This discussion is archived
1 2 3 Previous Next 34 Replies Latest reply: Jan 28, 2013 2:54 AM by Udo Go to original post RSS
  • 30. Re: Remote Connection Help
    985865 Newbie
    Currently Being Moderated
    Dude wrote:

    This means nothing and doesn't mean connections are allowed.

    If you suspect a firewall issue, simply disable it. I don't know exactly which Fedora release you are using, but perhaps the following will do (or look it up in google):

    # service iptables stop

    Then disable the firewall on your Windows side too to be sure.

    If you still have no connectivity, then you have a service configuration or network routing problem.

    P.S. is there any kind of machine virtualization involved? If yes, you may simply use the wrong adapter for your virtual machine that does not allow incoming connections, e.g. NAT.
    So what you suggested worked...for about two minutes, then went back to timing out. I checked Fedora with the command systemctl status iptables.service and it is still dead. The firewall on my Windows 7 client computer is off as well. So it worked initially but then went back to where it was before. Any ideas?
  • 31. Re: Remote Connection Help
    985865 Newbie
    Currently Being Moderated
    After I posted this, I tried logging in again back to back and the second time I got in. Is there a way to increase the time it takes until it times out. This might just be my slow network. The server is connected wirelessly by a USB adapter. Could that be the problem?
  • 32. Re: Remote Connection Help
    Udo Guru
    Currently Being Moderated
    The server is connected wirelessly by a USB adapter. Could that be the problem?
    Sure. It could also be a DHCP-related problem. Does your wireless connection have a fixed IP address?
    I checked Fedora with the command systemctl status iptables.service and it is still dead.
    Are you sure iptables.service is the only firewall-related daemon on your Fedora install?

    -Udo
  • 33. Re: Remote Connection Help
    985865 Newbie
    Currently Being Moderated
    Udo wrote:
    Sure. It could also be a DHCP-related problem. Does your wireless connection have a fixed IP address?
    Yes, I went into my router and reserved the dhcp address to the server's MAC address
    Are you sure iptables.service is the only firewall-related daemon on your Fedora install?
    I am not sure about this. Over the weekend, I found out it works when the iptables.service is turned off. But when I try to connect an hour later, it won't let me. It is almost like iptables.service turns itself back on.
  • 34. Re: Remote Connection Help
    Udo Guru
    Currently Being Moderated
    It is almost like iptables.service turns itself back on.
    That's exactly what happens when your Fedora uses a separate service to configure your firewall. I already posted this in a previous reply to you: {message:id=10807505}
    Perhaps this post was not clear enough, so I'll start a bit earlier:
    iptables is what you can think of as the firewall itself. But for at least two reasons, several distributions (including Fedora) use a front end service to do the actual configuration:
    1. Ease of use. Many users prefer a GUI to do that configuration, instead of a need to know all kinds command line options...
    2. Consistency. There may be install scripts or manuals that require you tun configure iptables directly, but often these don't care about other (previous) settings, but leave that up to the end user. This can cause inconsistent rule sets and lead up to insecure or inoperable systems. To avoid that, the front end service uses its own configuration set (with certain consistency checks enabled and possibly some "advanced" features disabled by default).

    Especially for the second point, it is necessary to enforce the rules of the configuration service, which is why such kind of service is usually implemented to flush and rewrite the ruleset. In your case: The "firewall control service" of your Fedora is frequently flushing iptables and pushes its own rules into action. Any change you or some installer/script you've executed performed in the mean time will only be effective between two scheduled executions of that service.
    To make your changes persistent, you need to do the configuration using the firewall control service (as mentioned in my previous post), or you need to disable this service, but I'd not recommend to do that.

    -Udo
1 2 3 Previous Next

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points