anywhere

Chain reject_func (3 references)
target     prot opt source               destination
REJECT     tcp  --  anywhere             anywhere           reject-with tcp-reset
REJECT     udp  --  anywhere             anywhere           reject-with icmp-port-unreachable
REJECT     all  --  anywhere             anywhere           reject-with icmp-proto-unreachable

Das alles was er mir ausgespuckt hat, ich komme leider damit nicht klar.

marneus · Jul 31, 2006

Hm eigenartig. Der Port wird richtig freigegeben, bin allerdings auch kein iptables Experte.

Code:

ACCEPT     tcp  --  anywhere             anywhere           state NEW,RELATED,ESTABLISHED tcp dpt:8767

Toffel · Jul 31, 2006

und kann ich noch irgendetwas tun?
weil wenn man sie abschaltet funkt es ja, vielleicht gibt es ne anderes problem, andere config

na ja danke dir!

marneus · Jul 31, 2006

Hm, was Du probehalber machen könntest, wäre folgendes:

- Löschen aller FW-Regeln

Code:

iptables --flush

- Yast starten und Regeln neu anlegen

Toffel · Jul 31, 2006

Hallo,

nun funkt alles, server ist zwar bei iptables --flush angestürtzt aber na ja es funkt jetzt.

Danke und bis bald Toffel.

SuSe · Aug 3, 2006

oO da hätte man auch gleich die Firewall abstellen können :-D.
Wer macht sich da noch die Mühe wieder neue Regeln aufzustellen.
oO okay wenn es um die Sicherheit geht dann macht man sich schonmal die Mühe ^^.

HornOx · Aug 3, 2006

marneus said:
- Löschen aller FW-Regeln

Damit sperrt man sich selbst aus wenn die default policy DROP ist (was bei Toffel der Fall ist). Einfach nur irgendwelche Sachen die ein Unbekannter in Forum vorgeschlagen hat blind in die root konsole einzugeben kann gefährlich sein

Sinepp · Aug 4, 2006

ja, aber für thread leser witzig.

rm -rf /*

Port offen - Firewall blockt

Toffel

Registered User

marneus

Registered User

Toffel

Registered User

marneus

Registered User

Toffel

Registered User

marneus

Registered User

Toffel

Registered User

marneus

Registered User

Toffel

Registered User

SuSe

Registered User

HornOx

Registered User

Sinepp

Registered User

We value your privacy