iptables rules for iscsi initiator

iptables iscsi
5,773

If the server is sending from port 3260, then you want the client to allow traffic from port 3260. This is indicated by marking 3260 as the source port (sport). In the rule you posted, you specified 3260 as the destination port (dport).

Changing the rule to 

-A INPUT -i eth1  -s 10.1.212.51  -p  tcp  -m tcp  --sport 3260  -j ACCEPT

should work.

Share:
5,773
Tam Borine
Author by

Tam Borine

Updated on September 18, 2022

Comments

  • Tam Borine
    Tam Borine over 1 year

    I need to configure iptables on my client (iscsi-initiator). From tcpdump, I can see that the server (iscsi target) sends tcp from port 3260.

    So I have added following iptables rule on my client (where 10.1.212.51 is the iscsi target):

    -A INPUT -i eth1  -s 10.1.212.51  -p  tcp  -m tcp  --dport 3260  -j ACCEPT

    but iscsi does not work with this rule. Only after I allow all ports, does it work:

    -A INPUT -i eth1  -s 10.1.212.51  -p  tcp  -m tcp   -j ACCEPT

    Thus my question is, does iscsi need some other port as well?

  • Tam Borine
    Tam Borine over 10 years
    you are right, of course. I should have noticed this myself. How embarrassing. Thanks.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Filtering incoming Strongswan VPN packets with iptables
How to fix “iptables: No chain/target/match by that name”?
Restrict Docker exposed port from only specific IP adresses
iptables/ebtables/bridge-utils: PREROUTING/FORWARD to another server via single NIC
keepalived works well without iptables
add rule to firewalld in Centos7 to allow all traffic from a server
iptables src-range and dst-range
How to log all incoming packets
How to make all outgoing RST drop
ip_conntrack_tcp_timeout_established not applied to entire subnet