RSTP Port States
Hi,
Can anybody clarify the port states in RSTP.
Discarding, Learning & Forwarding.
Does the port state move to 'Blocking' after it finds a redundant link or 'Discarding'
Regards,
Pratik
Hello Pratik,
a good review of port roles can be found f.e. at
http://www.cisco.com/en/US/products/hw/switches/ps628/products_configuration_guide_chapter09186a00800d84bc.html#1034652
and a description of the "Sequence of Events During Rapid Convergence", which includes what port state can follow which other port state can be found at
http://www.cisco.com/en/US/products/hw/switches/ps628/products_configuration_guide_chapter09186a00800d84bc.html#10743
Hope this helps! Please rate all posts.
Regards, Martin
Similar Messages
-
Port State Coloring in Prime Optical
We are in the process of changing from CTM to Prime Optical. I can't seem to find the Port State Coloring option in the Prime Optical Control Panel. Is this option no longer available, or am I looking in the wrong Place?
Thanks SteveWe're experiencing similar problem when syslog for STP loop (severity 2) is received, recognized as critical but no alarm is created.
-
Hello,Dear forum participants,
I apologize if my question does not match this thread.
I want to get RSTP Port Role from CiscoWS-Catalist 3750 48TS-S IOS 12.2(SE)50 using third side SNMP Client.
I have found interesting parameter here: ftp://ftp.cisco.com/pub/mibs/v2/CISCO-STP-EXTENSIONS-MIB.my. it is stpxRSTPPortRoleValue with
1.3.6.1.4.1.9.9.82.1.12.2.1.3 OID
I have successfully done snmpwalk command on my catalist:
snmpwalk -v2c -c <comuniry> <ip> .1.3.6.1.4.1.9.9.82.1.12.2.1.3
SNMPv2-SMI::enterprises.9.9.82.1.12.2.1.3.32.51 = INTEGER: 3
SNMPv2-SMI::enterprises.9.9.82.1.12.2.1.3.33.3 = INTEGER: 3
SNMPv2-SMI::enterprises.9.9.82.1.12.2.1.3.33.51 = INTEGER: 2
SNMPv2-SMI::enterprises.9.9.82.1.12.2.1.3.34.5 = INTEGER: 3
SNMPv2-SMI::enterprises.9.9.82.1.12.2.1.3.34.51 = INTEGER: 2
SNMPv2-SMI::enterprises.9.9.82.1.12.2.1.3.35.7 = INTEGER: 3
SNMPv2-SMI::enterprises.9.9.82.1.12.2.1.3.35.51 = INTEGER: 2
SNMPv2-SMI::enterprises.9.9.82.1.12.2.1.3.36.9 = INTEGER: 3
SNMPv2-SMI::enterprises.9.9.82.1.12.2.1.3.36.51 = INTEGER: 2
SNMPv2-SMI::enterprises.9.9.82.1.12.2.1.3.37.11 = INTEGER: 3
SNMPv2-SMI::enterprises.9.9.82.1.12.2.1.3.37.51 = INTEGER: 2
SNMPv2-SMI::enterprises.9.9.82.1.12.2.1.3.38.13 = INTEGER: 3
SNMPv2-SMI::enterprises.9.9.82.1.12.2.1.3.38.51 = INTEGER: 2
SNMPv2-SMI::enterprises.9.9.82.1.12.2.1.3.39.15 = INTEGER: 3
SNMPv2-SMI::enterprises.9.9.82.1.12.2.1.3.39.51 = INTEGER: 2
SNMPv2-SMI::enterprises.9.9.82.1.12.2.1.3.40.17 = INTEGER: 3
SNMPv2-SMI::enterprises.9.9.82.1.12.2.1.3.40.51 = INTEGER: 2
SNMPv2-SMI::enterprises.9.9.82.1.12.2.1.3.48.50 = INTEGER: 3
SNMPv2-SMI::enterprises.9.9.82.1.12.2.1.3.69.48 = INTEGER: 3
SNMPv2-SMI::enterprises.9.9.82.1.12.2.1.3.69.51 = INTEGER: 3
SNMPv2-SMI::enterprises.9.9.82.1.12.2.1.3.126.35 = INTEGER: 3
SNMPv2-SMI::enterprises.9.9.82.1.12.2.1.3.126.36 = INTEGER: 3
SNMPv2-SMI::enterprises.9.9.82.1.12.2.1.3.126.51 = INTEGER: 2
SNMPv2-SMI::enterprises.9.9.82.1.12.2.1.3.232.51 = INTEGER: 2
SNMPv2-SMI::enterprises.9.9.82.1.12.2.1.3.500.44 = INTEGER: 3
SNMPv2-SMI::enterprises.9.9.82.1.12.2.1.3.500.45 = INTEGER: 3
SNMPv2-SMI::enterprises.9.9.82.1.12.2.1.3.500.46 = INTEGER: 5
SNMPv2-SMI::enterprises.9.9.82.1.12.2.1.3.500.51 = INTEGER: 3
SNMPv2-SMI::enterprises.9.9.82.1.12.2.1.3.501.51 = INTEGER: 3
1. What is the meaning of the suffix .500.51, .48.50 etc.?
2. What are the rules of indexing? How can I get RSTPPortRole of the port Fa1/0/1? As I understand STP-EXTENSIONS MIB is not correlate with IF-MIB. http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080157626.shtml#core
Any suggestions
Thanks!
Best Regards,
Igor Yumatov1. The "500" and "48" parts of "500.51, .48.50" appear to be VLAN numbers on your device.
2. There're two books that seem to address this question:
http://www.google.com/search?tbm=bks&hl=en&q=stpxRSTPPortRoleValue&btnG=#hl=en&q=stpxRSTPPortRoleValue&um=1&ie=UTF-8&tbo=u&tbm=bks -
Receiving email notification of port state changes
Hello
I have a small SAN comprising 4 x MDS9509's and a Fabric Manager Server.
The FMS is set to email fabric events, but it doesn't email on port state changes i.e. IF_DOWN_LINK_FAILURE and IF_UP. I'm assuming this is because they are not actual fabric changes.
What is the best way for me to be able to receive email notification of these changes?
