how to enable iptables from CLI
This is a discussion on how to enable iptables from CLI within the Linux Security forums, part of the System Security and Security Related category; Newsbox wrote: > On Tue, 11 Apr 2006 23:48:09 -0700, linuxadmin wrote: > > [...] > > > >&...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
04-12-2006
|
|||
|
|||
Re: how to enable iptables from CLI
Newsbox wrote: > On Tue, 11 Apr 2006 23:48:09 -0700, linuxadmin wrote: > > [...] > > > >> Starting system logger: syslogd: error while loading shared libraries: > >> /lib/ld-linux.so.2: cannot apply additional memory protection after > >> relocation: Permission denied [FAILED] > >> Starting kernel logger: [ OK ] > [...] > >> Thanks > >> Danish > > One more thing. I also found out there was no /lib/ld-linux-so..2 in > > the /lib sirectory > > > > Danish > > /lib/ld-linux.so.2 > /lib/ld-linux-so..2 > > ... are not the same. If you want to find the file you have to use the > exact, letter perfect name. Try copy and paste; - it's very easy in Linux: > > Highlight the part you want to copy (with the mouse) right in your > newsreader (or terminal) display. Then place the mouse cursor where you > want to paste this and click with the middle button. That's how I copied > and pasted the two lines from different parts of your message. > > Try copying this line that way into a CLI and enter it: > > ls -l /lib/ld-linux.so.2 > > When I do that, this is what I get: > > $ ls -l /lib/ld-linux.so.2 > lrwxrwxrwx 1 root root 9 Mar 17 17:06 /lib/ld-linux.so.2 -> ld-2.4.so > $ > > HTH > > Best wishes. I apologise for not being correct. The library is ld-linux.so.2.. Thanks Danish 
|
|
04-12-2006
|
|||
|
|||
|
Re: how to enable iptables from CLI
On Tue, 11 Apr 2006 23:44:27 -0700, linuxadmin wrote:
> Newsbox wrote: >> On Mon, 10 Apr 2006 12:18:00 -0400, Newsbox wrote: >> >> Just a note about the "punctuation marks". Different font faces render >> differently, and some things that look alike or almost alike might be >> insignificant in normal narrative text, but can be important to the "bash" >> shell interpreter. I _think_ IIRC, the single quotes in the line below >> might be either or both of two different characters: >> >> ` is the lc key to the left of "1" along the top of the keyboard >> >> ' is the lc key right of the ";" >> >> I don't want to mess around too much right now to be sure. But if you >> have trouble with it post back and I'm sure someone will help. ...Could >> be a real bump in the road for anyone who wasn't aware. (OTOH, I might be >> all wrong about this.) >> >> > >> > kill -SIGNAL 'cat /var/run/syslogd.pid' >> > >> > -- except with "-SIGNAL" replaced with "SIGHUP" >> > > > You know what, thank you for helping me out so much. Becasue had it not > been you I would never have found out this error..... > > .....Starting system logger: syslogd: error while loading shared > libraries: /lib/ld-linux.so.2: cannot apply additional memory > protection after relocation: Permission denied........ > > This happened when I noticed that no new log messages were coming into > /var/log/messages. > So I did /etc/init.d/syslog restart.. You need to follow the instructions in the man page for syslogd: $ man syslogd Look in the part titled "SIGNALS". This is the command to be run as root: # kill -SIGHUP `cat /var/run/syslogd.pid` Please note that syslogd is different than syslog: # which syslogd /sbin/syslogd # file /sbin/syslogd /sbin/syslogd: ELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), for GNU/Linux 2.2.5, stripped # file /etc/init.d/syslog /etc/init.d/syslog: Bourne-Again shell script text executable > but then I got > the above error....but still the kernel logger starts.. > > # /etc/init.d/syslog restart > Shutting down kernel logger: [ OK ] > Shutting down system logger: [FAILED] > Starting system logger: syslogd: error while loading shared libraries: > /lib/ld-linux.so.2: cannot apply additional memory protection after > relocation: Permission denied [FAILED] > Starting kernel logger: [ OK ] > .......... > > Below is the original /etc/syslog.cof file on my home system which has > the problem.. > > # Log anything (except mail) of level info or higher. > # Don't log private authentication messages! > *.info;mail.none;authpriv.none;cron.none /var/log/messages > > # The authpriv file has restricted access. > authpriv.* /var/log/secure > > # Log all the mail messages in one place. > mail.* - /var/log/maillog > > > # Log cron stuff > cron.* /var/log/cron > > # Everybody gets emergency messages > *.emerg * > > # Save news errors of level crit and higher in a special file. > uucp,news.crit /var/log/spooler > > # Save boot messages also to boot.log > local7.* /var/log/boot.log > This file looks alright. > > Thanks > Danish Let us know if this works for you.
