2

I have an approx server to speed up Debian apt updates, on my Ubuntu 11.04 desktop PC, it had ran fine in the past, but today le 9999 port is open from localhost, but not for others PC. I have not modified inetd configuration at all. What can I check and try?

inetd.conf

9999            stream  tcp     nowait  approx  /usr/sbin/approx /usr/sbin/approx

approx.com

# Here are some examples of remote repository mappings.
# See http://www.debian.org/mirror/list for mirror sites.

debian          http://ftp2.fr.debian.org/debian
security        http://security.debian.org/debian-security
volatile        http://volatile.debian.org/debian-volatile

# The following are the default parameter values, so there is
# no need to uncomment them unless you want a different value.
# See approx.conf(5) for details.

$cache          /espace/Dossiers/approx
$max_rate       unlimited
$max_redirects 5
$user           approx
$group          approx
$syslog daemon
$pdiffs true
$offline        false
$max_wait       10
$verbose        false
$debug          false

I tried to allow others PC to connect with a "ALL: ALL" in hosts.allow. ufw is disabled, iptables-save is empty.

Cédric Girard
  • 397
  • 2
  • 11
  • 25
  • a port scan show that 9999 is closed, but netstat -tupan show tcp 0 0 0.0.0.0:9999 0.0.0.0:* LISTEN - t – Cédric Girard Apr 03 '12 at 21:48
  • What does `iptables -L -n` show? – womble Apr 04 '12 at 04:09
  • Good answer, Womble, I was wrong to trust iptables-save. With -L I can see rules, and with -F my approx server is reachable. Post an answer, I will accept it, and punish myself for such a lame question and time wasted – Cédric Girard Apr 04 '12 at 09:03

1 Answers1

1

The best way to tell what is in the firewall is to use iptables -L -n -- it'll definitively show you what rules are in place in the live firewall. Other methods can be out-of-date or incomplete.

womble
  • 95,029
  • 29
  • 173
  • 228