Thanks
StevenYou can use callhome
MDS(config)# ip domain-lookup
MDS(config)# ip name-server
MDS(config)# snmp-server contact
MDS(config)# callhome
MDS(config-callhome)# email-contact <[email protected]>
MDS(config-callhome)# phone-contact
MDS(config-callhome)# streetaddress
MDS(config-callhome)# enable
MDS(config-callhome)# transport email from <[email protected]>
MDS(config-callhome)# transport email smtp-server
MDS(config-callhome)# no destination-profile short-txt-destination alert-group All
MDS(config-callhome)# destination-profile short-txt-destination alert-group Syslog-group-port
MDS(config-callhome)# destination-profile short-txt-destination email-addr <[email protected]
MDS(config-callhome)# no duplicate-message throttle
Regards,
Roman -
SPA2102 FXS port state monitoring
Hi all,
Is there any way to get FXS port state for LinkSys SPA2102 VoIP adapter (i.e. is there a phone that connected to it or not) remotely, for example, via SNMP ?
Thanks.Here's the bug ID: CSCse15025
Doubt the NM is faulty - we had the same issue in a 2821 and migrated to 12.4(4)T4 to correct it. No hardware replacement required. All has worked fine since then.
HTH
Tom -
Fxs ports state unknown cisco 1861
Hello ,
Cisco router 1861 the ports are unkown state .
I tried 'mgcp' 'no mgcp'
show ccm
Primary Registered 172.26.4.2
First Backup Backup Ready 172.26.4.1
Second Backup None
Current active Call Manager: 172.26.4.2
Backhaul/Redundant link port: 2428
Failover Interval: 30 seconds
Keepalive Interval: 15 seconds
Last keepalive sent: 09:44:49 UTC Dec 25 2013 (elapsed time: 00:00:13)
Last MGCP traffic time: 09:44:49 UTC Dec 25 2013 (elapsed time: 00:00:13)
Last failover time: 11:30:26 UTC Dec 22 2013 from (172.26.4.2)
Last switchback time: 11:31:11 UTC Dec 22 2013 from (172.26.4.1)
Switchback mode: Immediate
MGCP Fallback mode: Enabled/OFF
Last MGCP Fallback start time: 04:54:21 UTC Dec 8 2013
Last MGCP Fallback end time: 11:25:42 UTC Dec 22 2013
MGCP Download Tones: Disabled
TFTP retry count to shut Ports: 2
FAX mode: disable
Configuration Error History:
store179#show mgcp endpoint
aaln/S0/SU0/0@store179
aaln/S0/SU0/1@store179
aaln/S0/SU0/2@store179
aaln/S0/SU0/3@store179
aaln/S0/SU1/1@store179
PORT CH SIG-TYPE ADMIN OPER STATUS STATUS EC
=============== == ============ ===== ==== ======== ======== ==
0/0/0 -- fxs-ls up dorm on-hook idle y
0/0/1 -- fxs-ls up dorm on-hook idle y
0/0/2 -- fxs-ls up dorm on-hook idle y
0/0/3 -- fxs-ls up dorm on-hook idle y
0/1/0 -- fxo-ls up down idle off-hook y
PORT CH SIG-TYPE ADMIN OPER STATUS STATUS EC
=============== == ============ ===== ==== ======== ======== ==
0/0/0 -- fxs-ls up dorm on-hook idle y
0/0/1 -- fxs-ls up dorm on-hook idle y
0/0/2 -- fxs-ls up dorm on-hook idle y
0/0/3 -- fxs-ls up dorm on-hook idle y
0/1/0 -- fxo-ls up down idle off-hook y
I have dial-peers for the ports .
Any ideas ?Debug mgcp packets
*Dec 25 13:13:25.808: MGCP Packet sent to 172.26.4.2:2427--->
NTFY 257951726 *@store179.super-pharm.co.il MGCP 0.1
X: 0
O:
<---
*Dec 25 13:13:25.820: MGCP Packet received from 172.26.4.2:2427--->
200 257951726
<---
conf t
Enter configuration commands, one per line. End with CNTL/Z.
store179(config)#no mgcp
WARNING: no mgcp: Teardown MGCP application may take a while to clean up resources
store179(config)#
*Dec 25 13:13:36.220: MGCP Packet sent to 172.26.4.2:2427--->
RSIP 257951727 *@store179.super-pharm.co.il MGCP 0.1
RM: graceful
RD: 0
<---
*Dec 25 13:13:36.228: %MGCP_APP-6-MGCP_SHUTDOWN_COMPLETE: MGCP Shutdown has completed
mgcp
store179(config)#
*Dec 25 13:13:46.980: MGCP Packet sent to 172.26.4.2:2427--->
RSIP 257951729 *@store179.super-pharm.co.il MGCP 0.1
RM: restart
<---
*Dec 25 13:13:47.004: MGCP Packet received from 172.26.4.2:2427--->
200 257951729
<---
*Dec 25 13:13:47.008: MGCP Packet received from 172.26.4.2:2427--->
RQNT 34773851 AALN/S0/SU0/[email protected] MGCP 0.1
X: 2
R: L/hd
Q: process,loop
<---
*Dec 25 13:13:47.008: MGCP Packet sent to 172.26.4.2:2427--->
200 34773851 OK
<---
*Dec 25 13:13:47.008: MGCP Packet received from 172.26.4.2:2427--->
RQNT 34773852 AALN/S0/SU0/[email protected] MGCP 0.1
X: 2
R: L/hd
Q: process,loop
<---
*Dec 25 13:13:47.012: MGCP Packet sent to 172.26.4.2:2427--->
200 34773852 OK
<---
*Dec 25 13:13:47.012: MGCP Packet received from 172.26.4.2:2427--->
RQNT 34773853 AALN/S0/SU0/[email protected] MGCP 0.1
X: 2
R: L/hd
Q: process,loop
<---
*Dec 25 13:13:47.012: MGCP Packet sent to 172.26.4.2:2427--->
200 34773853 OK
<---
*Dec 25 13:13:47.012: MGCP Packet received from 172.26.4.2:2427--->
RQNT 34773854 AALN/S0/SU1/[email protected] MGCP 0.1
X: 0
R: L/hd
Q: process,loop
<---
*Dec 25 13:13:47.016: MGCP Packet sent to 172.26.4.2:2427--->
200 34773854 OK
<---
*Dec 25 13:13:47.016: MGCP Packet received from 172.26.4.2:2427--->
RQNT 34773855 AALN/S0/SU0/[email protected] MGCP 0.1
X: 2
R: L/hd
Q: process,loop
<---
*Dec 25 13:13:47.016: MGCP Packet sent to 172.26.4.2:2427--->
200 34773855 OK
<---
*Dec 25 13:13:47.020: MGCP Packet sent to 172.26.4.2:2427--->