|
|
04-14-2006
|
|||
|
|||
|
Re: how to enable iptables from CLI
Newsbox wrote:
> On Tue, 11 Apr 2006 23:44:27 -0700, linuxadmin wrote: > > > Newsbox wrote: > >> On Mon, 10 Apr 2006 12:18:00 -0400, Newsbox wrote: > >> > >> Just a note about the "punctuation marks". Different font faces render > >> differently, and some things that look alike or almost alike might be > >> insignificant in normal narrative text, but can be important to the "bash" > >> shell interpreter. I _think_ IIRC, the single quotes in the line below > >> might be either or both of two different characters: > >> > >> ` is the lc key to the left of "1" along the top of the keyboard > >> > >> ' is the lc key right of the ";" > >> > >> I don't want to mess around too much right now to be sure. But if you > >> have trouble with it post back and I'm sure someone will help. ...Could > >> be a real bump in the road for anyone who wasn't aware. (OTOH, I might be > >> all wrong about this.) > >> > >> > > >> > kill -SIGNAL 'cat /var/run/syslogd.pid' > >> > > >> > -- except with "-SIGNAL" replaced with "SIGHUP" > >> > > > > > You know what, thank you for helping me out so much. Becasue had it not > > been you I would never have found out this error..... > > > > .....Starting system logger: syslogd: error while loading shared > > libraries: /lib/ld-linux.so.2: cannot apply additional memory > > protection after relocation: Permission denied........ > > > > This happened when I noticed that no new log messages were coming into > > /var/log/messages. > > > So I did /etc/init.d/syslog restart.. > > You need to follow the instructions in the man page for syslogd: > > $ man syslogd > > Look in the part titled "SIGNALS". This is the command to be run as root: > > # kill -SIGHUP `cat /var/run/syslogd.pid` > > Please note that syslogd is different than syslog: > > # which syslogd > /sbin/syslogd > # file /sbin/syslogd > /sbin/syslogd: ELF 32-bit LSB shared object, Intel 80386, version 1 > (SYSV), for GNU/Linux 2.2.5, stripped > # file /etc/init.d/syslog > /etc/init.d/syslog: Bourne-Again shell script text executable > > > but then I got > > the above error....but still the kernel logger starts.. > > > > # /etc/init.d/syslog restart > > Shutting down kernel logger: [ OK ] > > Shutting down system logger: [FAILED] > > Starting system logger: syslogd: error while loading shared libraries: > > /lib/ld-linux.so.2: cannot apply additional memory protection after > > relocation: Permission denied [FAILED] > > Starting kernel logger: [ OK ] > > .......... > > > > Below is the original /etc/syslog.cof file on my home system which has > > the problem.. > > > > # Log anything (except mail) of level info or higher. > > # Don't log private authentication messages! > > *.info;mail.none;authpriv.none;cron.none /var/log/messages > > > > # The authpriv file has restricted access. > > authpriv.* /var/log/secure > > > > # Log all the mail messages in one place. > > mail.* - /var/log/maillog > > > > > > # Log cron stuff > > cron.* /var/log/cron > > > > # Everybody gets emergency messages > > *.emerg * > > > > # Save news errors of level crit and higher in a special file. > > uucp,news.crit /var/log/spooler > > > > # Save boot messages also to boot.log > > local7.* /var/log/boot.log > > > > This file looks alright. > > > > > Thanks > > Danish > > Let us know if this works for you. Hi, I apologise for writing in so late. My Linux box was not working. I looked into man syslogd but nowhere is it mentioned that do this incase you do not find the /lib/ld-linux.so.2. Doing a kill would only work if the syslod is running i think. thanks Danish
|
|
04-16-2006
|
|||
|
|||
|
Re: how to enable iptables from CLI
On Thu, 13 Apr 2006 21:59:10 -0700, linuxadmin wrote:
>> Let us know if this works for you. > > Hi, > I apologise for writing in so late. My Linux box was not working. > > I looked into man syslogd but nowhere is it mentioned that do this > "? you do not find the /lib/ld-linux.so.2. Doing a kill would only > work if the syslod is running i think. > > thanks > Danish Hi Danish, I am not abandoning you. But this thread is simply so old that new messages are not showing up in my newsreader anymore unless I really go and look for them. I just did that and found your message. I have no problem trying to help you. But it seems that NNTP might not be the best method. See the sig for my address and e-mail me, so that I have your e-mail address at which to reach you. Why was your Linux box not working? Please tell details. One step at a time, and I am now one step ahead of what I can actually answer. You may have crashed something. There are ways to find that out, what has crashed, and how to fix it from CLI. Until you know those things, the fastest way is to restart your system. Nothing is valid while something is crashed. You are hung up on the /lib/ld-linux.so.2. Actually, the fastest help is on IRC. But not to change the subject, e-mail me. Then I will ask the questions that are needed to know how to resolve your issues. No guarantees. No charge. Take it it leave it. What is "incase"? Please remember that exact lettering is important to computers, and is also important to me. Everything needs to be exactly letter-perfect. Typos are OK for secretaries, but not alright for system administrators. That is what you said that you wanted to be, is it not? Let me know. -- colloquy_no_9 {at-sign} spam-mailingaddress.org eliminate the spam-
