Package: arno-iptables-firewall Version: 2.0.0.c-1 Severity: normal Dear Maintainer,
I have discovered that arno is blocking rpc services to my internal network, which makes it hard to network boot clients. ;) A friend of mine has created a script to fix this: https://gitorious.org/fai-cd-configs/fai-cd-configs/blobs/raw/master/files/usr/share/arno-iptables-firewall/plugins/90rpc.plugin/DEFAULT Thanks, Julia Longtin *** Please consider answering these questions, where appropriate *** * What led up to the situation? * What exactly did you do (or not do) that was effective (or ineffective)? * What was the outcome of this action? * What outcome did you expect instead? *** End of the template - remove these lines *** -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable') Architecture: i386 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=locale: Cannot set LC_CTYPE to default locale: No such file or directory locale: Cannot set LC_MESSAGES to default locale: No such file or directory locale: Cannot set LC_ALL to default locale: No such file or directory ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/dash Versions of packages arno-iptables-firewall depends on: ii debconf [debconf-2.0] 1.5.41 ii gawk 1:3.1.8+dfsg-0.1 ii iproute 20111117-1 ii iptables 1.4.12-1 Versions of packages arno-iptables-firewall recommends: ii dnsutils 1:9.8.1.dfsg-1.1 ii lynx 2.8.8dev.9-2 ii rsyslog 5.8.6-1 arno-iptables-firewall suggests no packages. -- Configuration Files: /etc/arno-iptables-firewall/firewall.conf changed: EXT_IF="$DC_EXT_IF" EXT_IF_DHCP_IP=$DC_EXT_IF_DHCP_IP EXTERNAL_DHCP_SERVER=0 EXTERNAL_DHCPV6_SERVER=0 INT_IF="$DC_INT_IF" INTERNAL_NET="$DC_INTERNAL_NET" INTERNAL_NET_ANTISPOOF=1 DMZ_IF="" DMZ_NET="" DMZ_NET_ANTISPOOF=1 NAT=$DC_NAT NAT_INTERNAL_NET="$DC_NAT_INTERNAL_NET" NAT_LOCAL_REDIRECT=1 NAT_FORWARD_TCP="~8888>10.100.0.117~80 ~8889>10.100.0.88~80 ~8890>10.100.0.40~80 ~8891>10.100.0.58~80 ~8892>10.100.0.100~80 ~8893>10.100.0.20~80 ~2280>10.100.0.44~22 ~2281>10.100.0.75~22 ~8333>10.100.0.95~8333" NAT_FORWARD_UDP="" NAT_FORWARD_IP="" INET_FORWARD_TCP="" INET_FORWARD_UDP="" INET_FORWARD_IP="" IP4TABLES="/sbin/iptables" IP6TABLES="/sbin/ip6tables" ENV_FILE="/usr/share/arno-iptables-firewall/environment" PLUGIN_BIN_PATH="/usr/share/arno-iptables-firewall/plugins" PLUGIN_CONF_PATH="/etc/arno-iptables-firewall/plugins" DMESG_PANIC_ONLY=1 MANGLE_TOS=1 SET_MSS=1 TTL_INC=0 RESOLV_IPS=0 DNS_FAST_FAIL=0 