NTFY 257951731 *@store179.super-pharm.co.il MGCP 0.1
X: 0
O:
<---
*Dec 25 13:13:47.020: MGCP Packet received from 172.26.4.2:2427--->
AUEP 34773856 AALN/S0/SU0/[email protected] MGCP 0.1
F: X, A, I
<---
*Dec 25 13:13:47.024: MGCP Packet sent to 172.26.4.2:2427--->
200 34773856
I:
X: 2
L: p:10-20, a:PCMU;PCMA;G.nX64, b:64, e:on, gc:1, s:on, t:10, r:g, nt:IN;ATM, v:L;G;D;T;H
L: p:10-220, a:G.729;G.729a;G.729b, b:8, e:on, gc:1, s:on, t:10, r:g, nt:IN;ATM, v:L;G;D;T;H
L: p:10-110, a:G.726-16;G.728, b:16, e:on, gc:1, s:on, t:10, r:g, nt:IN;ATM, v:L;G;D;T;H
L: p:10-70, a:G.726-24, b:24, e:on, gc:1, s:on, t:10, r:g, nt:IN;ATM, v:L;G;D;T;H
L: p:10-50, a:G.726-32, b:32, e:on, gc:1, s:on, t:10, r:g, nt:IN;ATM, v:L;G;D;T;H
L: p:30-270, a:G.723.1-H;G.723;G.723.1a-H, b:6, e:on, gc:1, s:on, t:10, r:g, nt:IN;ATM, v:L;G;D;T;H
L: p:30-330, a:G.723.1-L;G.723.1a-L, b:5, e:on, gc:1, s:on, t:10, r:g, nt:IN;ATM, v:L;G;D;T;H
M: sendonly, recvonly, sendrecv, inactive, loopback, conttest, data, netwloop, netwtest
<---
*Dec 25 13:13:47.024: MGCP Packet received from 172.26.4.2:2427--->
AUEP 34773857 AALN/S0/SU0/[email protected] MGCP 0.1
F: X, A, I
<---
*Dec 25 13:13:47.024: MGCP Packet sent to 172.26.4.2:2427--->
200 34773857
I:
X: 2
L: p:10-20, a:PCMU;PCMA;G.nX64, b:64, e:on, gc:1, s:on, t:10, r:g, nt:IN;ATM, v:L;G;D;T;H
L: p:10-220, a:G.729;G.729a;G.729b, b:8, e:on, gc:1, s:on, t:10, r:g, nt:IN;ATM, v:L;G;D;T;H
L: p:10-110, a:G.726-16;G.728, b:16, e:on, gc:1, s:on, t:10, r:g, nt:IN;ATM, v:L;G;D;T;H
L: p:10-70, a:G.726-24, b:24, e:on, gc:1, s:on, t:10, r:g, nt:IN;ATM, v:L;G;D;T;H
L: p:10-50, a:G.726-32, b:32, e:on, gc:1, s:on, t:10, r:g, nt:IN;ATM, v:L;G;D;T;H
L: p:30-270, a:G.723.1-H;G.723;G.723.1a-H, b:6, e:on, gc:1, s:on, t:10, r:g, nt:IN;ATM, v:L;G;D;T;H
L: p:30-330, a:G.723.1-L;G.723.1a-L, b:5, e:on, gc:1, s:on, t:10, r:g, nt:IN;ATM, v:L;G;D;T;H
M: sendonly, recvonly, sendrecv, inactive, loopback, conttest, data, netwloop, netwtest
<---
*Dec 25 13:13:47.028: MGCP Packet received from 172.26.4.2:2427--->
AUEP 34773858 AALN/S0/SU0/[email protected] MGCP 0.1
F: X, A, I
<---
*Dec 25 13:13:47.028: MGCP Packet sent to 172.26.4.2:2427--->
200 34773858
I:
X: 2
L: p:10-20, a:PCMU;PCMA;G.nX64, b:64, e:on, gc:1, s:on, t:10, r:g, nt:IN;ATM, v:L;G;D;T;H
L: p:10-220, a:G.729;G.729a;G.729b, b:8, e:on, gc:1, s:on, t:10, r:g, nt:IN;ATM, v:L;G;D;T;H
L: p:10-110, a:G.726-16;G.728, b:16, e:on, gc:1, s:on, t:10, r:g, nt:IN;ATM, v:L;G;D;T;H
L: p:10-70, a:G.726-24, b:24, e:on, gc:1, s:on, t:10, r:g, nt:IN;ATM, v:L;G;D;T;H
L: p:10-50, a:G.726-32, b:32, e:on, gc:1, s:on, t:10, r:g, nt:IN;ATM, v:L;G;D;T;H
L: p:30-270, a:G.723.1-H;G.723;G.723.1a-H, b:6, e:on, gc:1, s:on, t:10, r:g, nt:IN;ATM, v:L;G;D;T;H
L: p:30-330, a:G.723.1-L;G.723.1a-L, b:5, e:on, gc:1, s:on, t:10, r:g, nt:IN;ATM, v:L;G;D;T;H
M: sendonly, recvonly, sendrecv, inactive, loopback, conttest, data, netwloop, netwtest
<---
*Dec 25 13:13:47.028: MGCP Packet received from 172.26.4.2:2427--->
AUEP 34773859 AALN/S0/SU1/[email protected] MGCP 0.1
F: X, A, I
<---
*Dec 25 13:13:47.032: MGCP Packet sent to 172.26.4.2:2427--->
200 34773859
I:
X: 0
L: p:10-20, a:PCMU;PCMA;G.nX64, b:64, e:on, gc:1, s:on, t:10, r:g, nt:IN;ATM, v:L;G;D;T;H
L: p:10-220, a:G.729;G.729a;G.729b, b:8, e:on, gc:1, s:on, t:10, r:g, nt:IN;ATM, v:L;G;D;T;H
L: p:10-110, a:G.726-16;G.728, b:16, e:on, gc:1, s:on, t:10, r:g, nt:IN;ATM, v:L;G;D;T;H
L: p:10-70, a:G.726-24, b:24, e:on, gc:1, s:on, t:10, r:g, nt:IN;ATM, v:L;G;D;T;H
L: p:10-50, a:G.726-32, b:32, e:on, gc:1, s:on, t:10, r:g, nt:IN;ATM, v:L;G;D;T;H
L: p:30-270, a:G.723.1-H;G.723;G.723.1a-H, b:6, e:on, gc:1, s:on, t:10, r:g, nt:IN;ATM, v:L;G;D;T;H
L: p:30-330, a:G.723.1-L;G.723.1a-L, b:5, e:on, gc:1, s:on, t:10, r:g, nt:IN;ATM, v:L;G;D;T;H
M: sendonly, recvonly, sendrecv, inactive, loopback, conttest, data, netwloop, netwtest
<---
*Dec 25 13:13:47.032: MGCP Packet received from 172.26.4.2:2427--->
AUEP 34773860 AALN/S0/SU0/[email protected] MGCP 0.1
F: X, A, I
<---
*Dec 25 13:13:47.032: MGCP Packet sent to 172.26.4.2:2427--->
200 34773860
I:
X: 2
L: p:10-20, a:PCMU;PCMA;G.nX64, b:64, e:on, gc:1, s:on, t:10, r:g, nt:IN;ATM, v:L;G;D;T;H
L: p:10-220, a:G.729;G.729a;G.729b, b:8, e:on, gc:1, s:on, t:10, r:g, nt:IN;ATM, v:L;G;D;T;H
L: p:10-110, a:G.726-16;G.728, b:16, e:on, gc:1, s:on, t:10, r:g, nt:IN;ATM, v:L;G;D;T;H
L: p:10-70, a:G.726-24, b:24, e:on, gc:1, s:on, t:10, r:g, nt:IN;ATM, v:L;G;D;T;H
L: p:10-50, a:G.726-32, b:32, e:on, gc:1, s:on, t:10, r:g, nt:IN;ATM, v:L;G;D;T;H
L: p:30-270, a:G.723.1-H;G.723;G.723.1a-H, b:6, e:on, gc:1, s:on, t:10, r:g, nt:IN;ATM, v:L;G;D;T;H
L: p:30-330, a:G.723.1-L;G.723.1a-L, b:5, e:on, gc:1, s:on, t:10, r:g, nt:IN;ATM, v:L;G;D;T;H
M: sendonly, recvonly, sendrecv, inactive, loopback, conttest, data, netwloop, netwtest
<---
*Dec 25 13:13:47.036: MGCP Packet received from 172.26.4.2:2427--->
200 257951731
<---
*Dec 25 13:13:48.004: MGCP Packet sent to 172.26.4.2:2427--->
RSIP 257951728 *@store179.super-pharm.co.il MGCP 0.1
RM: restart
<---
*Dec 25 13:13:48.036: MGCP Packet received from 172.26.4.2:2427--->
