Here's the iptables config we have on startup (as root):
iptables -A INPUT -p tcp -m tcp --dport 388 -j ACCEPT
> iptables -A INPUT -p udp -m udp --dport 388 -j ACCEPT
> iptables -A INPUT -p tcp --dport 111 -j REJECT
> iptables -A INPUT -p udp --dport 111 -j REJECT
> iptables-save
...and here's how it looks right now on the server:
root@tampa2:~# iptables -L -n
> Chain INPUT (policy ACCEPT)
> target prot opt source destination
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:388
> ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:388
> REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:111
> reject-with icmp-port-unreachable
> REJECT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:111
> reject-with icmp-port-unreachable
>
Chain FORWARD (policy ACCEPT)
> target prot opt source destination
>
Chain OUTPUT (policy ACCEPT)
> target prot opt source destination
>
Chain fail2ban-ssh (0 references)
> target prot opt source destination
On Tue, Oct 14, 2014 at 7:11 PM, Blair Trosper <
blair.trosper@xxxxxxxxxxxxxxxxxxx> wrote:
> So, I have a peer with Texas A&M, but there's some connectivity in LDM or
> on the network. I've never seen LDM do this before...wondering if anyone
> can look at this and translate or infer what the problem might be (and why
> our two servers cannot communicate, despite both being configured
> correctly):
>
> ("tampa2" is the name of my server. "ldm.tamu.edu" is obviously the
> provider for the NEXRAD2 tree we're trying to pull in. Timestamps are in
> CDT.)
>
> Oct 15 00:05:11 tampa2 ldm.tamu.edu[12722] NOTE: Upstream LDM-6 on
>> ldm.tamu.edu is willing to be a primary feeder
>> Oct 15 00:06:11 tampa2 idd.tamu.edu[12728] NOTE: LDM-6 desired
>> product-class: 20141014230611.274 TS_ENDT {{NEXRAD2, ".*"},{NONE,
>> "SIG=d90827bd9b8c57b904988119b45c1d57"}}
>> Oct 15 00:06:11 tampa2 ldm.tamu.edu[12727] NOTE: [svc_tcp.c:353] EOF on
>> socket 3
>> Oct 15 00:06:11 tampa2 ldm.tamu.edu[12727] NOTE: one_svc_run(): RPC
>> layer closed connection
>> Oct 15 00:06:11 tampa2 ldm.tamu.edu[12727] NOTE: Connection to upstream
>> LDM closed: pid=20619
>
>
> ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙
> ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙
> Blair Trosper
> Updraft Networks
> NOC: 844-UPDRAFT
> Early Watch Notifications: http://twitter.com/weatherwatches
>
--
∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙
∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙ ∙
Blair Trosper
Updraft Networks
NOC: 844-UPDRAFT
Early Watch Notifications: http://twitter.com/weatherwatches