richard lyons wrote:
On Monday 21 June 2004 11:42, John Summerfield wrote:
richard lyons wrote:
I must be in an exceptionally dim mood today. I just noticed thatSounds ideal to me. Are you running any firewall setup on the laptop?
my laptop, on which I am writing this, is not accessible from other
boxes on the network. Ping, nfs, cups are all failing to connect. Must be
I did not think I was...
[...]
If this command returns a list of machines, your DNS setup is
working: host www.ibm.com
$ host www.ibm.com
-bash: host: command not found
But it must be working, as I can browse the web and ping out to the network. That is a red herring (though I wish I had dig - perhaps I need to install bind to get it.)
I perfer the host command for most things: dig's report takes me a week to decifer!
This will install a host command:
apt-get -uy install bind9-host
I can`t at the moment think what to look for next -- quick hintNot being able to ping your box can be annoying when you're trying to
anyone?
diagnose connectivity probs. What does this produce:
iptables -L
My output is hugely long. Each of the sections Chain INPUT, FORWARD and OUTPUT have `(policy DROP)`, followed by many other lines. I have never configured a firewall on this computer as the network is behind a firewall. (Accepting that that may not be a good policy). Just the same, I assume this is the problem, as I do get about 150 lines of printout from iptables -L. Can I just turn this off somehow?
It's the _reason _ people can't ping you etc. Whether it's a _problem_ is a management issue. I'm coming to the opinion _every_ box on a LAN should run its own firewall software so as to slow down any intruders who breach your firewall.
Remember that one way to breach a firewall is to send some email to a Windows box on the LAN. There's always another unpatched vulnerability.
I see two alternatives. I'll assume that you have some firewall package installed and setup.If it is _not_ like this, then that's re reason: Dolphin:~# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination
Chain FORWARD (policy ACCEPT) target prot opt source destination
Chain OUTPUT (policy ACCEPT) target prot opt source destination Dolphin:~#
It seems to me you have an unexpectedly secure firewall setup:-)
Evidently. :-(
Is that half a day of learning, or can I slip out by some cheat?
1. Discover how to disable it. Likely there's a symlink in /etc/rc2.d that has some relevance.
2. Remove it. Probably there's a part of it in /etc/init.d that you might spot. Go through the contents of that directory and learn what everything there is.
3. I can't count:-) Identify the package and configure it to grant the access you want.
I prefer the third. Mr Bracegirdle's approach has some merit.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
