Networking :: UFW Blocking Synergy - Port 24800 Fully Open?
Feb 22, 2011
I'm having an issue with ufw and Synergy. I'm trying to run my Xubuntu 10.10 desktop as a server, and my Xubuntu 10.10 laptop as a client. I can do this just fine as long as I either: Have ufw enabled on my client but disabled on my server Have ufw disabled on both my client and my server I have no custom rules added to iptables on my client. On my server, however, I have tried the following rules:
$ ufw allow from 192.168.0.0/24 to any port 24800 $ ufw allow from 192.168.0.0/24
Neither of these configurations works. ufw on my server seems to block my client's requests regardless of having port 24800 fully open from any local connection, or just flat-out fully allowing any incoming local connection. I'm not sure why ufw seems to be ignoring the rules I'm creating, but as it stands right now, the only way I can connect the two is if I have ufw on my server disabled. And I have tried to ping the two machines; each machine can ping the other, even if ufw is running on both.
And I can ping the router, as well, from both machines. Any ideas on where to go from here to troubleshoot? I should probably also add that I am using the same configuration file that I do on vanilla Ubuntu (with updated host names, of course), and I have no problems in Ubuntu. This seems to be specific to ufw and my Xubuntu desktop. I can paste the code for my server's configuration file, if desired.
I think port 24800 is firewalled in my linux machine. i tried synergy to sue as a server in linux and doesnt work. i tried from the windows computer and works!
So... I telnet (from linux) to an address: telnet 192.168.0.1 24800 and the time is out (so a firewall is blocking this port).
My simple question: How do I open this port so i can get the synergy server in my linux box?
In order to connect to the internet when i am at work i have to use a proxy server; the problem is that this proxy also blocks port xxxxx which is used by a internet radio station. Is there any way to be able to listen to that radio station?
I am currently having problems with my server. Its being DDOSed. I have a vps with Centos 64bit. The attack I want to block is udp flood. I was trying to do something like this: iptables -I INPUT -p udp --dport 123 -m limit --limit 40/s -j DROP but instead of blocking certain hosts it blocks the whole port and during the attack its unreachable. How to limit packets per host or any other way to protect from udp flood.
My ISP (Cox) is blocking port 80 and I would like to know if there is a way to open it again. I am to taking about 8080, 8000 or 81 I want to use 80 so I can host my website and every one can access it without the need to put [url]:[PORT] at the URL
So first off, it probably seems this question has been asked thousands of times before. but I did do a search, mostly archived posts that ended up being something other than a true ip blocking of the port. [URL]..
So my port 80 is truly blocked. Ive tried setting up the port forwarding on my router, Ive tried manually allowing all traffic on port 80 through ip tables. Ive even dabbled with setting up something like openDNS to see So far nothing, Im only available on my local network.
There has to be some way to do a redirect though. even something as simple as an htaccess file redirecting [URL].. xxxx (the space is there to avoid my url being interrupted by a smiley
I have Ubuntu Server (x64) installed on my box with Apache2 and Squid. For awahile port 80 (http) was fine, I could update packages and use wget. Then one random day port 80 became blocked for incoming traffic. I couldn't use apt-get and had to change to an ftp mirror to update. Also wget is not working.
I have cloned an embedded system that runs Opensuse 11 x86 using dd. The embedded system uses a simple serial device, by writing to the relevant device file (/dev/ttyS2, usually). Curiously, when I write to the same serial device on the newly cloned system (which, incidentally, has almost identical hardware), thusly:
echo hello > /dev/ttyS2 the command blocks for up to a minute, before finally returning without making the hardware do anything. I can boot into Opensuse's rescue system on the clone and successfully do exactly the same thing, as I can when I boot the original's "identical" operating system. Why might this problem occur? What can I do about it?
I am currently running Debian 6. I would like to know if there is a way and how i would go about blocking a certain IP range from connecting to my server within a certain port range. Say for example.
i want to block ip range 123.123.123.* from connecting to my server on the ports 33000 - 43000. But, i want to allow them to connect on any other port range, and i want to be able to allow connections from my server to the blocked ip range on those same ports. so, blocking incoming only on the above port range.
