Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Announcements (Altcoins)
Re: [ANN][XRB]Cryptocurrency's killer app: RaiBlocks micropayments
by
ByteFan
on 04/04/2018, 10:06:44 UTC
Quote from: cryptosheeple on April 04, 2018, 07:33:43 AM
Quote from: ByteFan on April 04, 2018, 05:08:25 AM
Hi there,

Newby question, please. I have installed a headless node on an Ubuntu 16.04
At node start I have 4 errors strings:
"sendto: Operation not permitted
sendto: Operation not permitted
sendto: Operation not permitted
sendto: Operation not permitted"

I have opened UDP port for peering in the firewall with no result:
#nano In/Out
/sbin/iptables -t filter -A OUTPUT -p udp --dport 7075 -j ACCEPT
/sbin/iptables -t filter -A INPUT -p udp --dport 7075 -j ACCEPT

What am I missing? Thank you.

Are you directing packets to a table called filter? Any other rules you have got in place?

Maybe try this instead:

Code:
/sbin/iptables -I INPUT -p udp --dport 7075 -j ACCEPT
/sbin/iptables -I OUTPUT -p udp --dport 7075 -j ACCEPT

Yes, it is part of a larger firewall script where I close "everything" then re-open one by one each port I need (I have others software running on this server). Here is the beginning of the script:
Code:
#!/bin/sh

# Empty rules
/sbin/iptables -t filter -F

# Empty personnal rule
/sbin/iptables -t filter -X

# Forbid everything
/sbin/iptables -t filter -P INPUT DROP
/sbin/iptables -t filter -P FORWARD DROP
/sbin/iptables -t filter -P OUTPUT DROP

# Preserve established connexion
/sbin/iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
/sbin/iptables -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

# Allow loopback
/sbin/iptables -t filter -A INPUT -i lo -j ACCEPT
/sbin/iptables -t filter -A OUTPUT -o lo -j ACCEPT

Then I open the ports I need according to https://github.com/nanocurrency/raiblocks/wiki/Network-usage

Code:
#nano In/Out
/sbin/iptables -t filter -A OUTPUT -p udp --dport 7075 -j ACCEPT
/sbin/iptables -t filter -A INPUT -p udp --dport 7075 -j ACCEPT
/sbin/iptables -t filter -A OUTPUT -p tcp --dport 7075 -j ACCEPT
/sbin/iptables -t filter -A INPUT -p tcp --dport 7075 -j ACCEPT

The -t filter comes from the way the script starts and does works well will all other programs, I have been using this script for years. I suspect this is related to the UDP nature of the protocol but I have no idea.

Anyone out there has an iptable working script on Ubuntu ?

I also have in my logs:
Code:
[2018-04-04 12:14:39.686591]: Error broadcasting confirm_ack to [::ffff:138.68.183.123]:1964: Operation not permitted
[2018-04-04 12:14:39.687108]: Error broadcasting confirm_ack to [::ffff:51.255.200.174]:6063: Operation not permitted
[2018-04-04 12:14:39.687115]: Error broadcasting confirm_ack to [::ffff:5.189.128.113]:12000: Operation not permitted
[2018-04-04 12:14:39.687160]: Error broadcasting confirm_ack to [::ffff:186.155.30.146]:52921: Operation not permitted
[2018-04-04 12:14:39.687176]: Error broadcasting confirm_ack to [::ffff:167.99.254.89]:1024: Operation not permitted
[2018-04-04 12:14:39.687257]: Error broadcasting confirm_ack to [::ffff:186.155.30.146]:62212: Operation not permitted