200 257951728
<---
store179(config)#
store179(config)#
store179(config)#
store179(config)#
store179(config)#
store179(config)#
store179(config)#u all
^
% Invalid input detected at '^' marker.
store179(config)#exit
store179#
*Dec 25 13:14:02.016: MGCP Packet sent to 172.26.4.2:2427--->
NTFY 257951732 *@store179.super-pharm.co.il MGCP 0.1
X: 0
O:
<---
*Dec 25 13:14:02.032: MGCP Packet received from 172.26.4.2:2427--->
200 257951732
it's not possiable to do the other debugs they stuck the router -
LMS 4.2 - Err-disable port state
Hello,
I'm trying to figure it out how exactly LMS learns about ports in err-disable state? Which MIB or command is used?
I have two ME3400 switches with err-disabled ports but LMS shows only the ports of one of the them. Both switches are ME-3400-24TS-A
and have the same IOS version (12.2(53)SE). I'm sure data collection is running fine because it updates the other discrepancies.
What i have tried by now:
- did an SNMP walk from LMS on CISCO-ERR-DISABLED-MIB - no info found there on port status
- did an SNMP walk from LMS on CISCO-STACK-MIB - I know that this MIB contains object portAdditionalOperStatus (1.3.6.1.4.1.9.5.1.4.1.1.23) which shows the operational status of the ports, but it seems that ME3400 does not support it (although it supports CISCO-STACK-MIB), because I cannot see the SNMP reponse in the trace:
========================================================================
The following is a SNMP walk of device 192.168.6.89 starting from .1.3.6.1.4.1.9.5.1.4.1.1.23
SNMP Walk Output
.1.3.6.1.4.1.9.5.1.4.1.1.23
CISCO-STACK-MIB::portAdditionalOperStatus = No Such Object available on this agent at this OID
========================================================================
So how does LMS knows which ports are in err-disable state?
Kind regards,
VelinHello,
The OID that LMS uses for detecting the err-disabled state of the ports is 1.3.6.1.4.1.9.9.548.1.3.1.1.2 (cErrDisableIfStatusCause) from CISCO-ERR-DISABLE-MIB
Velin -
I have a couple of Cat 500 express routers in a two building network connected with wireless access points. I had a wireless drop to due to a user unplugging the wireless AP and my switch put my port into disale state "due to traffic only passing in one direction" Is this something that i can avoid having to deal with in the future or is it software feature that you have to deal with on the lower end switches?
ok thanks i will give that a shot and see if that works. I remember though when I first set this site up I had set each of the ports on those two switches to Access Point...i wasnt able to pass traffic and hit another IP?? I had to set the port to Router in order for it work properly....
SW1---AP1======Bridge=====AP2---SW2
thats my layout....
thanks for the help... -
The computer is not seeing the usb connection to my canon Pixma IP 90 the USB port states Generic US
my computer shows generic usb hub and does not recognize my canon Pixma IP 90 printer when pluged into the usb port how to configure the usb port
you're in HP forum ....hehehe
not Canon...
Although I am working on behalf of HP, I am speaking for myself and not for HP.
Love Kudos! If you feel my post has helped you please click the White Kudos! Star just below my name : )
If you feel my answer has fixed your problem please click 'Mark As Solution' and make it easier for others to find help quickly : )
Happy Troubleshooting : ) -
Since my upgrade to 10.6.8 my ethernet port states "Cable unplugged"
Everything was fine with osx 10.6.7 but now i have upgraded to 10.6.8 the iMac ethernet port has reported Cable Unplugged. the Airport is fine.
I also tried to update to Lion and this has not improved the situation as most of my other hardware is not supported.
I have read many web bloggs on here about others having the same issue but no one has resolved the issue.
before I spen my next day downgrading to 10.6.7 again does anyone have a fix
I have also installed the 10.6.8 supp update but this made no dofferance
Help!!Hi Samir,
I wish!!
I have tried so many things, cleared PRM, started from a blank OS10.6.4, reapplied the Combo 10.6.8 1.1 update, deleted the ethernet port re-added it. all no joy upgraged to Lion and still have the issue.
I am staying with 10.6.8 but over wiseless at the mo' just because I do not have any large data to transfer and my 300mb connection via Aiport is keeping up with day to day stuff.
Come on apple sorh this out, these sort of issue I expect from Windows pc where the hardware can be from many manufacturers but this is all Apple to quote Steve Jobs, .......it just works....... well let me tell you it does not!!!!
One day i will get this sorted
Haydon -
Browsers fail to load websites et Air Port states i have internet
Hi
All the sudden i have no internet, but my airport works fine yet not one browser loads a page, i tried another network and same thing., there are 4 other computers on the same network and they all work fine,
please adviseSystem Preferences>Network
Click the Assist Me button.
In the next window that pops up, click the Diagnostic button & do the necessary.
Also, run the Airport Utility app which is located inside the Utilities folder. -
Etherchannel showing down (SD) and ports are in "I" stand alone state
Hi,
Netapp server is connected to switch 6500 via trunk.
I configured a portchannel but it showing as down.take a look ar below output..
interface Port-channel248
description Netapp-server-1 po248
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 903
switchport mode trunk
switchport nonegotiate
no ip address
no shut
interface GigabitEthernet3/33
description server-1
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 903
switchport mode trunk
switchport nonegotiate
no ip address
speed 1000
udld port aggressive
spanning-tree portfast
channel-group 248 mode active
no shut
interface GigabitEthernet4/33
description cnndcfasp002a-e5d
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 903
switchport mode trunk
switchport nonegotiate
no ip address
speed 1000
udld port aggressive
spanning-tree portfast
channel-group 248 mode active
no shut
Switch-6500#sh etherchannel summary
Flags: D - down P - bundled in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3 S - Layer2
U - in use f - failed to allocate aggregator
M - not in use, minimum links not met
u - unsuitable for bundling
w - waiting to be aggregated
Number of channel-groups in use: 5
Number of aggregators: 5
Group Port-channel Protocol Ports
------+-------------+-----------+-----------------------------------------------
248 Po248(SD) LACP Gi3/33(I) Gi4/33(I)
#sh etherchannel detail
Group: 248
Group state = L2
Ports: 2 Maxports = 16
Port-channels: 1 Max Port-channels = 16
Protocol: LACP
Minimum Links: 0
Ports in the group:
Port: Gi3/33
Port state = Up Sngl-port-Bndl Mstr Not-in-Bndl
Channel group = 248 Mode = Active Gcchange = -
Port-channel = null GC = - Pseudo port-channel = Po248
Port index = 0 Load = 0x00 Protocol = LACP
Flags: S - Device is sending Slow LACPDUs F - Device is sending fast LACPDUs.
A - Device is in active mode. P - Device is in passive mode.
Local information:
LACP port Admin Oper Port Port
Port Flags State Priority Key Key Number State
Gi3/33 SA indep 32768 0xF8 0xF8 0x321 0x7D
Age of the port in the current state: 0d:02h:04m:58s
Port: Gi4/33
Port state = Up Sngl-port-Bndl Mstr Not-in-Bndl
Channel group = 248 Mode = Active Gcchange = -
Port-channel = null GC = - Pseudo port-channel = Po248
Port index = 0 Load = 0x00 Protocol = LACP
Flags: S - Device is sending Slow LACPDUs F - Device is sending fast LACPDUs.
A - Device is in active mode. P - Device is in passive mode.
Local information:
LACP port Admin Oper Port Port
Port Flags State Priority Key Key Number State
Gi4/33 SA indep 32768 0xF8 0xF8 0x421 0x7D
Age of the port in the current state: 0d:02h:04m:58s
Port-channels in the group:
Port-channel: Po248 (Primary Aggregator)
Age of the Port-channel = 7d:16h:30m:16s
Logical slot/port = 14/3 Number of ports = 0
Port state = Port-channel Ag-Not-Inuse
Protocol = LACP
Any one please let me know what is the issue here...
Thanks
GauthamExactly, the 6500 config is fine, probably the NETAPP is not active or passive and it's just ON that won't work
show lacp 248 neighbor will show if you have a neighbor and if the LACP id is the same on both ports
Core1#sh lacp 2 neighbor
Flags: S - Device is requesting Slow LACPDUs
F - Device is requesting Fast LACPDUs
A - Device is in Active mode P - Device is in Passive mode
Channel group 2 neighbors
Partner's information:
Partner Partner LACP Partner Partner Partner Partner Partner
Port Flags State Port Priority Admin Key Oper Key Port Number Port State
Gi1/7/10 SA bndl 32768 0x0 0x1 0x11A 0x3D
Gi2/7/10 SA bndl 32768 0x0 0x1 0x31D 0x3D
cheers -
Receiving BPDU on a designated port (STP)
Hello,
In a STP converged network, what swtich will do if it receives a superior BPDU (of same root) on a designated port? Will it instantly put its root port into blocking mode and transitions the designated port from listening, learning to forwarding?
ThanksFirst a demonstration with PVST+ with the following topology:
SW2 has E0/0 as as root port towards SW1. The cost of links has been modified to make it easy to change the forwarding path.
SW2#sh span
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 16385
Address aabb.cc00.0100
Cost 1000
Port 1 (Ethernet0/0)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address aabb.cc00.0200
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 15 sec
Interface Role Sts Cost Prio.Nbr Type
Et0/0 Root FWD 1000 128.1 P2p
Et0/1 Desg FWD 1000 128.2 P2p
Now to remove the cost on the E0/0 interface of SW3 and E0/1 interface of SW2. This should make SW3 send a better BPDU making SW2 change its root port.
SW2(config)#int e0/1
SW2(config-if)#no span cost 1000
SW3(config)#int e0/0
SW3(config-if)#no span cost 1000
SW2 immediately changes port E0/1 to root and blocks on the alternate port.
Jan 2 08:32:43.840: STP: VLAN0001 new root port Et0/1, cost 200
Jan 2 08:32:43.840: STP: VLAN0001 sent Topology Change Notice on Et0/1
Jan 2 08:32:43.840: STP[1]: Generating TC trap for port Ethernet0/0
Jan 2 08:32:43.840: STP: VLAN0001 Et0/0 -> blocking
Because SW3 is now designated on E0/1 it has to bring it through listening -> learning -> forwarding.
Jan 2 08:32:42.011: STP: VLAN0001 Et0/1 -> listening
Jan 2 08:32:43.840: STP: VLAN0001 Topology Change rcvd on Et0/1
Jan 2 08:32:43.840: STP: VLAN0001 sent Topology Change Notice on Et0/0
Jan 2 08:32:57.016: STP: VLAN0001 Et0/1 -> learning
Jan 2 08:33:12.020: STP[1]: Generating TC trap for port Ethernet0/1
Jan 2 08:33:12.020: STP: VLAN0001 sent Topology Change Notice on Et0/0
Jan 2 08:33:12.020: STP: VLAN0001 Et0/1 -> forwarding
This took roughly 30 seconds in total because the forward delay timer is 15 seconds so it spends 15 seconds in listening and 15 seconds in learning before moving to forwarding.
