Bits & Pieces for Linux firewall?

Boss veto'ed local authentication, so we are back to none.

I having trouble with a program unable to access the internet. How do I check which port it is trying to access?
 
use netstat -a (and also netstat -b) on the windows pc to see which ports it is trying to open.

If you're using the half-open policy, then you'll need to open the correct port(s) manually.

You can also google for that specific application - usually it'll give you some info. But the netstat command will be your first port of call.
 
AirWolf said:
Yahoo messenger seems unable to log-in even with the correct proxy settings entered?:confused:
Click to expand...

Weird - check if the correct ports for Yahoo messenger's open :

Code: 
Service   	                       Ports
Chat & Messenger 	       TCP Port 5050: Client Access only
Insider/Room Lists 	       TCP Port 80: Client Access only
File Transfer 	               TCP Port 80: Server Access.
Your ISP may block this port, as its used for web hosting.
You can change port in Messenger, Preferences, File Transfer.
Voice Chat 	                       UDP 5000-5010
                                       TCP 5000-5001: Client Access
If UDP Fails, TCP will be used instead, see below.

WebCam 	                       TCP Port 5100: Client Access
Super Webcam 	               TCP Port 5100: Server Access
P2P Instant Messages 	       TCP Port 5101: Server Access

PMs between Buddys may not use the Yahoo! Server, but this is not a requirement.

Copied from http://www.helpbytes.co.uk/yconnect.php
 
The_Librarian said:
use netstat -a (and also netstat -b) on the windows pc to see which ports it is trying to open.

If you're using the half-open policy, then you'll need to open the correct port(s) manually.

You can also google for that specific application - usually it'll give you some info. But the netstat command will be your first port of call.
Click to expand...

App is C-Track Secure.

netstat-a said:
C:\Documents and Settings\USER>netstat -a

Active Connections

Proto Local Address Foreign Address State
TCP deshnee:epmap deshnee:0 LISTENING
TCP deshnee:microsoft-ds deshnee:0 LISTENING
TCP deshnee:1038 deshnee:0 LISTENING
TCP deshnee:1025 deshnee:0 LISTENING
TCP deshnee:netbios-ssn deshnee:0 LISTENING
TCP deshnee:1681 192.168.0.97:microsoft-ds ESTABLISHED
TCP deshnee:1793 41.203.17.1:http CLOSE_WAIT
TCP deshnee:1794 41.203.17.1:http CLOSE_WAIT
TCP deshnee:1796 41.203.17.1:http CLOSE_WAIT
TCP deshnee:1801 41.203.17.1:http CLOSE_WAIT
TCP deshnee:1828 dedi67.jnb2.host-h.net:http CLOSE_WAIT
UDP deshnee:microsoft-ds *:*
UDP deshnee:isakmp *:*
UDP deshnee:4500 *:*
UDP deshnee:ntp *:*
UDP deshnee:1625 *:*
UDP deshnee:1630 *:*
UDP deshnee:1704 *:*
UDP deshnee:1900 *:*
UDP deshnee:ntp *:*
UDP deshnee:netbios-ns *:*
UDP deshnee:netbios-dgm *:*
UDP deshnee:1900 *:*

C:\Documents and Settings\USER>
Click to expand...

netstat-b said:
C:\Documents and Settings\USER>netstat -b

Active Connections

Proto Local Address Foreign Address State PID
TCP deshnee:1681 192.168.0.97:microsoft-ds ESTABLISHED 4
[System]

TCP deshnee:1793 41.203.17.1:http CLOSE_WAIT 2792
[iexplore.exe]

TCP deshnee:1794 41.203.17.1:http CLOSE_WAIT 2792
[iexplore.exe]

TCP deshnee:1796 41.203.17.1:http CLOSE_WAIT 2792
[iexplore.exe]

TCP deshnee:1801 41.203.17.1:http CLOSE_WAIT 2792
[iexplore.exe]

TCP deshnee:1828 dedi67.jnb2.host-h.net:http CLOSE_WAIT 279
2
[iexplore.exe]


C:\Documents and Settings\USER>
Click to expand...

The_Librarian said:
Weird - check if the correct ports for Yahoo messenger's open :

Code: 
Service   	                       Ports
Chat & Messenger 	       TCP Port 5050: Client Access only
Insider/Room Lists 	       TCP Port 80: Client Access only
File Transfer 	               TCP Port 80: Server Access.
Your ISP may block this port, as its used for web hosting.
You can change port in Messenger, Preferences, File Transfer.
Voice Chat 	                       UDP 5000-5010
                                       TCP 5000-5001: Client Access
If UDP Fails, TCP will be used instead, see below.

WebCam 	                       TCP Port 5100: Client Access
Super Webcam 	               TCP Port 5100: Server Access
P2P Instant Messages 	       TCP Port 5101: Server Access

PMs between Buddys may not use the Yahoo! Server, but this is not a requirement.

Copied from http://www.helpbytes.co.uk/yconnect.php
Click to expand...

Yahoo doesn't seem to a problem anymore with no authentication.
 
Seems as if it could be ports 1681, 1793, 1794, 1796, 1801 and 1828...

Can't you change C-Track's configuration to use one port only, or is it a Web application?

Failing that, you will need to contact the developer and ask what ports his application is using.
 
The_Librarian said:
Seems as if it could be ports 1681, 1793, 1794, 1796, 1801 and 1828...

Can't you change C-Track's configuration to use one port only, or is it a Web application?

Failing that, you will need to contact the developer and ask what ports his application is using.
Click to expand...

I think those ports showed up because I had IE open on at the time. When IE is not open, netstat -b doesn't show any connections.

This program is installed on the pc, and receives map info from the net. When the machine is connected directly to the internet (bypassing Smoothwall), the program goes directly to a log-in screen. But when the machine's connection goes through Smoothwall, it doesn't even get to the log-in screen, but stops at the connecting to server screen.
 
AirWolf said:
This program is installed on the pc, and receives map info from the net. When the machine is connected directly to the internet (bypassing Smoothwall), the program goes directly to a log-in screen. But when the machine's connection goes through Smoothwall, it doesn't even get to the log-in screen, but stops at the connecting to server screen.
Click to expand...

I have posted a query on the Smoothwall community.

http://community.smoothwall.org/forum/viewtopic.php?f=20&t=29952
 
Just out of interest sake, after you failed to connect through Smoothwall, could you paste the Smoothwall authentication log here?
 
Firewall log doesn't show anything for the time program is accessed. Program also doesn't work in SW open mode.

Direct connection to the internet gives the following info:

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\USER>netstat -a

Active Connections

Proto Local Address Foreign Address State
TCP deshnee:epmap deshnee:0 LISTENING
TCP deshnee:microsoft-ds deshnee:0 LISTENING
TCP deshnee:1025 deshnee:0 LISTENING
TCP deshnee:netbios-ssn deshnee:0 LISTENING
TCP deshnee:1254 196.3.162.11:http ESTABLISHED
TCP deshnee:1255 196.3.162.11:http ESTABLISHED
TCP deshnee:1039 deshnee:0 LISTENING
UDP deshnee:microsoft-ds *:*
UDP deshnee:isakmp *:*
UDP deshnee:4500 *:*
UDP deshnee:50141 *:*
UDP deshnee:ntp *:*
UDP deshnee:netbios-ns *:*
UDP deshnee:netbios-dgm *:*
UDP deshnee:1900 *:*
UDP deshnee:ntp *:*
UDP deshnee:1241 *:*
UDP deshnee:1900 *:*

C:\Documents and Settings\USER>
Click to expand...

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\USER>netstat -b

Active Connections

Proto Local Address Foreign Address State PID
TCP deshnee:1254 196.3.162.11:http ESTABLISHED 2596
[SecureWeb.exe]

TCP deshnee:1255 196.3.162.11:http ESTABLISHED 2596
[SecureWeb.exe]


C:\Documents and Settings\USER>
Click to expand...
 
I tried installing SW3SP1 yesterday and it doesn't pick up my D-Link DGE-528T network card (Realtek 8169 chipset). I even tried choosing it manually from the list, but it came up an error: "Unable to load module". The same thing happened when I updated SW3 with update2-i386.

So I'm back to plain old SW3 without any updates.

Will post in SW forums as well.

Edit: I found a thread with the same problem and posted in there:
http://community.smoothwall.org/forum/viewtopic.php?uid=21444&f=20&t=27929&start=0
 
Last edited:
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X