D&C Lug - Home Page
Devon & Cornwall Linux Users' Group

[ Date Index ][ Thread Index ]
[ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Router firewall and keyserver problems



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Friday 28 Mar 2003 10:08 pm, Theo Zourzouvillys wrote:
> On Friday 28 March 2003 9:19 pm, Neil Williams wrote:
> > Can anyone point me in the right direction with this one?
> >
> > My new ISDN router doesn't want me to receive keys from keyservers using
> > HKP. I've tried opening port 11371 but it worked once but won't work
> > again.
>
> can you ping it?

Yes. I can ping the internal interface, 192.168.0.7, and I can ping the 
external interface (dynamic IP). I can ping across any IP range, it's just 
the HKP protocol that gets ignored. My webservice, POP and SMTP continue to 
work fine. I know my GnuPG config is OK because I changed the routing table 
on this box temporarily, loaded KPPP and updated the keys over dial-up. 

> > Unfortunately, as it's a router, I can't access a full iptable output I
> > have to work it through NAT setup, IP port redirection, IP filter (call
> > filter or data filter) or open ports setup.
>
> hmmm? it's linux? how come you can't access full iptables output?

The router doesn't run Linux, the LAN behind the router runs Linux. It's a 
D-Link ISDN terminal adaptor and router with 4 ethernet ports and 1 uplink 
port. I don't know what the router does run, I can telnet in but only with a 
vastly reduced command set and I have a HTML configuration tool, but that's 
it. All the Linux boxes now have empty iptables whilst they use the router as 
default gateway. The router in turn has a firewall and it's getting that 
configured that is confusing me. I thought that opening 11371 completely 
would solve it - it didn't.

Does HKP only use 11371 or does it need more ports?

- -- 

Neil Williams
=============
http://www.codehelp.co.uk
http://www.dclug.org.uk

http://www.wewantbroadband.co.uk/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQE+hM9EiAEJSii8s+MRAg/5AJ0XqVuhrpsjBeeTbEHgmcu98sZCUwCgpBIF
Qm1ue7MkibMnXBxvEKX2Lj8=
=YxuJ
-----END PGP SIGNATURE-----


--
The Mailing List for the Devon & Cornwall LUG
Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the
message body to unsubscribe.


Lynx friendly