• If you need help or want to discuss things, you now can also join us on our Discord Server!
  • A first preview of the unlimited version of SinusBot can be found in the Upcoming Changes thread. A version for Windows will follow, but we don't have a release date, yet.

Bot can't connect when iptables are active

Status
Not open for further replies.
tonnuminat

tonnuminat

New Member
Hey guys!
I got the bot running and it is working fine but it can't connect to the ts3 server when iptables are active.

My iptables setup:
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp spt:http dpts:32786:61000
ACCEPT tcp -- anywhere anywhere tcp spts:32786:61000 dpt:http
ACCEPT udp -- anywhere anywhere udp spt:domain dpts:1024:65535
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT udp -- anywhere anywhere udp dpt:9987
ACCEPT tcp -- anywhere anywhere tcp dpt:30033
ACCEPT tcp -- anywhere anywhere tcp dpt:10011
ACCEPT tcp -- anywhere anywhere tcp spt:https
ACCEPT tcp -- anywhere anywhere tcp dpt:8087

Chain FORWARD (policy DROP)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Anything I am missing here?
 
CrAazZyMaN21

CrAazZyMaN21

Donor
is awesome!
tonnuminat said:
Hey guys!
I got the bot running and it is working fine but it can't connect to the ts3 server when iptables are active.

My iptables setup:
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp spt:http dpts:32786:61000
ACCEPT tcp -- anywhere anywhere tcp spts:32786:61000 dpt:http
ACCEPT udp -- anywhere anywhere udp spt:domain dpts:1024:65535
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT udp -- anywhere anywhere udp dpt:9987
ACCEPT tcp -- anywhere anywhere tcp dpt:30033
ACCEPT tcp -- anywhere anywhere tcp dpt:10011
ACCEPT tcp -- anywhere anywhere tcp spt:https
ACCEPT tcp -- anywhere anywhere tcp dpt:8087

Chain FORWARD (policy DROP)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Anything I am missing here?
Click to expand...
Is this the iptables config from your bot or the ts3server? What Is the error from the log?
 
Last edited:
tonnuminat

tonnuminat

New Member
Okay with the help of Xuxe and flyth I figured it out. I am going post the solution for people with the same problem.
Worth mentioning here is that in my case the bot and the server run on the same system.

As you should know the bot runs on on an instance of X-Server to provide the TS-Client with an virtual GUI. The X-Server and the host system communicate via the virtual network adapter called "lo". That means you will have to accept traffic on this adapter if bot and server run on the same machine.
You do this with this command:
Code: 
iptables -A INPUT -i lo -j ACCEPT
This opens all ports on the adapter. However this isn't a security problem since it is for local connections only.
The bot should now be able to connect.

If you have problems listening to web radios/downloading yt videos add this rule:
Code: 
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
This allows all connections that before were established by your machine.

CrAazZyMaN21 said:
Is this the iptables config from your bot or the ts3server? What Is the error from the log?
Click to expand...
Already solved the probem but thank you for your effort!
 
Status
Not open for further replies.
Top