Find the answer to your Linux question:
Results 1 to 3 of 3
I want to install tigervnc server on a remote server, by following this article: zeusville.wordpress.com/2012/01/27/setting-up-vncserver-on-fedora- after Code: sudo vi /etc/sysconfig/iptables Add this to the file: Code: -A INPUT -p tcp ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    May 2012
    Posts
    85

    job fails for "restart iptables"


    I want to install tigervnc server on a remote server, by following this article:
    zeusville.wordpress.com/2012/01/27/setting-up-vncserver-on-fedora-

    after
    Code:
    sudo vi /etc/sysconfig/iptables
    Add this to the file:
    Code:
    -A INPUT -p tcp -m state --state NEW -m tcp --dport 5903 -j ACCEPT
    then restart iptables
    Code:
    sudo systemctl restart iptables.service
    Job failed. See system logs and 'systemctl status' for details.
    job failed, I checked the system logs
    Code:
    Oct  8 00:13:49 canard iptables.init[4178]: iptables: Applying firewall rules: iptables-restore: line 1 failed
    Oct  8 00:13:49 canard iptables.init[4178]: [FAILED]
    Oct  8 00:13:49 canard systemd[1]: iptables.service: main process exited, code=exited, status=1
    Oct  8 00:13:49 canard systemd[1]: Unit iptables.service entered failed state.
    Oct  8 00:15:11 canard avahi-daemon[951]: Invalid response packet from host 138.96.198.100.
    how to deal with this?
    thanks

  2. #2
    Trusted Penguin
    Join Date
    May 2011
    Posts
    4,353
    Hi,

    You may want to just trying adding the rule to the running iptables configuration, to see if it works, before writing it to the config file, e.g.:

    Code:
    systemctl stop iptables.service
    systemctl start iptables.service
    iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 5903 -j ACCEPT
    if you are happy, then write it to a config file, e.g.:

    Code:
    iptables-save > /etc/sysconfig/iptables
    but make a backup first.

    Edit: I forgot - if that doesn't work (or even if it does), you can post the entire contents of /etc/sysconfig/iptables file
    Last edited by atreyu; 10-08-2012 at 02:50 AM. Reason: /etc/sysconfig/iptables

  3. #3
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    One thing to keep in mind is the '-A' appends the rule to the end of the chain. If there are any rules above this that effect the packet are it travels down the chain, i.e., DROP then the packet will never reach this chain.

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •