Re: installation start up

taelee94 · ‎12-01-2010

Hi,

I'm new to splunk and Linux. I installed it to a CentOS 5.4 server and tried to get to http://splunk server:8000 but it would't come up unless iptable is stopped.

So I added an entry into iptables as below:

iptables -A INPUT -p tcp --dport 8000 -j ACCEPT

And after that I restarted iptables services but it still won't work.

Any suggestions or idea would be greatly appreciated.

Thanks,

dwaddle · ‎12-01-2010

When you restarted iptables, you probably blew away the rule you added. Running the iptables command at the shell prompt only updates the in-memory filter table. You should add your rule in the proper place in /etc/sysconfig/iptables and then restart the iptables services. After the restart, verify your rule is there using iptables -nL.

dwaddle · ‎12-01-2010

Also, please click the checkbox to the left of my answer to accept it as "correct" - Thanks!

dwaddle · ‎12-01-2010

I've never used lokkit - but it sounds like it may not read the /etc/sysconfig/iptables file itself and/or it flushes the ruleset. You might use 'system-config-firewall' instead. (Me personally, I always just edit the file in /etc/sysconfig)

taelee94 · ‎12-01-2010

Thanks and it worked!! However, I noticed something very strange. Whenever I start lokkit, any rules I added to /etc/sysconfig/iptables get deleted. I don't understand why...

installation start up

Threat Hunting Unlocked: How to Uplevel Your Threat Hunting With the PEAK Framework ...

Splunk APM: New Product Features + Community Office Hours Recap!

Index This | Forward, I’m heavy; backward, I’m not. What am I?