system: cluster 1350 w/ 5 nodes, RHEL 5.4 OS
I am trying to modify my iptables listing to allow rsh
connections from the master node through eth0 to the other nodes
while retaining the firewall on my other ethernet LAN connection.
I need to enable rsh to run mpich across nodes.
To do this I have been trying to append the iptables listing.
I have tried:
iptables -A INPUT -i eth0 -s 172.20.101.2/24 -j ACCEPT
but with no luck. (My remote compute nodes in the cluster
all have the 172.20.101.x IP).
I have already gotten rlogin and rcp top work
and I know the problem with rsh is that the firewall is stopping
any packet returns from the remote compute nodes.
Do I need to specify the rsh port? I tried including --dport 543
but the dport option is apparently not allowed.
Any advise is welcome.
Thanks for any help.
This topic has been locked.
1 reply Latest Post - 2010-01-07T02:41:43Z by ishields
Pinned topic iptables editing question
Answered question This question has been answered.
Unanswered question This question has not been answered yet.
Updated on 2010-01-07T02:41:43Z at 2010-01-07T02:41:43Z by ishields
ishields 2000001P5B988 PostsACCEPTED ANSWER
Re: iptables editing question2010-01-07T02:41:43Z in response to shccrThe first rule that will block something is what gets used. So if some higher rule blocks all traffic on port x, then opening traffic on address y will not open traffic over y on port x. You may want to look at opening rsh at the top level and then excluding it on the external adapters.