> so are you saying that somehow i am blocking these dhcp leasing ports to rr? if > i open these ports on eth0 incoming and outgoing, will that address this? > > vora > <snip> > > i opened 67 and 68. i still see in my logs that udp packets on thse ports are > being blocked. > > also, i found my dhcpcd-eth0.info file. it has incorrect info! it has the wrong > ip address. who is doing this? pump? the last time my net went down, i tried > ifdown/ifup. then, ifconfig. the ipaddress i got was the ip that i now see in > dhcpcd-eth0.info. it is a "martian", apparently. i ended up having to reboot. > > if i want to get rid of "pump", i just remove the rpm? then my system will > auto-configure for dhcpcd? do i need to install dhcpcd? > > i am tail -f ing my /var/log/messages. i see a bunch of messages with > "MAC=00:30:28:..." is that my cable modem?these are packets on port 123. > > zzz... > > vora
Did you open the ports for UDP packets, or just TCP packets? One very useful command I use a lot with iptables is: iptables -L -v -n >iptables.list This will dump the current ruleset (and counts of how many packets have hit each rule since the last time you started iptables), into the file "iptables.list" in your current directory. Take a very careful look at this. I bet you will find your problem. Next, I recommend keeping a script containing all the iptables commands you use to build your complete firewall. Make it executable (chmod 770). And don't forget to include commands to CLEAR ALL EXISTING TABLES AND RULES at the beginning, so you aren't just adding more rules to an OLD set! Plus, you can use script variables to hold repeated values, like your own IP address, network, etc. This way, you can keep track of exactly what is in your firewall ruleset, and it saves LOTS of typing when something goes wrong. (Yes, I know iptables can save & restore rulesets. Great for re-boots once you have a working ruleset. But not as helpful for development.) Kind regards, Jim _______________________________________________ Seawolf-list mailing list [EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/seawolf-list
