| cmaloney | CHC tonight | 12:39 |
|---|---|---|
| cmaloney | https://gettogether.community/events/10370/coffee-house-coders-regular-meeting/ | 12:41 |
| waldo323 | i'm looking into figuring out why one machine can't get to specific ports on another, iptables is likely the culprit but there is another machine which is able to connect which appears to have the same rules in iptables, does anyone have troubleshooting ideas for checking how my traffic is getting blocked? | 16:58 |
| cmaloney | You could do a netstat | 17:00 |
| cmaloney | also try a telnet to see if you're getting blocked | 17:01 |
| cmaloney | check the rules on the target machine to see if there's something getting in the way | 17:02 |
| waldo323 | i see "filtered" when checking the port with nmap from the machine that can't get to that port and "open" from a machine that can get through | 17:04 |
| cmaloney | So it is getting dropped | 17:06 |
| cmaloney | You can check the logging on the target machine | 17:06 |
| waldo323 | from iptables -S: -A INPUT -s x.x.x.x/32 -p tcp -m tcp --dport 10050:10051 -m state --state NEW -j ACCEPT and -A Cidxxxxx -s x.x.x.x/32 -j ACCEPT | 17:06 |
| waldo323 | thanks, i wasn't sure which log to look in, grep was helpful there though | 17:09 |
| cmaloney | Yeah, I didn't remember which log it was. Syslog is usually the default bucket | 17:12 |
| cmaloney | though I'm sure systemd has some logging as well | 17:12 |
| waldo323 | messages seems to have many, but also shows blocks for the machine that seemed to be working | 17:14 |
| waldo323 | seems like something was stuck or cached somehow, we reapplied the ansible job which setup the rules (with no changes to the ansible job) and now that machine can connect? | 17:28 |
| waldo323 | thank you | 17:33 |
| cmaloney | Nice. | 17:51 |
| cmaloney | yw | 17:52 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!