Originally Posted by
jre
Please start "pgl-gui" from the console and watch its output, when you do this.
Which port did you want to whitelist? Does it happen for all ports? For all directions?
Which other ports were already whitelisted? Please post "sudo iptables -L -nv".
Background: on whitelisting pgl-gui first checks if the item is already whitelisted, probably there is a false positive.
Code:
pgl-gui
** Debug: gSudo: ""
** Debug: ""
** Debug: ******************EXECUTE COMMAND***************
** Debug: virtual void ProcessT::run() Executing command "which kdesudo" () ...
** Debug: "/usr/bin/kdesudo"
** Debug: virtual void ProcessT::run() Command execution finished.
** Debug: ""
** Debug: ******************EXECUTE COMMAND***************
** Debug: virtual void ProcessT::run() Executing command "which kdesudo" () ...
** Debug: "/usr/bin/kdesudo"
** Debug: virtual void ProcessT::run() Command execution finished.
** Debug: list size: 0
** Debug: list size: 0
** Debug: true
** Debug: ******************EXECUTE COMMAND***************
** Debug: ******************EXECUTE COMMAND***************
** Debug: virtual void ProcessT::run() Executing command "which gksudo" () ...
** Debug: "/usr/bin/gksudo"
** Debug: virtual void ProcessT::run() Command execution finished.
** Debug: virtual void ProcessT::run() Executing command "which gksudo" () ...
** Debug: "/usr/bin/gksudo"
** Debug: virtual void ProcessT::run() Command execution finished.
** Debug: ******************EXECUTE COMMAND***************
** Debug: virtual void ProcessT::run() Executing command "which kdesu" () ...
** Debug: ******************EXECUTE COMMAND***************
** Debug: virtual void ProcessT::run() Executing command "which kdesu" () ...
** Debug: ""
** Debug: ""
** Debug: virtual void ProcessT::run() Command execution finished.
** Debug: virtual void ProcessT::run() Command execution finished.
** Debug: ******************EXECUTE COMMAND***************
** Debug: ******************EXECUTE COMMAND***************
** Debug: virtual void ProcessT::run() Executing command "which gksu" () ...
** Debug: virtual void ProcessT::run() Executing command "which gksu" () ...
** Debug: "/usr/bin/gksu"
** Debug: virtual void ProcessT::run() Command execution finished.
** Debug: "/usr/bin/gksu"
** Debug: virtual void ProcessT::run() Command execution finished.
** Debug: "OUT: 192.168.2.2:45186 94.125.182.255:6667 TCP || ATW Internet Kft. | 2011-07 Malware ....................."
** Debug: "OUT: 192.168.2.2:48529 95.141.29.22:6667 TCP || EuroTransit GmbH | 2011-07 Unspecified Threat .......... | Tor"
** Debug: "OUT: 192.168.2.2:41787 130.237.188.216:6667 TCP || 2011-07 Unspecified Threat .........."
** Debug: "OUT: 192.168.2.2:45756 194.109.20.90:6667 TCP || GTS NOVERA a.s. | servicing Tripos | State Research Library | I"
** Debug: "OUT: 192.168.2.2:45724 195.18.164.194:6667 TCP || Ventelo Norge AS | DATAMETRIX AS | Pineapple Publishing AS"
** Debug: "OUT: 192.168.2.2:49977 195.47.220.2:6667 TCP || Ten BERG IP Network"
** Debug: "OUT: 192.168.2.2:43779 208.83.20.130:6667 TCP || Desync Networksfake bittorrent trackers | LogicalSolutions.net"
** Debug: "OUT: 192.168.2.2:56768 64.18.128.86:6667 TCP || RackVibe LLC | proxy.xzibition.com | security.team.from.armed.us"
** Debug: "OUT: 192.168.2.2:44766 66.186.59.50:6667 TCP || Alchemy Communications, Inc | LIONSGATE FILMS | JuriSearch, LLC"
** Debug: "OUT: 192.168.2.2:39688 69.16.172.34:6667 TCP || Highwinds Network Group | Robbins Green, P.A. | Jarin Industri"
** Debug: "OUT: 192.168.2.2:33998 69.16.172.40:6667 TCP || Highwinds Network Group | Robbins Green, P.A. | Jarin Industri"
** Debug: "OUT: 192.168.2.2:34991 70.33.251.254:6667 TCP || InfoRelay Online Systems, Inc. | AODINC | Legal Discovery LLC"
