On Fri, Nov 20, 2020 at 12:18 PM Frank Cox theatre@sasktel.net wrote:
On Fri, 20 Nov 2020 12:07:40 -0500 Michael B Allen wrote:
So TCP src 760 to 41285. What's that?
Apparently "that" is what you need to allow in order for your desktop to work.
What it is actually doing, I'm not sure. Google tells me that port 760 has something to do with Kerberos registration.
Apparently I don't know how to do "that" because this:
# iptables -A INPUT -p tcp --sport 760 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
still doesn't allow the traffic through (not that I would want to allow an --sport rule anyway but I'd just like to confirm that this traffic is indeed responsible). What am I doing wrong here? I've also tried simpler rules without conntrack or cstate but it's still not getting through.
Incidentally I added kerberos and kadmin firewalld services without effect either.
Mike