Find the answer to your Linux question:
Page 2 of 2 FirstFirst 1 2
Results 11 to 18 of 18
For the INPUT and PREROUTE to work the firewall needs to be started. Is the firewall running? If not please start it. Can you post your firewall rules? If not ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #11
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677

    For the INPUT and PREROUTE to work the firewall needs to be started. Is the firewall running? If not please start it. Can you post your firewall rules? If not can you PM me the rules to take a look?

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  2. #12
    Just Joined!
    Join Date
    Nov 2008
    Posts
    9
    I am not sure which app is the firewall. This is something other than iptables? Do you mean something like Firestarter?
    I have not done anything with the firewall including create an rules.
    Where would I start the firewall?

    Thanks!!

  3. #13
    Linux Engineer Kloschüssel's Avatar
    Join Date
    Oct 2005
    Location
    Italy
    Posts
    773
    firewall = iptables

    Code:
    /etc/init.d/iptables start|stop|restart|reload

  4. $spacer_open
    $spacer_close
  5. #14
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    You can use
    Code:
    iptables -L
    to check if it has been started. If the Firewall is started then you will get a list of rules.
    Something like this;
    Code:
    #  /sbin/iptables -L
    Chain INPUT (policy DROP)
    target     prot opt source               destination
    ACCEPT     all  --  anywhere             anywhere
    ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ssh
    ACCEPT     udp  --  anywhere             anywhere            state NEW udp dpt:tftp
    DROP       all  --  anywhere             anywhere
    
    Chain FORWARD (policy DROP)
    target     prot opt source               destination
    
    Chain OUTPUT (policy ACCEPT)
    target     prot opt source               destination
    If you don't get anything the you need to start the firewall with
    Code:
    /etc/init.d/iptables start
    .

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  6. #15
    Just Joined!
    Join Date
    Nov 2008
    Posts
    9
    iptables starts automatically. Actually, I don't even see an iptables script within /etc/init.d. System is ubuntu 10.04 lucid.

    Here's the iptables content:

    iptables -t nat -n -L
    Chain PREROUTING (policy ACCEPT)
    target prot opt source destination

    Chain POSTROUTING (policy ACCEPT)
    target prot opt source destination
    MASQUERADE all -- 0.0.0.0/0 0.0.0.0/0

    Chain OUTPUT (policy ACCEPT)
    target prot opt source destination
    DNAT all -- 0.0.0.0/0 192.168.40.55 to:192.168.40.1

    The filter, mangle, and raw tables are all empty.
    With the above two settings in the nat table, I can log into and configure the router which is physically located at 192.168.40.1 by typing 192.168.40.55 into Firefox. However, the registration from asterisk will only work if I send it to 192.168.40.1. It will not register if the destination is 192.168.40.55. This is surprising. When I looked at the traffic detail in wireshark, I could not find any difference (at least with my ability) between the traffic when destination is 192.168.40.1 versus 192.168.40.55.

    Thanks!!

  7. #16
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    How many interfaces on this machine where you got the rules from?

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  8. #17
    Just Joined!
    Join Date
    Nov 2008
    Posts
    9
    I have been using 3 but will add another 1 or 2. I am flexible as to the number of interfaces that I can add.
    Thanks

  9. #18
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    Quote Originally Posted by bsgcic View Post
    I can log into and configure the router which is physically located at 192.168.40.1 by typing 192.168.40.55 into Firefox. However, the registration from asterisk will only work if I send it to 192.168.40.1. It will not register if the destination is 192.168.40.55.
    This sounds like a configuration issue like the system isn't listening on all ip addresses or at least the once required.

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

Page 2 of 2 FirstFirst 1 2

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •