[TriLUG] iptables and opening a port, CVS

Christopher L Merrill chris at webperformanceinc.com
Wed Sep 17 12:59:56 EDT 2003


Scott Lundgren wrote:
> chkconfig turns off a service for runlevels(ie: you wouldn't notice it
> wasn't running until the next reboot), to turn iptables off immediately use
> '/sbin/service iptables stop'. 

Yeah, we did that, too.  Still get CVS errors.  We also tried to telnet
to the pserver port (2401) and get connection refused.

> I suspect CVS is not running. How was cvs
> being used via SSH or ye old cvspserver? If it was via pserver when you did
> the upgrade did you create a xinetd entry for it? I've copied mine in below.

We are using CVS via pserver...our xinetd entries look ok to me.
AFAIK, this was not changed during the upgrades:

# default: on
service cvspserver
{
         disable = no
         socket_type             = stream
         wait                    = no
         user                    = root
         env                     = HOME=/opt/cvsroot
         log_on_success          += USERID
         log_on_failure          += USERID RECORD ATTEMPT
         server                  = /usr/bin/cvs
         server_args             = -f --allow-root=/opt/cvsroot pserver
         group                   = cvs
}


Ever since running lokkit, we have most ports blocked, now (e.g. 80).
SSH seems to be the only thing working, now.


-- 
-------------------------------------------------------------------------
Chris Merrill                      |  http://webperformanceinc.com
Web Performance Inc.               |  http://webperformancemonitoring.net

Website Load Testing, Stress Testing, and Performance Monitoring Software
-------------------------------------------------------------------------




More information about the TriLUG mailing list