Hi Wes, re: > Thanks for all the help again! No worries. re: > I am the system admin on this server, so I feel pretty comfortable with the > setup. Just haven't done all the minute things associated with this before. OK, sounds good. re: > I didn't realize SELINUX was on, so that has been changed. I will restart > the machine shortly, especially after I get the boot script worked out. I > can handle emailed instructions on this, just need to know what to do as > root for this. I am attaching an example script for you to use as a template. The only changes you may need to make will be at the top of the script (and I think that I have setup those entries to match your LDM installation). The other thing you will need to do after you copy the LDM start on boot script to /etc/init.d/ldmd is: <as 'root'> chkconfig --add ldmd re: > I will verify that port 388 is not being blocked on the campus-wide network > with the campus sysadmin. You can check that outbound access to port 388 is being blocked somewhere by: - install telnet yum install telnet - telnet idd.unidata.ucar.edu 388 Success will look like: Trying 128.117.140.3... Connected to idd.unidata.ucar.edu. Escape character is '^]'. Break out of this with CTRL-] re: > My IPTABLES look as follows (after accidentally > executing the iptables command suggested in the Preinstall directions > twice): > Chain INPUT (policy ACCEPT) > target prot opt source destination > ACCEPT all -- anywhere anywhere state > RELATED,ESTABLISHED > ACCEPT icmp -- anywhere anywhere > ACCEPT all -- anywhere anywhere > ACCEPT all -- anywhere anywhere > ACCEPT tcp -- anywhere anywhere state NEW tcp > dpt:domain > ACCEPT udp -- anywhere anywhere state NEW udp > dpt:domain > ACCEPT tcp -- anywhere anywhere state NEW tcp > dpt:ftp > ACCEPT ah -- anywhere anywhere > ACCEPT esp -- anywhere anywhere > ACCEPT udp -- anywhere anywhere state NEW udp > dpt:isakmp > ACCEPT tcp -- anywhere anywhere state NEW tcp > dpt:smtp > ACCEPT udp -- anywhere 224.0.0.251 state NEW udp > dpt:mdns > ACCEPT tcp -- anywhere anywhere state NEW tcp > dpt:nfs > ACCEPT udp -- anywhere anywhere state NEW udp > dpt:openvpn > ACCEPT tcp -- anywhere anywhere state NEW tcp > dpt:https > ACCEPT tcp -- anywhere anywhere state NEW tcp > dpt:ssh > ACCEPT udp -- anywhere anywhere state NEW udp > dpt:tftp > ACCEPT tcp -- anywhere anywhere state NEW tcp > dpt:http > REJECT all -- anywhere anywhere reject-with > icmp-host-prohibited > ACCEPT tcp -- anywhere anywhere tcp > dpt:unidata-ldm > ACCEPT tcp -- anywhere anywhere tcp > dpt:unidata-ldm > > Chain FORWARD (policy ACCEPT) > target prot opt source destination > ACCEPT all -- anywhere anywhere state > RELATED,ESTABLISHED > ACCEPT icmp -- anywhere anywhere > ACCEPT all -- anywhere anywhere > ACCEPT all -- anywhere anywhere > REJECT all -- anywhere anywhere reject-with > icmp-host-prohibited > > Chain OUTPUT (policy ACCEPT) > target prot opt source destination I always find it easier to look at iptables directly: less /etc/sysconfig/iptables re: > I suspect that I just need to add in a few things here. iptables out of the box for CentOS 6.x does _not_ block any outbound requests (my development environment is a CentOS 6.5 x86_64 VMware Player virtual machine). In order to block outbound requests, someone would have to have purposefully made a change; I suspect that this is at your campus level. re: > Help on this would > be great, too. (Never worked with the iptables much before, so I'm > learning that right now.) We can give you help on how to configure your iptables after we know more about what you want open, and what you want closed. Cheers, Tom -- **************************************************************************** Unidata User Support UCAR Unidata Program (303) 497-8642 P.O. Box 3000 address@hidden Boulder, CO 80307 ---------------------------------------------------------------------------- Unidata HomePage http://www.unidata.ucar.edu **************************************************************************** Ticket Details =================== Ticket ID: DQQ-790553 Department: Support IDD Priority: Normal Status: Closed
Attachment:
ldmd.boot
Description: Binary data