|
|
04-17-2006
|
|||
|
|||
|
Re: how to enable iptables from CLI
Newsbox wrote: > On Thu, 13 Apr 2006 21:59:10 -0700, linuxadmin wrote: > > > >> Let us know if this works for you. > > > > Hi, > > I apologise for writing in so late. My Linux box was not working. > > > > I looked into man syslogd but nowhere is it mentioned that do this > > "? you do not find the /lib/ld-linux.so.2. Doing a kill would only > > work if the syslod is running i think. > > > > thanks > > Danish > > Hi Danish, > I am not abandoning you. But this thread is simply so old that new > messages are not showing up in my newsreader anymore unless I really go > and look for them. I just did that and found your message. I have no > problem trying to help you. But it seems that NNTP might not be the best > method. See the sig for my address and e-mail me, so that I have your > e-mail address at which to reach you. > > Why was your Linux box not working? Please tell details. > > One step at a time, and I am now one step ahead of what I can actually > answer. > > You may have crashed something. There are ways to find that out, what has > crashed, and how to fix it from CLI. Until you know those things, the > fastest way is to restart your system. Nothing is valid while something > is crashed. > > You are hung up on the /lib/ld-linux.so.2. Actually, the fastest help is > on IRC. But not to change the subject, e-mail me. Then I will ask the > questions that are needed to know how to resolve your issues. > > No guarantees. No charge. Take it it leave it. > > What is "incase"? Please remember that exact lettering is important to > computers, and is also important to me. Everything needs to be exactly > letter-perfect. Typos are OK for secretaries, but not alright for system > administrators. That is what you said that you wanted to be, is it not? > > Let me know. > > -- > colloquy_no_9 {at-sign} spam-mailingaddress.org > eliminate the spam- Hi, Ive written an email to you at the above address.. Danish
|
|
04-18-2006
|
|||
|
|||
|
Re: how to enable iptables from CLI
On Mon, 17 Apr 2006 07:25:38 -0700, linuxadmin wrote:
[...] >> -- >> colloquy_no_9 {at-sign} spam-mailingaddress.org >> eliminate the spam- > > Hi, > Ive written an email to you at the above address.. > > Danish Hi, I'll look for it, but it hasn't arrived yet.
|
|
04-18-2006
|
|||
|
|||
|
Re: how to enable iptables from CLI
Newsbox wrote: > On Mon, 17 Apr 2006 07:25:38 -0700, linuxadmin wrote: > [...] > >> -- > >> colloquy_no_9 {at-sign} spam-mailingaddress.org > >> eliminate the spam- > > > > Hi, > > Ive written an email to you at the above address.. > > > > Danish > Hi, > I'll look for it, but it hasn't arrived yet. Sad....just to let you know..... your email id I used: colloquy_no_9@mailingaddress.org Anyway! My email address is me.linuxadmin@gmail.com Danish
|
|
04-18-2006
|
|||
|
|||
|
Re: how to enable iptables from CLI
On Mon, 17 Apr 2006 22:41:40 -0700, linuxadmin wrote:
> Newsbox wrote: >> On Mon, 17 Apr 2006 07:25:38 -0700, linuxadmin wrote: [...] >> >> -- >> >> colloquy_no_9 {at-sign} spam-mailingaddress.org eliminate the spam- >> > >> > Hi, >> > Ive written an email to you at the above address.. >> > >> > Danish >> Hi, >> I'll look for it, but it hasn't arrived yet. > > Sad....just to let you know..... > your email id I used: > xxx@xxx.xxx > > Anyway! My email address is > xx.xxx@gmail.com > Danish Yes, I received and answered your e-mail. Thanks a heap (NOT!!), Danish. Because of that message both our e-mail addresses will now be spam targets. No problem, except I'll deep-6 that address and you won't be able to reach me. Why do you think people obfusticate their e-mail addresses on usenet, anyway? Did that question ever come into your mind? (mind?, mind? mind? .... ) ;/ No not your fault. I should have known better. Won't do that again.
|
|
04-18-2006
|
|||
|
|||
|
Re: how to enable iptables from CLI
Newsbox wrote: > On Mon, 17 Apr 2006 22:41:40 -0700, linuxadmin wrote: > > > > Newsbox wrote: > >> On Mon, 17 Apr 2006 07:25:38 -0700, linuxadmin wrote: [...] > >> >> -- > >> >> colloquy_no_9 {at-sign} spam-mailingaddress.org eliminate the spam- > >> > > >> > Hi, > >> > Ive written an email to you at the above address.. > >> > > >> > Danish > >> Hi, > >> I'll look for it, but it hasn't arrived yet. > > > > Sad....just to let you know..... > > your email id I used: > > xxx@xxx.xxx > > > > Anyway! My email address is > > xx.xxx@gmail.com > > Danish > > Yes, I received and answered your e-mail. > > Thanks a heap (NOT!!), Danish. Because of that message both our e-mail > addresses will now be spam targets. > > No problem, except I'll deep-6 that address and you won't be able to reach > me. Why do you think people obfusticate their e-mail addresses on usenet, > anyway? Did that question ever come into your mind? (mind?, mind? mind? > ... ) ;/ > > No not your fault. I should have known better. Won't do that again. Im extremely sorry. I really didnt do that on purpose. So stupid of me..... Well, thats all I can say now...I guess Thank you very much for all your help Danish
|
 |
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT +1. The time now is 04:49 PM.
