You are not logged in.
Hi there,
First of all, sorry for my english .
I've just configured my firewall, but now i can't get pacman working great. Nowatime I can't synchronise, and i can't install anything. So, I think that pacman use port number 80, but iam not sure. I did make some searches but could not find anything on the port used.
So here are my rules :
#!/bin/sh
# Flush and delete all rules
sudo iptables -F
sudo iptables -X
sudo iptables -t nat -F
# Keep connections open
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
##INPUT
# Allow ssh
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
# Allow ping
#iptables -A INPUT -p icmp -j ACCEPT
# Allow HTTP
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp --dport 443 -j ACCEPT
# Allow SMTP & POP
iptables -A INPUT -p tcp --dport 25 -j ACCEPT
iptables -A INPUT -p tcp --dport 993 -j ACCEPT
# Allow NNTPS
iptables -A INPUT -p tcp --dport 563 -j ACCEPT
# Allow JABBER
#iptables -A INPUT -p tcp --dport 5222 -j ACCEPT
#iptables -A INPUT -p tcp --dport 8000 -j ACCEPT
#iptables -A INPUT -p udp --dport 8000 -j ACCEPT
#iptables -A INPUT -p tcp --dport 21 -j ACCEPT
##Default rules
# Block all INPUT & FORWARD
iptables -P INPUT DROP
iptables -P FORWARD DROP
# block all OUTPUT
iptables -P OUTPUT DROP
##LOOPBACK
# Allow loopback
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
##OUTPUT
# Allow FTP, DNS, HTTP, HTTPS
iptables -A OUTPUT -p tcp --dport 20 -j ACCEPT
iptables -A OUTPUT -p tcp --dport 21 -j ACCEPT
iptables -A OUTPUT -p tcp --dport 53 -j ACCEPT
iptables -A OUTPUT -p udp --dport 53 -j ACCEPT
iptables -A OUTPUT -p tcp --dport 80 -j ACCEPT
iptables -A OUTPUT -p tcp --dport 443 -j ACCEPT
iptables -A OUTPUT -p tcp --dport 563 -j ACCEPT
# Allow SMTP, POP & IMAP
iptables -A OUTPUT -p tcp --dport 25 -j ACCEPT
iptables -A OUTPUT -p tcp --dport 110 -j ACCEPT
iptables -A OUTPUT -p tcp --dport 143 -j ACCEPT
# Allow NTP
iptables -A OUTPUT -p tcp --dport 123 -j ACCEPT
iptables -A OUTPUT -p udp --dport 123 -j ACCEPT
# Allow SSH
iptables -A OUTPUT -p tcp --dport 22 -j ACCEPT
iptables -A OUTPUT -p udp --dport 22 -j ACCEPT
# Allow WHOIS
iptables -A OUTPUT -p tcp --dport 43 -j ACCEPT
# Allow USENET
#iptables -A OUTPUT -p tcp --dport 119 -j ACCEPT
#iptables -A OUTPUT -p tcp --dport 8000 -j ACCEPT
#iptables -A OUTPUT -p udp --dport 8000 -j ACCEPT
Can you help me get it working great please?
Thanks a lot friends
Last edited by madnerves (2009-05-06 08:41:18)
Offline
We need to know whether you're syncing to a HTTP or an FTP mirror too... I suppose FTP.
Make sure you have the ip_conntrack_ftp module loaded (kernel module, that is). Restart the firewall, and if you have all the right ports allowed, it should work fine.
Got Leenucks? :: Arch: Power in simplicity :: Get Counted! Registered Linux User #392717 :: Blog thingy
Offline
What is the actual error you get from pacman?
Are you familiar with our Forum Rules, and How To Ask Questions The Smart Way?
BlueHackers // fscanary // resticctl
Offline
And a look at your /etc/pacman.d/mirrorlist would also be nice.
Offline
Damn lool, the problem was that the module ip_conntrack_ftp was not loaded.
Thanks a lot for your help guys, see you soon (or not ) lol
Offline
Add [Solved] to your topic title please .
Got Leenucks? :: Arch: Power in simplicity :: Get Counted! Registered Linux User #392717 :: Blog thingy
Offline
Oh yes sorry I forgot it
Thanks
Offline