Ubuntu
arno-iptables-firewall package

arno firewall let port tcp/5298 open

Bug #473561 reported by Alain Baeckeroot
14
This bug affects 2 people
Affects Status Importance Assigned to Milestone
arno-iptables-firewall (Debian)
Fix Released
Unknown
arno-iptables-firewall (Ubuntu)
New
Undecided
Unassigned
Nominated for Karmic by Alain Baeckeroot

Bug Description

Binary package hint: arno-iptables-firewall

i just installed and configured arno, with very standard and simple settings, and
1/ there is an error
2/ one port tcp/5298 is still open and i did not asked for it
-------------------------
-------------------------
$ cat /etc/arno-iptables-firewall/debconf.cfg
#######################################################################
# Feel free to edit this file. However, be aware that debconf writes #
# to (and reads from) this file too. In case of doubt, only use #
# 'dpkg-reconfigure -plow arno-iptables-firewall' to edit this file. #
# If you really don't want to use debconf, or if you have specific #
# needs, you're likely better off using #
# /etc/arno-iptables-firewall/custom-rules. Also see README.Debian. #
#######################################################################
DC_EXT_IF="eth0 wlan0"
DC_EXT_IF_DHCP_IP=1
DC_OPEN_TCP="22 80 5222 5223"
DC_OPEN_UDP="5222 5223"
DC_INT_IF=""
DC_NAT=0
DC_INTERNAL_NET=""
DC_NAT_INTERNAL_NET=""
DC_OPEN_ICMP=1
-------------------------
-------------------------
$ nmap 192.168.0.10

Starting Nmap 5.00 ( http://nmap.org ) at 2009-11-04 01:00 CET
Interesting ports on 192.168.0.10:
Not shown: 997 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
5298/tcp open unknown

Nmap done: 1 IP address (1 host up) scanned in 0.18 seconds
-------------------------
-------------------------
# dpkg-reconfigure arno-iptables-firewall
Restarting Arno's Iptables Firewall...(1) iptables: Bad rule (does a matching rule exist in that chain?).
done.

this error message appears during installation and at reconfiguration.

ProblemType: Bug
Architecture: i386
Date: Wed Nov 4 00:55:46 2009
DistroRelease: Ubuntu 9.10
NonfreeKernelModules: fglrx
Package: arno-iptables-firewall 1.9.2.a-1
PackageArchitecture: all
ProcEnviron:
 LANGUAGE=
 PATH=(custom, user)
 LANG=fr_FR.UTF-8
 SHELL=/bin/bash
ProcVersionSignature: Ubuntu 2.6.31-14.48-generic
SourcePackage: arno-iptables-firewall
Uname: Linux 2.6.31-14-generic i686

See original description
Revision history for this message
Alain Baeckeroot (alain-baeckeroot) wrote :
Revision history for this message
Alain Baeckeroot (alain-baeckeroot) wrote :

no clue in the log

# cat /var/log/arno-iptables-firewall
Nov 04 0:28:14 ** Restarting Arno's Iptables Firewall v1.9.2a **
Nov 04 0:28:15 ** All firewall rules applied **
Nov 04 0:32:30 ** Stopping Arno's Iptables Firewall v1.9.2a **
Nov 04 0:32:35 ** Starting Arno's Iptables Firewall v1.9.2a **
Nov 04 0:32:36 ** All firewall rules applied **
Nov 04 0:38:40 ** Restarting Arno's Iptables Firewall v1.9.2a **
Nov 04 0:38:41 ** All firewall rules applied **
Nov 04 0:45:52 ** Restarting Arno's Iptables Firewall v1.9.2a **
Nov 04 0:45:54 ** All firewall rules applied **
Nov 04 0:49:15 ** Restarting Arno's Iptables Firewall v1.9.2a **
Nov 04 0:49:16 ** All firewall rules applied **
Nov 04 0:52:39 ** Restarting Arno's Iptables Firewall v1.9.2a **
Nov 04 0:53:22 ** Restarting Arno's Iptables Firewall v1.9.2a **
Nov 04 0:53:24 ** All firewall rules applied **

Revision history for this message
Alain Baeckeroot (alain-baeckeroot) wrote :

i had a chat opened with empathy, i guess the established connection prevented arno from blocking everything.

I don't know if this is normal, if so i'm sorry for the trouble.

Marc Deslauriers (mdeslaur)
security vulnerability: yes → no
visibility: private → public
Ali Najand (ali-najand)
description: updated
Bug Watch Updater (bug-watch-updater)
Changed in arno-iptables-firewall (Debian):
status: Unknown → New
Bug Watch Updater (bug-watch-updater)
Changed in arno-iptables-firewall (Debian):
status: New → Fix Released
Revision history for this message
Trinh Phuoc Thai (tphuocthai) wrote :

The port is opened by Empathy. You can close it by Disable account call "People nearby" in the Edit -> Accounts menu

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.