Hi Lee and Martin,
despite I agree that there are several utilities/scripts to handle iptables
rules, the fastest way to get protected again is to edit manually the file in
/etc/sysconfig/iptables (used by default on CentOS by the iptables service).
To have a really simple rule which will allow traffic to CouchDB (which I
assume will run on the default port) is to add the following in the INPUT chain
(before any -j REJECT).
-A INPUT -p tcp --dport 5984 -j ACCEPT
and restart the iptables service (do something similar for the ipv6
files/service if needed).
This is a really basic rule which will allow you to reach CouchDB from any
IP/network/interface.
If you want to restrict access from somewhere specific and you need help, don't
hesitate to write back :)
Cheers, Elisiano
On Jul 10, 2012, at 4:55 PM, Martin Hewitt wrote:
> Lee,
>
> When you need to restart iptables (sooner the better!) I've found csf
> (http://configserver.com/cp/csf.html) to be a nice, quick way of configuring
> it, as you just open the conf file (/etc/csf/csf.conf) find the TCP_IN line,
> add the CouchDB port and restart (/etc/init.d/csf restart) and it takes care
> of loading and unloading the iptables chains.
>
> Martin
>
> Technical Director
> Thenoi.se
>
> w: http://www.thenoi.se
> Sent with Sparrow (http://www.sparrowmailapp.com/?sig)
>
>
> On Tuesday, 10 July 2012 at 15:44, Lee Burke wrote:
>
>> Martin,
>>
>> You hit it right on, it was iptables. I didn't realize CentOS had iptables
>> running by default.
>> For any others with this issue, I ran these commands:
>> service iptables stop
>> service ip6tables stop.
>>
>> Now that I can access futon, I'll start seeing how this software works.
>>
>> Thanks.
>> Lee
>>
>> ----- Original Message -----
>> From: "Martin Hewitt" <[email protected] (mailto:[email protected])>
>> To: [email protected] (mailto:[email protected])
>> Sent: Monday, July 9, 2012 4:34:54 PM
>> Subject: Re: trouble accessing futon
>>
>> In my experience, that sounds like one of two things:
>>
>> 1. bind_address in local.ini/default.ini being set to 127.0.0.1 instead of
>> 0.0.0.0
>> 2. iptables or similar blocking inbound connections
>>
>> If you've discounted [2], have you tried [1]?
>>
>> Martin
>>
>>
>> On Monday, 9 July 2012 at 23:52, Lee Burke wrote:
>>
>>> Hello,
>>> I'm new to couchdb and have my first installation on CentOS 6 and couchdb
>>> 1.0.3, installed using yum.
>>> Using my Win7 PC and Firefox, I try to access http://hostname:5984/ or
>>> http://hostname:5984/_utils. Neither will respond, Firefox times out with
>>> this message: The connection has timed out. The server at hostname is
>>> taking too long to respond.
>>> On the server, I can run curl http://hostname:5984 and get the
>>> "couchdb":"Welcome" response and also curl -X GET
>>> http://hostname:5984/_all_dbs and get the "_users" response.
>>> On my PC, I've disabled the firewall, but still no luck.
>>>
>>> Any suggestions?
>>> Thanks.
>>>
>>> Lee
>>
>>
>> --
>> Lee Burke
>>
>> ASEG Inc.
>> System Administrator
>> 858-550-0500 x-320
>>
>>
>
>