This is what 802.1D-1998 says:
8.3.4 Changing Port State
Since there are propagation delays in passing protocol information throughout a Bridged LAN, there cannot
be a sharp transition from one active topology to another. Topology changes may take place at different
times in different parts of the Bridged LAN and to move a Bridge Port directly from nonparticipation in the
active topology to the Forwarding State would be to risk having temporary data loops and the duplication
and misordering of frames. It is also desirable to allow other Bridges time to reply to inferior protocol information
before starting to forward frames.
Bridge Ports must therefore wait for new topology information to propagate throughout the Bridged LAN,
and for the frame lifetime of any frames forwarded using the old active topology to expire, before forwarding
frames.
During this time it is also desirable to time out station location information in the Filtering Database that
may no longer be true and, during the latter part of this interval, to learn new station location information in
order to minimize the effect of initial flooding of frames when the Port enters a Forwarding State. When the
algorithm decides that a Port should be put into the Forwarding State, it is, therefore, first put into a Listening
State where it waits for protocol information that suggests it should return to the Blocking State, and for
the expiry of a protocol timer that would move it into a Learning State. In the Learning State, it still blocks
the forwarding of frames, but learned station location information is included by the Learning Process in the
Filtering Database. Finally the expiry of a protocol timer moves it into the Forwarding State where both forwarding
of relayed frames and learning of station location information are enabled.
Figure 8-3 shows the transitions between the Port States.
So only ports that move to forwarding must go through listening and learning.
8.3.5 Notifying topology changes
In normal stable operation, station location information in the Filtering Database need only change as a consequence
of the physical relocation of stations. It may, therefore, be desirable to employ a long ageing time
for entries in the Filtering Database, especially as many end stations transmit frames following power-up
after relocation, which would cause station location information to be relearned.
However, when the active topology of a Bridged LAN reconfigures, end stations may appear to move from
the point of view of a Bridge in the network. This is true even if the states of the Ports on that Bridge have
not changed. It is necessary for station location to be relearned following a change in the active topology,
even if only part of the Bridged LAN has reconfigured.
The Spanning Tree Algorithm and Protocol provide procedures for a Bridge that detects a change in active
topology to notify the Root of the change reliably, and for the Root subsequently to communicate the change
to all the Bridges. The Bridges then use a short value to age out dynamic entries in the Fitering Database for
a period.
Topology change was sent out the root port and reaching the root. This section of the standard describes how to make a port forwarding or blocking:
8.6.12 Make forwarding
8.6.12.1 Purpose
To permit a Port to participate in frame relay, following a suitable interval to ensure that temporary loops in
the Bridged LAN do not cause duplication of frames.
8.6.12.2 Use
As part of the Port State Selection procedure (8.6.11).
8.6.12.3 Procedure
If the Port State is Blocking, then
a) The Port State is set to Listening, and
b) The Forward Delay Timer for the Port is started.
8.6.13 Make blocking
8.6.13.1 Purpose
To terminate the participation of a Port in frame relay.
8.6.13.2 Use
As part of the Port State Selection procedure (8.6.11).
8.6.13.3 Procedure
If the Port is not in the Disabled or the Blocking State, then
a) If the Port is in the Forwarding or Learning State and the Change Detection Enabled parameter for
the Port is set, the Topology Change Detection procedure (8.6.14) is invoked;
b) The Port State for the Port is set to Blocking;
c) The Forward Delay Timer for the Port is stopped.
So ports that are forwarding can go to blocking immediately. Ports that are blocking must go through listening, learning before moving to forwarding. SW2 could change the role of its port from designated to root, the port was already in forwarding so it just changed the role, it didn't have to go through the different port phases.
SW3 had to change its E0/1 from blocking to designated so it had to go through all the phases first. This is how standard PVST+ works, if moving a port to forwarding it takes about 30 seconds before the network is converged.
For RPVST+ it's another story. It uses a synchronization process. Immediately after receiving superior BPDU it can act on the information and synchronize the topology.
SW2#sh span
VLAN0001
Spanning tree enabled protocol rstp
Root ID Priority 16385
Address aabb.cc00.0100
Cost 1000
Port 1 (Ethernet0/0)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address aabb.cc00.0200
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
Interface Role Sts Cost Prio.Nbr Type
Et0/0 Root FWD 1000 128.1 P2p
Et0/1 Desg FWD 1000 128.2 P2p
SW2(config)#int e0/1
SW2(config-if)#no span cost 1000
SW3(config)#int e0/0
SW3(config-if)#no span cost 1000
SW2:
Jan 2 08:53:41.445: RSTP(1): updt roles, received superior bpdu on Et0/1
Jan 2 08:53:41.445: RSTP(1): Et0/1 is now alternate
Jan 2 08:53:41.952: RSTP(1): updt roles, non-tracked event
Jan 2 08:53:41.952: RSTP(1): Et0/1 is now root port
Jan 2 08:53:41.952: RSTP(1): Et0/0 blocked by re-root
Jan 2 08:53:41.952: RSTP(1): Et0/0 is now alternate
Jan 2 08:53:41.957: STP[1]: Generating TC trap for port Ethernet0/1
SW3:
Jan 2 08:53:41.441: RSTP(1): updt roles, non-tracked event
Jan 2 08:53:41.441: RSTP(1): Et0/1 is now designated
Jan 2 08:53:41.445: RSTP(1): transmitting a proposal on Et0/1
Jan 2 08:53:41.445: RSTP(1): received an agreement on Et0/1
Jan 2 08:53:41.445: STP[1]: Generating TC trap for port Ethernet0/1
SW3 port towards SW2 became designated so it sent a proposal out that port and SW2 agreed on it changing its root port towards SW3.
I haven't synchronized the time but as you can see from the logs it took only half a second to synchronize the topology and reacting to change compared to 30 seconds with PVST+.
Daniel Dib
CCIE #37149
Please rate helpful posts. -
I am encountering a strange behavior in new zones created using zonemgr 2.0.6 (this is the only way I create zones, so I do not know if the issue is more general). When I create a new zone, two strange things are happening:
1. Immediately after the zone is created, no services are running, not even ssh
2. About 10 minutes later, a whole bunch of services are running. Most of these are not running on the global zone.
For reference, nmap output on the global zone is the following:
[dcomsm1@dcomsm1:~] $ nmap t2000
Starting Nmap 5.00 ( http://nmap.org ) at 2010-02-28 20:51 EST
Interesting ports on 131.247.16.134:
Not shown: 991 closed ports
PORT STATE SERVICE
22/tcp open ssh
111/tcp open rpcbind
2161/tcp open apc-agent
3052/tcp open powerchute
4045/tcp open lockd
32774/tcp open sometimes-rpc11
32775/tcp open sometimes-rpc13
32776/tcp open sometimes-rpc15
32777/tcp open sometimes-rpc17
The new zone is created using the following zonemgr arguments:
[root@t2000:~/zonecfgs] # more ./temp.sh
#!/usr/bin/bash
./zonemgr -a add -n drenkhah -z "/export/zones" -P "root_pw" -I "131.247.16.159|e1000g0|25|drenkhah" -R "/root|/usr/bin/bash" -s "basic|lock"
zone creation output is as follows:
[root@t2000:~/zonecfgs] # ./temp.sh
Checking to see if the zone IP address (131.247.16.159) is already in use...IP is available.
cannot create '/drenkhah': leading slash in name
chmod: WARNING: can't access /export/zones/drenkhah
chown: /export/zones/drenkhah: No such file or directory
Zone drenkhah will be placed in the following directory: /export/zones/drenkhah
Preparing to install zone <drenkhah>.