** Debug: "OUT: 192.168.2.2:45198 94.125.182.255:6667 TCP || ATW Internet Kft. | 2011-07 Malware ....................."
** Debug: "OUT: 192.168.2.2:48541 95.141.29.22:6667 TCP || EuroTransit GmbH | 2011-07 Unspecified Threat .......... | Tor"
** Debug: "OUT: 192.168.2.2:38684 173.234.32.42:6667 TCP || Nobis Technology Group, LLC | Eisenberg, Christine | Wu, David"
** Debug: "OUT: 192.168.2.2:49987 195.47.220.2:6667 TCP || Ten BERG IP Network"
** Warning: bool hasPermissions(const QString&) Could not read from file "/etc/test_file"
** Debug: ("/usr/bin/kdesudo "iptables -L pgl_out -n | grep -x 'RETURN *tcp *-- *0.0.0.0/0 *0.0.0.0/0 *tcp dpt:6667 *' || iptables -I pgl_out -p tcp --dport 6667 -j RETURN"")
** Debug: start thread
** Debug: ******************EXECUTE COMMAND***************
** Debug: virtual void ProcessT::run() Executing command "/usr/bin/kdesudo "iptables -L pgl_out -n | grep -x 'RETURN *tcp *-- *0.0.0.0/0 *0.0.0.0/0 *tcp dpt:6667 *' || iptables -I pgl_out -p tcp --dport 6667 -j RETURN"" () ...
** Debug: "Bad argument `|'
Try `iptables -h' or 'iptables --help' for more information."
** Debug: virtual void ProcessT::run() Command execution finished.
** Debug: "OUT: 192.168.2.2:45206 94.125.182.255:6667 TCP || ATW Internet Kft. | 2011-07 Malware ....................."
** Debug: "OUT: 192.168.2.2:48549 95.141.29.22:6667 TCP || EuroTransit GmbH | 2011-07 Unspecified Threat .......... | Tor"
** Debug: "OUT: 192.168.2.2:41807 130.237.188.216:6667 TCP || 2011-07 Unspecified Threat .........."
** Debug: "OUT: 192.168.2.2:45776 194.109.20.90:6667 TCP || GTS NOVERA a.s. | servicing Tripos | State Research Library | I"
** Debug: "OUT: 192.168.2.2:45744 195.18.164.194:6667 TCP || Ventelo Norge AS | DATAMETRIX AS | Pineapple Publishing AS"
** Debug: "OUT: 192.168.2.2:49997 195.47.220.2:6667 TCP || Ten BERG IP Network"
Code:
sudo iptables -L -nv
Chain INPUT (policy ACCEPT 66 packets, 16567 bytes)
pkts bytes target prot opt in out source destination
0 0 pgl_in all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW mark match !0x14
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 pgl_fwd all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW mark match !0x14
Chain OUTPUT (policy ACCEPT 74 packets, 13589 bytes)
pkts bytes target prot opt in out source destination
59 3573 pgl_out all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW mark match !0x14
Chain pgl_fwd (1 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- * * 192.168.2.0/24 192.168.2.0/24
0 0 RETURN all -- * * 0.0.0.0/0 192.168.2.1
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0xa
0 0 NFQUEUE all -- * * 0.0.0.0/0 0.0.0.0/0 NFQUEUE num 92
Chain pgl_in (1 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- * * 192.168.2.0/24 0.0.0.0/0
0 0 RETURN all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0xa
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 source IP range 224.0.0.251-224.0.0.251
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 source IP range 239.255.255.250-239.255.255.250
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 source IP range 224.0.0.22-224.0.0.22
0 0 NFQUEUE all -- * * 0.0.0.0/0 0.0.0.0/0 NFQUEUE num 92
Chain pgl_out (1 references)
pkts bytes target prot opt in out source destination
9 573 RETURN all -- * * 0.0.0.0/0 192.168.2.0/24
0 0 RETURN all -- * * 0.0.0.0/0 192.168.2.1
0 0 RETURN all -- * lo 0.0.0.0/0 0.0.0.0/0
22 1320 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0xa reject-with icmp-port-unreachable
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 destination IP range 224.0.0.251-224.0.0.251
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 destination IP range 239.255.255.250-239.255.255.250
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 destination IP range 224.0.0.22-224.0.0.22
3 180 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
0 0 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
25 1500 NFQUEUE all -- * * 0.0.0.0/0 0.0.0.0/0 NFQUEUE num 92
The only ports I have whitelisted are 80 & 443. I was trying to temp allow 6667 so I can connect to IRC.
Bookmarks