Topic
  • 1 reply
  • Latest Post - ‏2010-01-07T02:41:43Z by ishields
shccr
shccr
3 Posts

Pinned topic iptables editing question

‏2010-01-07T01:13:46Z |
system: cluster 1350 w/ 5 nodes, RHEL 5.4 OS
I am trying to modify my iptables listing to allow rsh
connections from the master node through eth0 to the other nodes
while retaining the firewall on my other ethernet LAN connection.
I need to enable rsh to run mpich across nodes.
To do this I have been trying to append the iptables listing.
I have tried:
iptables -A INPUT -i eth0 -s 172.20.101.2/24 -j ACCEPT
but with no luck. (My remote compute nodes in the cluster
all have the 172.20.101.x IP).
I have already gotten rlogin and rcp top work
and I know the problem with rsh is that the firewall is stopping
any packet returns from the remote compute nodes.
Do I need to specify the rsh port? I tried including --dport 543
but the dport option is apparently not allowed.
Any advise is welcome.

Thanks for any help.

spk
Updated on 2010-01-07T02:41:43Z at 2010-01-07T02:41:43Z by ishields
  • ishields
    ishields
    988 Posts

    Re: iptables editing question

    ‏2010-01-07T02:41:43Z  
    The first rule that will block something is what gets used. So if some higher rule blocks all traffic on port x, then opening traffic on address y will not open traffic over y on port x. You may want to look at opening rsh at the top level and then excluding it on the external adapters.

    Ian Shields