USE_IRC=0 LOOSE_FORWARD=0 FORWARD_LINK_LOCAL=0 DROP_PRIVATE_ADDRESSES=0 DRDOS_PROTECT=0 IPV6_SUPPORT=0 NMB_BROADCAST_FIX=0 COMPILED_IN_KERNEL_MESSAGES=1 DEFAULT_POLICY_DROP=1 TRUSTED_IF="" IF_TRUSTS="" CUSTOM_RULES="/etc/arno-iptables-firewall/custom-rules" LOCAL_CONFIG_FILE="" DISABLE_IPTABLES_BATCH=0 TRACE=0 BLOCKED_HOST_LOG=1 SCAN_LOG=1 POSSIBLE_SCAN_LOG=1 BAD_FLAGS_LOG=1 INVALID_TCP_LOG=0 INVALID_UDP_LOG=0 INVALID_ICMP_LOG=0 RESERVED_NET_LOG=0 FRAG_LOG=1 INET_OUTPUT_DENY_LOG=1 LAN_OUTPUT_DENY_LOG=1 LAN_INPUT_DENY_LOG=1 DMZ_OUTPUT_DENY_LOG=1 DMZ_INPUT_DENY_LOG=1 FORWARD_DROP_LOG=1 LINK_LOCAL_DROP_LOG=1 ICMP_REQUEST_LOG=1 ICMP_OTHER_LOG=1 PRIV_TCP_LOG=1 PRIV_UDP_LOG=1 UNPRIV_TCP_LOG=1 UNPRIV_UDP_LOG=1 IGMP_LOG=1 OTHER_IP_LOG=1 ICMP_FLOOD_LOG=1 FIREWALL_LOG="/var/log/arno-iptables-firewall" LOGLEVEL="info" LOG_HOST_INPUT_TCP="" LOG_HOST_INPUT_UDP="" LOG_HOST_INPUT_IP="" LOG_HOST_OUTPUT_TCP="" LOG_HOST_OUTPUT_UDP="" LOG_HOST_OUTPUT_IP="" LOG_INPUT_TCP="" LOG_INPUT_UDP="" LOG_INPUT_IP="" LOG_OUTPUT_TCP="" LOG_OUTPUT_UDP="" LOG_OUTPUT_IP="" LOG_HOST_INPUT="" LOG_HOST_OUTPUT="" SYN_PROT=1 REDUCE_DOS_ABILITY=1 ECHO_IGNORE=0 LOG_MARTIANS=1 IP_FORWARDING=1 IPV6_AUTO_CONFIGURATION=1 ICMP_REDIRECT=0 CONNTRACK=16384 ECN=0 RP_FILTER=1 SOURCE_ROUTE_PROTECTION=1 LOCAL_PORT_RANGE="32768 61000" DEFAULT_TTL=64 NO_PMTU_DISCOVERY=0 LAN_OPEN_ICMP=1 LAN_OPEN_TCP="21 22 80 1234" LAN_OPEN_UDP="53 67 69" LAN_OPEN_IP="" LAN_DENY_TCP="" LAN_DENY_UDP="" LAN_DENY_IP="" LAN_HOST_OPEN_TCP="" LAN_HOST_OPEN_UDP="" LAN_HOST_OPEN_IP="" LAN_HOST_DENY_TCP="" LAN_HOST_DENY_UDP="" LAN_HOST_DENY_IP="" LAN_INET_OPEN_ICMP=1 LAN_INET_OPEN_TCP="" LAN_INET_OPEN_UDP="" LAN_INET_OPEN_IP="" LAN_INET_DENY_TCP="" LAN_INET_DENY_UDP="" LAN_INET_DENY_IP="" LAN_INET_HOST_OPEN_TCP="" LAN_INET_HOST_OPEN_UDP="" LAN_INET_HOST_OPEN_IP="" LAN_INET_HOST_DENY_TCP="" LAN_INET_HOST_DENY_UDP="" LAN_INET_HOST_DENY_IP="" DMZ_OPEN_ICMP=1 DMZ_OPEN_TCP="" DMZ_OPEN_UDP="" DMZ_OPEN_IP="" DMZ_HOST_OPEN_TCP="" DMZ_HOST_OPEN_UDP="" DMZ_HOST_OPEN_IP="" INET_DMZ_OPEN_ICMP=0 INET_DMZ_OPEN_TCP="" INET_DMZ_OPEN_UDP="" INET_DMZ_OPEN_IP="" INET_DMZ_DENY_TCP="" INET_DMZ_DENY_UDP="" INET_DMZ_DENY_IP="" INET_DMZ_HOST_OPEN_TCP="" INET_DMZ_HOST_OPEN_UDP="" INET_DMZ_HOST_OPEN_IP="" INET_DMZ_HOST_DENY_TCP="" INET_DMZ_HOST_DENY_UDP="" INET_DMZ_HOST_DENY_IP="" DMZ_INET_OPEN_ICMP=1 