[Leaplist] port inquiry fedora 5 boxen

Kyle Gonzales kyle.gonzales at gmail.com
Fri Mar 2 11:33:25 EST 2007 

Lots of questions there, let me give you a few pointers.

It seems you have shell access to the Fedora system, so here are a few
useful commands:

"iptables -L -n -v" will show the firewall rules in place on the basic
input/output/forward chains, and many packets they have blocks.

"netstat -ltup" will show you all the active sockets used by daemons
listening for packets, listing the protocol, socket info, and PID &
program name using the port.

Those should provide you with a wealth of information.

On Fri, 2007-03-02 at 11:10 -0500, doug jones wrote:
> all,
> 
> I've been given access to a headless fedora box at a customer site with which
> to experiement with from my office (via ssh).  It's fedora 5 and I don't know
> details of install other than it would have been a simple one (firewall would
> have one of their simple settings {low/medium/high, on/off} ).  
> 
> I'm playing with C code examples of sending and receiving udp packets.  I've
> got my receiving code running on the fedora in question and transmitting code on
> another remote box.  The remote box transmits a udp packet and I'm hoping to the
> receive the udp packet at the fedora box in question.  I'm using remote boxes
> for both ends because they both have static IPs and I can use hardcoded
> IPs in the C code and not have to figure out DHCP stuff yet.
> 
> I can tell by using tcpdump that the udp packet gets to the fedora box but
> it doesn't make it to the user space code (or even if I compile and run it
> as root).  Since I know the packet makes it to the destination, I figure I
> have a firewall issue.  
> 
> My question is, how do I determine what ports are allowed by whatever firewall
> may exist on the fedora box.  I'll be doing whatever tweaking thru a ssh login
> so no gui tools.  Also, I remembered something about nmap from long ago 
> experiements and see that nmap is NOT on the fedora box (and I don't know how
> to use YUM yet).  Are there other command line tools to determine if a 
> particular port is usable?
> 
> I guess a very good thing to know is whether or not tcpdump is _after_ the 
> firewall.  If it is, then I've probably just got a code problem.
> 
> Doug Jones
-- 
Kyle Gonzales <kyle.gonzales at gmail.com>
GPG/PGP Key: 9C3FBD51
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.leap-cf.org/pipermail/leaplist/attachments/20070302/530e1376/attachment.bin

More information about the Leaplist mailing list