I am at a loss how to prevent Denial of Service attacks to port 25 and not block legitimate connections from 2 Barracuda 800(s) and block smart phones such as iPhones/Blackberrys/iPhones that use the server smtp.server.com for email. Presently for port 25 RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 25 -j ACCEPT
The 2 Barracuda 800(s) make port 25 connections all the time, plus users with smart_phones have the incoming server type: IMAP pop.server.com smtp.server.com
Is there a way to keep Denial of Service attacks from happening with iptables rules without causing blocking to the Barracuda(s) that make constant port 25 connections & smart phones that poll? I was thinking if I allowed the Barracuda(s) in these lines -s (barracuda)24.xx.xx.xx -d (emailserver)24.00.xx.xx -p tcp -m tcp --dport 25 -m state --state NEW -j ACCEPT
Where the source would be the Barracuda going to the email server. It would be allowed, then I am left with how to allow other connections like Smart_Phones that connect via Port 25. I am thinking if I put rules in place doing connection counts in a minute it would result in errors connecting to the server and people would start complaining. Plus any limiting may result in blocking real traffic. Then would I need to allow the ISP range in the above example to accept port 25, I am still left with how to drop a flood/denial of service attack.
I found that I can not use the UDP port on FC 12.I new install one FC 12 , but when I use the next command nmap -sU localhost.I found all udp port has been filtered.I don't know how to open the udp ports . for I need use some udp port.I use iptables , but not working. Why ?
I just installed apache. I didn't change the configuration files at all except add Quote: # added servername to avoid the could not determine fqdn error ServerName myname.homelinux.org to apache2.conf. Apache is working locally (I get the `it's working' screen at [URL]). However, I cannot access my computer from an external computer by going to [URL], which is equivalent to [URL] -- [IP address changed slightly for privacy] Here is a screenshot to my router settings. I disabled the filter for port 80 on the router. here shouldn't be a firewall, unless it's automatically installed with ubuntu 10.4. (sudo ufw status says `inactive'.)
I checked my ports from [URL] and indeed port 22 is open (ssh-ing into my computer externally is not a problem), whereas port 80 is closed. What step in opening up port 80 am I missing? (I also made sure my ISP isn't blocking port 80.)
I would like to test myself if port 5060 is open for UDP packets.
I got a few shell accounts outside of my ISP that run Linux or different BSDs. Does someone know a common program where I could send UDP packets to port 5060 of the IP address that Virginmedia assigns to me and then I would need a program on a PC within my network who reads them _if_ they get through.
Background of all this is that my VOIP phones from two different VOIP providers are offline since last Monday. One service provider confirmed that another VOIP client is online with the same service provider Virginmedia but in a different area.
So, while I don't know how long does it take that someone from Virginmedia can tell me if their port 5060 is open for UDP, I would like to find out myself in the meantime.
I have a problem sending of file attachment using Instant Messengeri have a firewall using firestarter, if i used outside firewall they can able to recieve my file in instant meesenger but if i used firestarter it always cancelled my sending of file attachment....
I am running RHEL 5.3 and attempted to open port 4470 for an application that will use the port. I used the graphical interface to open the port, just as I have for other ports such as 4750.I can telnet to the server with:telnet server 4750
If I try the other port that I'm trying to open:telnet server 4470
I get "Could not open connection to the host, on port 4470: Connect failed."I have restarted the network and iptables services.I have turned off the local firewall and it still did not work.
needing to open a port in ubuntu, then use it for my VirtualBox Pc.My VirtualBox is running - Windows XP I have a router connected to my network - Linksys WRT54G Now lets begin, I have tried opening via there router homepage. But when I go to [URL] and test port 4900 is still says that it is closed.
No matter what I do, i cannot get port 3100 to open. This is for a new MMO i am CBT on. I know it works on windows because that is how I installed it and played. But I prefer being on Linux. Majority of all other MMOs work fine. Just this one has to have udp 3100 open.
The following is a rough output of all the methods I have tried with no success. As you can see I have done some extensive research first before posting here.
