[mrtg] AW: Iptables

Michel.Grossenbacher at coop.ch Michel.Grossenbacher at coop.ch
Fri Mar 15 14:25:23 MET 2002


Hy Paulo

You should try to add something like this:

iptables -t filter -A INPUT -s 127.0.0.1 -p udp --source-port 161 -j ACCEPT
iptables -t filter -A INPUT -s 127.0.0.1 -p udp --source-port 162 -j ACCEPT

Im not 100% sure if this will work as it should cause I cant test it at my
office. But as I get it you want to open the firewall for local mrtg to
perform SNMP requests (source is your box) and replies. You also have to
open the ports for the replies, kinda like this:

INT=Your Interface where you get the replies on (on the box)
iptables -t filter -A INPUT -i $INT -p udp --destination-port 161 -j ACCEPT
iptables -t filter -A INPUT -i $INT -p udp --destination-port 162 -j ACCEPT

I think it should work
Greets

Michel

-----Ursprüngliche Nachricht-----
Von: Paulo Andre [mailto:PAndre at autopage.co.za]
Gesendet: Freitag, 15. März 2002 13:52
An: Mrtg (E-mail)
Betreff: [mrtg] Iptables



I have just put iptables on a new firewall running mrtg.
I have added  the following rules:
/usr/sbin/iptables -A INPUT -s 127.0.0.1 -p tcp --dport 161 -j ACCEPT
/usr/sbin/iptables -A INPUT -s 127.0.0.1 -p tcp --dport 162 -j ACCEPT

and it doesn't work... I have add the rule with tcp and udp... it doesn't
work.
Can someone please help

Paulo




--
Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=unsubscribe
Archive     http://www.ee.ethz.ch/~slist/mrtg
FAQ         http://faq.mrtg.org    Homepage     http://www.mrtg.org
WebAdmin    http://www.ee.ethz.ch/~slist/lsg2.cgi

--
Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=unsubscribe
Archive     http://www.ee.ethz.ch/~slist/mrtg
FAQ         http://faq.mrtg.org    Homepage     http://www.mrtg.org
WebAdmin    http://www.ee.ethz.ch/~slist/lsg2.cgi



More information about the mrtg mailing list