subject:"RE\: \[gentoo\-user\] distcc and iptables"

RE: [gentoo-user] distcc and iptables

2005-07-26 Thread Dave Nebinger

> but distcc doesn't work ...

Ah, did you edit /etc/conf.d/distccd to add the --allow and --listen
options?  If you don't specifically enable them the remote system will not
be able to get to distcc on the box.

Locally I use a line as follows to enable the internal lan to hit distccd:

DISTCCD_OPTS="${DISTCCD_OPTS} --allow 192.168.0.0/24 --allow 127.0.0.1
--listen 192.168.0.1"

This says allow the internal lan, allow localhost, and set up a listener on
the local ip address.


-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] distcc and iptables

2005-07-26 Thread Antonio Coralles


Dave Nebinger wrote:


What is the best way to configure iptables in a way, so that spefic
hosts may connect to distccd ?


The following command should do it if you substitute the () with your 
local

values.

iptables -I INPUT -i (network interface) -p tcp -s (src ip addr) --dport
3632 -j ACCEPT



Hmm, iptables -L now returns

Chain INPUT (policy ACCEPT)
target prot opt source   destination
ACCEPT tcp  --  192.168.0.250anywheretcp dpt:distcc
ACCEPT all  --  anywhere anywhere
ACCEPT all  --  anywhere anywhere
REJECT udp  --  anywhere anywhereudp 
dpt:bootps reject-with icmp-port-unreachable
REJECT udp  --  anywhere anywhereudp 
dpt:domain reject-with icmp-port-unreachable

ACCEPT tcp  --  anywhere anywheretcp dpt:ssh
ACCEPT tcp  --  anywhere anywheretcp dpt:distcc
DROP   tcp  --  anywhere anywheretcp dpts:0:1023
DROP   udp  --  anywhere anywhereudp dpts:0:1023

Chain FORWARD (policy ACCEPT)
target prot opt source   destination
DROP   all  --  anywhere 192.168.0.0/16
ACCEPT all  --  192.168.0.0/16   anywhere
ACCEPT all  --  anywhere 192.168.0.0/16

Chain OUTPUT (policy ACCEPT)
target prot opt source   destination

but distcc doesn't work ...
--
gentoo-user@gentoo.org mailing list

RE: [gentoo-user] distcc and iptables

2005-07-26 Thread Dave Nebinger

> What is the best way to configure iptables in a way, so that spefic
> hosts may connect to distccd ?

The following command should do it if you substitute the () with your local
values.

iptables -I INPUT -i (network interface) -p tcp -s (src ip addr) --dport
3632 -j ACCEPT


-- 
gentoo-user@gentoo.org mailing list

RE: [gentoo-user] distcc and iptables

Re: [gentoo-user] distcc and iptables

RE: [gentoo-user] distcc and iptables

3 matches

Site Navigation

Mail list logo

Footer information