Creating list of files to copy from the global zone.
Copying <2568> files to the zone.
Initializing zone product registry.
Determining zone package initialization order.
Preparing to initialize <1042> packages on the zone.
Initialized <1042> packages on zone.
Zone <drenkhah> is initialized.
The file </export/zones/drenkhah/root/var/sadm/system/logs/install_log> contains a log of the zone installation.
Creating the sysidcfg file for automated zone configuration.
Booting zone for the first time.
Waiting for first boot tasks to complete.
Waiting for automatic post-install reboot to complete
Updating netmask information.
Updating /etc/inet/hosts of the global zone with the drenkhah IP information.
Generating ssh host keys. Details in the (/root/.zonemgr/zone28330-ssh.log) file.
svcadm: Pattern 'svc:/network/ssh' doesn't match any instances
Setting the root user's home directory to /root
Setting the root user's shell to /usr/bin/bash
Disabling un-necessary services via basic method for the default services.
Zone drenkhah is complete and ready to use.
nmap output just after creating the zone is as follows:
[dcomsm1@dcomsm1:~] $ nmap drenkhah
Starting Nmap 5.00 ( http://nmap.org ) at 2010-02-28 17:53 EST
All 1000 scanned ports on 131.247.16.159 are closed
Nmap done: 1 IP address (1 host up) scanned in 29.39 seconds
nmap output 17 minutes later is as follows:
[dcomsm1@dcomsm1:~] $ nmap drenkhah
Starting Nmap 5.00 ( http://nmap.org ) at 2010-02-28 18:10 EST
Interesting ports on 131.247.16.159:
Not shown: 986 closed ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
23/tcp open telnet
25/tcp open smtp
79/tcp open finger
111/tcp open rpcbind
513/tcp open login
514/tcp open shell
587/tcp open submission
4045/tcp open lockd
6112/tcp open dtspc
6788/tcp open unknown
6789/tcp open ibm-db2-admin
7100/tcp open font-service
Nmap done: 1 IP address (1 host up) scanned in 29.25 seconds
Note that there are many open ports
# uname -a
SunOS t2000 5.10 Generic_137137-09 sun4v sparc SUNW,Sun-Fire-T200
Thanks
ManishThe Leopard OS X firewall is application based and not port based. Honestly, I haven't played with it enough to know for certain how to answer your question.
But... when you do connection sharing, you're essentially doing a port based NAT for the systems on the other side of your Mac. This pretty much keeps you from initiating anything to the other system even without a local firewall unless you were to configure port forwarding.
As for blocking packets, you would need to use the 'ipfw' command to do things at the port level. -
Closed port for torrent with no iptables.rules
I have a home system with internet connection over a router. Firewall in the router seems to be disabled. I had installed guarddog and selected all the protocols that I need. There is no iptables in deamons line of rc.conf nor there is any iptables.rules files. There are 2 files in /etc/iptables, empty.rules and simple_firewall.rules. So, I wonder if any firewall is working at all in my system since guarddog is a frontend to iptables (i guess) and also is there any need for firewall since almost all the ports are closed.
Secondly, the main issue. I was using ktorrent and it was working fine until a few days ago. Now, bittorrent is not working. its not connecting at all. I tried deluge from community repo and tested the ports with http://www.deluge-torrent.org/test-port.php?port=6881 and it gave me this result:
TCP port 6881 closed on 121.247.200.189
UDP port 6881 open on 121.247.200.189
121.247.200.189 seems to be the ip of my isp as I got a dynamic one.
I am able to reach surf net but not able to download using bitorrent, however, both is possible in windows.
Taking clue from forum, i did nmap.
nmap on my router
[shantanu@bluehead ~]$ nmap 192.168.1.1
Starting Nmap 4.20 ( http://insecure.org ) at 2007-06-25 20:49 IST
Interesting ports on 192.168.1.1:
Not shown: 1679 filtered ports
PORT STATE SERVICE
21/tcp open ftp
23/tcp open telnet
53/tcp closed domain
80/tcp open http
443/tcp closed https
554/tcp closed rtsp
1755/tcp closed wms
2401/tcp closed cvspserver
5000/tcp closed UPnP
5001/tcp closed commplex-link
5050/tcp closed mmcc
6881/tcp closed bittorent-tracker
6969/tcp closed acmsoda
7070/tcp closed realserver
8000/tcp closed http-alt
8080/tcp closed http-proxy
8888/tcp closed sun-answerbook
11371/tcp closed pksd
Nmap finished: 1 IP address (1 host up) scanned in 27.653 seconds
nmap on my ip
[shantanu@bluehead ~]$ nmap 192.168.1.5
Starting Nmap 4.20 ( http://insecure.org ) at 2007-06-25 20:48 IST
Interesting ports on 192.168.1.5:
Not shown: 1696 closed ports
PORT STATE SERVICE
6000/tcp open X11
Nmap finished: 1 IP address (1 host up) scanned in 0.519 seconds
nmap on isp's ip displayed above.
[shantanu@bluehead ~]$ nmap 121.247.200.189
Starting Nmap 4.20 ( http://insecure.org ) at 2007-06-25 20:50 IST
Interesting ports on 121.247.200.189.bang-dynamic-bb.vsnl.net.in (121.247.200.189):
Not shown: 1679 filtered ports
PORT STATE SERVICE
21/tcp open ftp
23/tcp open telnet
53/tcp closed domain
80/tcp open http
443/tcp closed https
554/tcp closed rtsp
1755/tcp closed wms
2401/tcp closed cvspserver
5000/tcp closed UPnP
5001/tcp closed commplex-link
5050/tcp closed mmcc
6881/tcp closed bittorent-tracker
6969/tcp closed acmsoda
7070/tcp closed realserver
8000/tcp closed http-alt
8080/tcp closed http-proxy
8888/tcp closed sun-answerbook
11371/tcp closed pksd
Nmap finished: 1 IP address (1 host up) scanned in 30.573 seconds
Everywhere the bittorrent port seems to be closed. [b]How do I open this port?.[b/]
Last edited by ravisghosh (2007-06-25 21:09:55)@madeye, first of all thanks a lot for such elaborate help.
