Results 1 to 3 of 3
I am trying to open port UTP514 to allow my router to send it's syslog to my server. I have made all the necessary changes to the files, but it ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 07-03-2007 #1
- Join Date
- Jun 2007
I have made all the necessary changes to the files, but it is not working. Doing a por scan, I can see that the port is not open yet.
I am unsure of the linux flavour I have - this is the result of the uname.
Linux COMPAQ 2.2.20-idepci #1 Sat Apr 20 12:45:19 EST 2002 i686 GNU/Linux
Date is obviously incorrect!
I have tried using this command: iptables -I INPUT -p udp --dport 514 -j ACCEPT
This retruns this error:
modprobe: Can't locate module ip_tables
iptables v1.2.11: can't initialize iptables table `filter': iptables who? (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
I then tried this: ipchains -I input 1 -p udp -d 0/0 514 -j ACCEPT
This returned this error: ipchains: Protocol not available
Also tried this with no luck : ipfwadm -I -i accept -D <Your_server's_IP> 514 -P udp
Any info would be great. I think my system may be hugely outdated, and it is due to upgraded at some point, but for now I would like to get this working.
I have no direct access to the server, only root access via SFTP and PuTTy.
Thanks for any pointers.
- 07-03-2007 #2
Port scanning on UDP ports may give you pseudo results.
Use packet analyzers (tcpdump, ethereal) on the router to ensure that you get some packets on UDP port 514.
To run iptables, you need the modules to be loaded. It is clear that the firewall is not blocking any ports (since iptables modules are not loaded).
Double check using packet analyzers that you see some packets on the external and loopback interfaces.---------------------------------
Registered Linux User #440311
HI2ARUN _AT_ GMAIL _DOT_ COM
- 07-03-2007 #3
- Join Date
- Jun 2007
I have no idea how to install tcpdump on the linux machine, so I set up a VPN between the two sites.
I then used the windows based ethereal to examine incoming packets to my local machine.
I set my local router (identical to the remote one) to send the syslog on udp514 to my machine, and can see the packets arrive.
I then set the remote router to send the same to my local machine, but the packets do not arrive. I think this is possibly as udp packets are lost on the VPN?
Is there an easy way to see if the remote router is sending out the packets? I have no reason to think it isn't - I have set it up exactly the same as the one I have at the local end.
Thanks for the help!