Now its become a lil bit of an obsession.
I cannot get the following command to work:
And yes I tried the "spaces" in different places thinking that was the prob. So i cannot see if 3100 is in the list or not
I eventually turned on the firewall "ufw enable" add the port there, and output:
Some references
[url]
Firewall stuff: [url]
I even manually went into the router and turned it on there.
I have an n900 phone and I'm trying to ssh to my desktop but I'm getting an error:
ssh: connect to host 58.xx.xx.xx port 22: Connection refused
I recently started using a router for I wanted to connect to net even with n900. I've tried to open the port from the setup page of the router however it doesn't seem to work. (find below the screenshot of setup page).
I've tried to ssh through slackware I've got as a virtual machine and I have the same problem although I was able to ssh through slackware before I started using the router.
I have a iptable as firewall, I want to open incoming of port 8080 so I use "# Allow forwarding of incoming Port 8080 traffic" but it didn't work? how can I open just incoming of port 8080?
Recently I discovered that we were accidentally running a POP server (port 110), when we only should have been running the encrypted version thereof (port 995). This wouldn't have been a problem if the port was blocked in the first place.Isn't the default iptables setup on CentOS to block unspecified ports? Specifically, this line from /etc/sysconfig/iptables
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
Right? Well, this doesn't seem to be working for me. I added some rules to allow additional ports and commented out a couple (crucially port 110), but for some reason, port 110 is open.Here is /etc/sysconfig/iptables and the output of iptables -L below that:
# cat /etc/sysconfig/iptables # Firewall configuration written by system-config-securitylevel # Manual customization of this file is not recommended. *filter :INPUT ACCEPT [0:0]
[code]....
Why isn't "-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited" doing what I think it should be doing?
Transmission says my port is closed. If I google the problem, it just gives me advice on how to open a port in Windows OS. There's no firewall in Ubuntu 10.10 by default, right? There isn't any router used neither. I'm living in a dorm. I just plug the LAN cable in the box fixed to the wall.
So, I've installed and configured OpenVPN on Ubuntu server 10.04, but I can't connect to it. When i try connecting from another ubuntu machine it's "connection attempt timed out" and i can't seem to fix it. I think the problem is that port 1194 (which i've configured openvpn to use) isn't open. I've created iptables rules,Here are the rules:
I am trying to make a vnc connection from pc #2 to pc #1. Pc #1 is a debian pc behind a zyxel router (P-2602HW-D1A). Pc #2 is a windows xp pc another place at the internet.I have configured the zyxel router to forward incomming trafic on port 5902 to the local ip-adress of the debian box. The debian box is running a vnc server, listening on port 5902.But i dosn?t work.I have tryed to scan the zyxel routers ipadress on port 5902 from the internet, but the scanner says that the port is closed.The vnc server on pc #1 is working fine on the local network. I can connect to the server from a pc on the same side of the zyxel router.Is it deffenitly a router problem, or could it have something to do with debians own firewall?
I've been working and researching this for about a week now and I still haven't had any luck. Basically, I have been trying to open port 3306 to allow connections to my MySql server.
i've added the rule into iptables, saved and restarted that i've added the rule into my router. and I have removed "skip-networking" from the my.cnf file and added the blind address in, I'm trying to get this all to work on my LAN, but it doesn't seem to work, I've also restarted the entire server and then port scanned it from outside and inside the networking and it still tells me that 3306 is closed.
I did however i had some luck when I entered the Ip of the machine that would be sending data to the server but then PROFTPD stopped working and the port was open :/ im not really sure what ip should be in there but another thread from another forum said to enter the ip of the machine that mysql is installed on. so currently its 192.168.0.2 which is the static internal address of the server.
every machine on the network has a static ip and all the rules have been added to each firewall, i.e. server and router firewalls.
ill pop my "my.cnf" under this to see if anyone can find a mistake,
Code: # This will be passed to all mysql clients # It has been reported that passwords should be enclosed with ticks/quotes # escpecially if they contain "#" chars... # Remember to edit /etc/mysql/debian.cnf when changing the socket location.
