Once again, I battle iptables. This time it's for CPAN. I have the following defined on a system:
*filter :INPUT DROP [37:4772] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [6711:302807] -A INPUT -i lo -j ACCEPT -A INPUT -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p tcp -m tcp ! --tcp-option 2 -j REJECT --reject-with tcp-reset -A INPUT -i eth0 -p tcp -m tcp --dport 21 -j ACCEPT -A INPUT -i eth0 -p udp -m udp --dport 21 -j ACCEPT -A INPUT -i eth0 -p tcp -m tcp --dport 22 -j ACCEPT -A INPUT -i eth0 -p udp -m udp --dport 22 -j ACCEPT -A INPUT -i eth0 -p tcp -m tcp --dport 25 -j ACCEPT -A INPUT -i eth0 -p tcp -m tcp --dport 53 -j ACCEPT -A INPUT -i eth0 -p udp -m udp --dport 53 -j ACCEPT -A INPUT -i eth0 -p tcp -m tcp --dport 80 -j ACCEPT -A INPUT -i eth0 -p udp -m udp --dport 80 -j ACCEPT -A INPUT -i eth0 -p tcp -m tcp --dport 3306 -j ACCEPT -A OUTPUT -o lo -j ACCEPT COMMIT Ad whenever I need to do CPAN updates, it just never connects to anything, except maybe lynx (LWP, ncftp, ftp, everything else within CPAN fails). As soon as I shut off iptables, it works just fine, so that tells me it has to be one of the rules, but which one? -- H | I haven't lost my mind; it's backed up on tape somewhere. +-------------------------------------------------------------------- Ashley M. Kirchner <mailto:[EMAIL PROTECTED]> . 303.442.6410 x130 IT Director / SysAdmin / WebSmith . 800.441.3873 x130 Photo Craft Laboratories, Inc. . 3550 Arapahoe Ave. #6 http://www.pcraft.com ..... . . . Boulder, CO 80303, U.S.A. -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list