Linux IPTables blocking yum

January 10, 2009 | By Fabio Milano In CentOS, Fedora, Firewall, IPTables, Linux, Tutorial |

Scenario / Question:

I can not use yum and appears that iptables is blocking yum from establishing a connection with the internet.

Solution / Answer:

IPTables needs to be configured to allow incoming ESTABLISHED,RELATED connections and establish connection with yum servers by allowing outgoing connections on port 80.

Connecting to a yum server on the Internet the outbound packets are going out over the OUTPUT chain with a destination port –dport 80 and an unknown high source port –sport randomly selected by the OS. Lets use –sport 1024 as an example.

Connections coming back from the Internet yum server will have source port –sport 80 and destination port –dport with the same high port 1024 that was selected when the outbound connection was initiated.

The kernel is smart enough to track all this for us using an iptables rule.

Iptables to allow ESTABLISHED,RELATED Connections

# iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

Iptables to allow yum OUTPUT on port 80

# iptables -A OUTPUT -p tcp -m tcp -m state --state NEW --dport 80 -j ACCEPT

Other Related Posts:

  • Linux IPTables blocking DNS and open port 53
  • PULSEAUDIO: Unable to connect: Connection refused
  • Install VirtualBox without GUI or Headless
  • Nagios NRPE Monitor Yum Updates
  • Linux NTFS Read and Write using NTFS-3G

    • No Comments

    Leave a reply