[lug] Socket Error

D. Stimits stimits at idcomm.com
Thu Aug 23 13:47:58 MDT 2001 

David wrote:
> 
> I think that I have a Linux (firewall?, or ?) configuration error; but
> it needs a little background explanation.
> 
> I am successfully accessing a remote machine over the net using a
> socket, which is established by a function call in a programme; the
> calling source code sees the socket access as a byte stream.  I have a
> lot of development to do and decided to create a stream by accessing a
> local file instead of the net; there is a standard call in the
> programming language to do this kind of access.  The changes in the
> function call are trivially different for the two cases, which makes
> me think that I have a Linux system problem.  Also, the error messages
> strongly indicate something outside the programme.  I am hoping that
> someone will recognise symptoms of a Linux problem.
> 
> If the file does not exist I get this; pretty good: "No such file or
> directory".
> Error: creating a socket and connecting to remote socket nil resulted
>        in error (code 2): No such file or directory.
> 
> If the file exists I get this, even if the file permissions are wide
> open 777 all the way from /
> Error: "Connection refused" (errno 111) occured while
>        creating a socket and connecting to remote socket.
> 
> Since I am using a socket I wonder if my firewall, or ?, is getting in
> the way.
> 
> # Firewall configuration written by lokkit
> # Manual customization of this file is not recommended.
> # Note: ifup-post will punch the current nameservers through the
> #       firewall; such entries will *not* be listed here.
> :input ACCEPT
> :forward ACCEPT
> :output ACCEPT
> -A input -s 0/0 -d 0/0 -i lo -j ACCEPT
> -A input -s 216.17.128.1 53 -d 0/0 -p udp -j ACCEPT
> -A input -s 216.17.128.2 53 -d 0/0 -p udp -j ACCEPT
> -A input -s 0/0 -d 0/0 -p tcp -y -j REJECT
> -A input -s 0/0 -d 0/0 -p udp -j REJECT

Add "-l" to enable logging on the REJECT lines, then (asssuming RH 7.x)
restart ipchains (assuming this instead of iptables) via:
/etc/rc.d/init.d/ipchains restart

Test that ipchains really runs (do not use /etc/rc.d/init.d/ipchains for
this):
ipchains -L -n
(if rules spit out, it is running)

Monitor /var/log/messages with "tail -f -n 30 /var/log/messages" while
trying your app. It'll tell you if it is the firewall doing the
rejection.

In any other case, it probably means that your X11 ports do not have any
sort of daemon set to accept tcp/ip (local uses udp). The related
possibility is authentication failure (a recent topic).

D. Stimits, stimits at idcomm.com


> 
> dajo
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug

More information about the LUG mailing list