No route to host when trying to capture with fog 1.15.10 new install
-
@anwoke8204 said in No route to host when trying to capture with fog 1.15.10 new install:
I uninstalled ufw/iptables because I prefer firewalld.
I as you have moved on from Centos/RHEL. I was in the RHEL camp starting in 1999. With them closing down Centos as we knew it, I made the switch to Debian about 2 years ago. To me Centos is dead to me.
I can only comment on firewalld and masking Debian because you are comfortable with the way RHEL worked. Eventually you will need to become familiar with the way Debian and to a lesser extend Ubuntu does things. IMO just bit the bullet and use ufw that way you can find support. The concepts are pretty much the same between firewalld and ufw because iptables runs under the hood for both. Now that you understand the concepts the rest is just syntax. You have to do what’s right for you and your business, don’t simply listen to some dude on the internet.
-
@george1421 ok, I have reinstalled ufw. and removed firewalld. will let you know how it goes. here are my rules, do these look ok?
let me know if there are any rules I need to delete or change.
-
@anwoke8204 The only one I don’t see is ftp.
Fog uses ssh, nfs, ftp. tftp, bootp/dhcp, http, https, rpc port mapper Make sure that stuff is enable. The rest looks good.
-
@george1421 ok, I have added that port. I am not onsite, as i remote in so I am waiting to see if someone onsite can test and get back to me.
-
@george1421 ok, it halts at tftp and times out.
here are the firewall rules I have. which ones do i need to change or fix?
-
@george1421 I redid all of the rules and just put in the fog ports, ssh, and webmin ports. ufw now looks like this:
is there any other ports or icmp requests I should open? sorry, I am not that familiar with ufw.
-
Cant seem to get it going, so im going to try bringing FOG online using rocky linux since its based off of RHEL, and thats what im more familiar with. I will let you know how it goes.
-
@george1421 ok, I have it up and running on Rocky Linux, but I am still having the firewald issue where when I create rule 2049/udp it doesn’t show, so when I try to add it manually in the xml file firewalld crashes. any idea how I can get the port to stick in firewalld?
-
@george1421 ok, I was able to get the port to stick, so here is a screenshot of all of the open ports now.
but we are still getting the no route to host. Is there a port I am missing? Any idea why its doing that? it has to be something with that port not working right or something. when we turn the firewall off, it works just fine, but when we turn the firewall on, we get no route to host.
-
@anwoke8204 In this article https://www.cherryservers.com/blog/how-to-configure-ubuntu-firewall-with-ufw There is a section about logging. It kind of indicates that the default deny policy logs blocked packets in /var/log/ufw* files. Lets see if there is something there regarding to what nfsv3 is trying to do. I don’t have ufw enabled on my fog servers so I have not run into this issue before.
It looks like you have all of the rules/ports enabled.