I used utorrent in windows and u r very much right that it uses UPnP. In deluge (bt client on arch), UPnP was there but disabled (shaded). Hence, I tried running utorrent using wine and it gave a error message "Unable to map UPnP port' and is not able to connect. So, UPnP is not working in my box.
Then I tried as you suggested "iptables -L" and it gave me the following results.
[shantanu@bluehead ~]$ sudo iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT 0 -- anywhere anywhere
ACCEPT udp -- anywhere anywhere udp spt:bootps dpt:bootpc
ACCEPT 0 -- 192.168.1.5 192.168.1.255
logaborted tcp -- anywhere anywhere state RELATED,ESTABLISHED tcp flags:RST/RST
ACCEPT 0 -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT icmp -- anywhere anywhere icmp parameter-problem
nicfilt 0 -- anywhere anywhere
srcfilt 0 -- anywhere anywhere
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT 0 -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT icmp -- anywhere anywhere icmp parameter-problem
srcfilt 0 -- anywhere anywhere
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT 0 -- anywhere anywhere
ACCEPT udp -- anywhere anywhere udp spt:bootpc dpt:bootps
ACCEPT 0 -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT icmp -- anywhere anywhere icmp parameter-problem
s1 0 -- anywhere anywhere
Chain f0to1 (3 references)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp dpts:6970:7170
ACCEPT icmp -- anywhere anywhere icmp echo-reply
ACCEPT tcp -- anywhere anywhere tcp spts:1024:65535 dpts:6881:6889 state NEW
logdrop 0 -- anywhere anywhere
Chain f1to0 (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:6969 state NEW
ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:http state NEW
ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:http-alt state NEW
ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:8008 state NEW
ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:8000 state NEW
ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:8888 state NEW
ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:ftp state NEW
ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:https state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:rtsp state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:7070 state NEW
ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:cvspserver state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:1755 state NEW
ACCEPT udp -- anywhere anywhere udp dpt:1755
ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:11371 state NEW
ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:5050 state NEW
ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:telnet state NEW
ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpts:5000:5001 state NEW
ACCEPT udp -- anywhere anywhere udp spts:1024:5999 dpt:5000
ACCEPT tcp -- anywhere anywhere tcp dpt:domain state NEW
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT icmp -- anywhere anywhere icmp echo-request
ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:5222 state NEW
ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:5223 state NEW
ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpts:6881:6889 state NEW
logdrop 0 -- anywhere anywhere
Chain logaborted (1 references)
target prot opt source destination
logaborted2 0 -- anywhere anywhere limit: avg 1/sec burst 10
LOG 0 -- anywhere anywhere limit: avg 2/min burst 1 LOG level warning prefix `LIMITED '
Chain logaborted2 (1 references)
target prot opt source destination
LOG 0 -- anywhere anywhere LOG level warning tcp-sequence tcp-options ip-options prefix `ABORTED '
ACCEPT 0 -- anywhere anywhere state RELATED,ESTABLISHED
Chain logdrop (4 references)
target prot opt source destination
logdrop2 0 -- anywhere anywhere limit: avg 1/sec burst 10
LOG 0 -- anywhere anywhere limit: avg 2/min burst 1 LOG level warning prefix `LIMITED '
DROP 0 -- anywhere anywhere
Chain logdrop2 (1 references)
target prot opt source destination
LOG 0 -- anywhere anywhere LOG level warning tcp-sequence tcp-options ip-options prefix `DROPPED '
DROP 0 -- anywhere anywhere
Chain logreject (0 references)
target prot opt source destination
logreject2 0 -- anywhere anywhere limit: avg 1/sec burst 10
LOG 0 -- anywhere anywhere limit: avg 2/min burst 1 LOG level warning prefix `LIMITED '
REJECT tcp -- anywhere anywhere reject-with tcp-reset
REJECT udp -- anywhere anywhere reject-with icmp-port-unreachable
DROP 0 -- anywhere anywhere
Chain logreject2 (1 references)
target prot opt source destination
LOG 0 -- anywhere anywhere LOG level warning tcp-sequence tcp-options ip-options prefix `REJECTED '
REJECT tcp -- anywhere anywhere reject-with tcp-reset
REJECT udp -- anywhere anywhere reject-with icmp-port-unreachable
DROP 0 -- anywhere anywhere
Chain nicfilt (1 references)
target prot opt source destination
RETURN 0 -- anywhere anywhere
RETURN 0 -- anywhere anywhere
RETURN 0 -- anywhere anywhere
logdrop 0 -- anywhere anywhere
Chain s0 (1 references)
target prot opt source destination
f0to1 0 -- anywhere 192.168.1.5
f0to1 0 -- anywhere 192.168.1.255
f0to1 0 -- anywhere bluehead.localdomain
logdrop 0 -- anywhere anywhere
Chain s1 (1 references)
target prot opt source destination
f1to0 0 -- anywhere anywhere
Chain srcfilt (2 references)
target prot opt source destination
s0 0 -- anywhere anywhere
That means iptables is not disabled and that firewall rules are setup by guarddog.
I removed guarding using "pacman -Rns guarddog" and rebooted. Still get the same results with utorrent and "iptables -L" and also the port test shows tcp 6881 is still closed.
Removed iptables and now bt clients seems to be able to connect and it works; however, port test still shows tcp 6881 closed.
Last edited by ravisghosh (2007-06-27 16:51:12)
Maybe you are looking for
-
Can I create an interactive PDF without distributing it?
Hi guys, I am very new to this and I have been asked by the development team here at work to play around and create a form. The idea behind this is that we want to be able to create an interactive PDF form that can be saved without uploading it to an
-
I have a itunescard but it also ask for a credit card but i dont have one but the itune card
I have A I tune card . But It Also Ask For A Credit Card Number Also. But I don't Have A credit Card
-
Replication Active Directory, ports issues in firewall
Hi, i am facing some issue in active directory replication between my Active Directory User Database located in two different locations. I am not doing any Port based ACL in the firewall, and there is no static / dynamic NAT-ng used between the s
-
Web dynpro abap : Call an application from another with parameters
Hi , Could you please tell me how to call an application from another with parameters? Thanks a lot Karim
-
Since the raw files from this camera are not jet supported, I'm shooting RAW+jpeg but sometime, randomly, I encounter errors when imprting from the SD card into LR4, and I have been facing the following different scenarios: a- the raw files thumbnail