DMZ_INET_OPEN_TCP="" DMZ_INET_OPEN_UDP="" DMZ_INET_OPEN_IP="" DMZ_INET_DENY_TCP="" DMZ_INET_DENY_UDP="" DMZ_INET_DENY_IP="" DMZ_INET_HOST_OPEN_TCP="" DMZ_INET_HOST_OPEN_UDP="" DMZ_INET_HOST_OPEN_IP="" DMZ_INET_HOST_DENY_TCP="" DMZ_INET_HOST_DENY_UDP="" DMZ_INET_HOST_DENY_IP="" DMZ_LAN_OPEN_ICMP=0 DMZ_LAN_HOST_OPEN_TCP="" DMZ_LAN_HOST_OPEN_UDP="" DMZ_LAN_HOST_OPEN_IP="" FULL_ACCESS_HOSTS="" BROADCAST_TCP_NOLOG="" HOST_OPEN_TCP="" HOST_OPEN_UDP="" HOST_OPEN_IP="" HOST_OPEN_ICMP="" HOST_DENY_TCP="" HOST_DENY_UDP="" HOST_DENY_IP="" HOST_DENY_ICMP="" HOST_DENY_TCP_NOLOG="" HOST_DENY_UDP_NOLOG="" HOST_DENY_IP_NOLOG="" HOST_DENY_ICMP_NOLOG="" HOST_REJECT_TCP="" HOST_REJECT_UDP="" HOST_REJECT_TCP_NOLOG="" HOST_REJECT_UDP_NOLOG="" DENY_TCP_OUTPUT="" DENY_UDP_OUTPUT="" DENY_IP_OUTPUT="" HOST_DENY_TCP_OUTPUT="" HOST_DENY_UDP_OUTPUT="" HOST_DENY_IP_OUTPUT="" OPEN_ICMP=$DC_OPEN_ICMP OPEN_ICMPV6=1 OPEN_TCP="$DC_OPEN_TCP" OPEN_UDP="$DC_OPEN_UDP" OPEN_IP="" DENY_TCP="" DENY_UDP="" DENY_TCP_NOLOG="" DENY_UDP_NOLOG="" REJECT_TCP="" REJECT_UDP="" REJECT_TCP_NOLOG="" REJECT_UDP_NOLOG="" BLOCK_HOSTS="" BLOCK_HOSTS_BIDIRECTIONAL=1 -- debconf information: perl: warning: Setting locale failed. perl: warning: Please check that your locale settings: LANGUAGE = (unset), LC_ALL = (unset), LANG = "en_GB.UTF-8" are supported and installed on your system. perl: warning: Falling back to the standard locale ("C"). locale: Cannot set LC_CTYPE to default locale: No such file or directory locale: Cannot set LC_MESSAGES to default locale: No such file or directory locale: Cannot set LC_ALL to default locale: No such file or directory * arno-iptables-firewall/config-int-nat-net: 10.100.0/24 172.16.0/24 * arno-iptables-firewall/dynamic-ip: true * arno-iptables-firewall/config-int-net: 10.100.0/24 172.16.0/24 * arno-iptables-firewall/icmp-echo: true * arno-iptables-firewall/services-udp: 53 arno-iptables-firewall/title: * arno-iptables-firewall/config-ext-if: eth0 * arno-iptables-firewall/services-tcp: 22 53 80 * arno-iptables-firewall/restart: true * arno-iptables-firewall/config-int-if: eth1 br0 * arno-iptables-firewall/nat: true * arno-iptables-firewall/debconf-wanted: true -- debsums errors found: perl: warning: Setting locale failed. perl: warning: Please check that your locale settings: LANGUAGE = (unset), LC_ALL = (unset), LANG = "en_GB.UTF-8" are supported and installed on your system. perl: warning: Falling back to the standard locale ("C"). ----- End forwarded message ----- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
