[CentOS] LDAP/iptables

Mon Sep 5 00:39:52 UTC 2005
Thomas E Dukes <edukes at alltel.net>

 

> -----Original Message-----
> From: centos-bounces at centos.org 
> [mailto:centos-bounces at centos.org] On Behalf Of Johnny Hughes
> Sent: Sunday, September 04, 2005 11:16 AM
> To: CentOS ML
> Subject: Re: [CentOS] LDAP/iptables
> 
> On Sun, 2005-09-04 at 09:10 -0400, Thomas E Dukes wrote:
> > Hello,
> > 
> > I am trying to get LDAP running.  So far, the server is 
> running but I 
> > cannot connect to port 389 or the server using webmin or 
> phpldapadmin.  
> > It could be my ISP has blocked this port but I'm not sure.  I have 
> > tried to telnet to port 389 but it is refused.  All other 
> services run fine.
> > 
> > I user the iptables ruleset found in the IP-Masquerade 
> HowTo.  Below 
> > is the ruleset I follow for opening ports for external access.  For 
> > some reason it won't open 389.
> > 
> > $IPTABLES -A INPUT -i $EXTIF -m state --state 
> NEW,ESTABLISHED,RELATED 
> > \  -p tcp -s $UNIVERSE -d $EXTIP --dport 389 -j ACCEPT
> > 
> > Where $EXTIF = eth0 and $EXTIP = my ipaddress
> > 
> > Does anyone know what I may be doing wrong?
> > 
> > TIA
> > 
> > 
> 
> If you are trying to connect from the outside from another PC 
> ... and if the firewall and ldap are installed on the same 
> PC, that should work to allow connection to port 389.
> 
> If you are trying to connect directly to port 389 from and 
> internal IP, that probably won't work. (you will need to do 
> something to PREROUTING chain to get the packets routed to the EXTIF)
> 
> BUT ... you shouldn't need to do either of those if you are 
> also running webmin or phpmyadmin also on that machine ... if 
> you listen on the internal IP at port 389 and not the external IP.
> 
> Does netstat -aptn show you listening on the internal / 
> external /  or loopback ip on port 389 (or more than one of them).

Hello,

Running netstat -aptn shows nothing for port 389.  This doesn't make sense.

Thanks!!
> 
> 
>