How JustAnswer Works:
  • Ask an Expert
    Experts are full of valuable knowledge and are ready to help with any question. Credentials confirmed by a Fortune 500 verification firm.
  • Get a Professional Answer
    Via email, text message, or notification as you wait on our site. Ask follow up questions if you need to.
  • 100% Satisfaction Guarantee
    Rate the answer you receive.
Ask Jess M. Your Own Question
Jess M.
Jess M., Computer Support Specialist
Category: Software
Satisfied Customers: 637
Experience:  Computer Software Support specialist for more that 10 years
Type Your Software Question Here...
Jess M. is online now
A new question is answered every 9 seconds

I have a SuSE linux server that has lost connectivity to the

Customer Question

i have a SuSE linux server that has lost connectivity to the internet. i ran the command to flush iptables and lost all connectivity. the issue is that iptables is not installed on this server and i can not find any other firewall that is running. however, when i try to configure the default firewall, i get an error that another type of firewall is running and if i continue, it may produce unexpected results. i would like to regain connectivity first and second, find out what firewall is running if any.
JA: How much experience do you have with this particular machine?
Customer: i have been a unix admin for many years.
JA: Have you installed any updates recently?
Customer: no updates installed in probably 6 months.
JA: Anything else you want the computer expert to know before I connect you?
Customer: no thats pretty much it.
Submitted: 8 months ago.
Category: Software
Expert:  Bruce Wilner replied 8 months ago.


If you've been a UNIX admin for many years, you should be able to run ps -efl (unless it's ps-axl on your variant) and find what firewall is running.

Then again, there could also be some kernel module installed that is working with ipchains or pcap or some such.

It can be extremely difficult to track down these kinds of things. That having been said, one presumes that an out-of-the box firewall is not configured to "block everything not explicitly permitted," as that would make operation extraordinarily cumbersome.

Expert:  Bruce Wilner replied 8 months ago.

When you flushed routing tables, did you empty anything else?

If things are running well, why would you go flushing tables? Lord only knows what kind of inconsistent state you now have. You are probably aware that Linux networking--unlike UNIX networking--is a God-awful mess. That's because every self-styled "genius" has contributed freely to Linux. This is one reason why, for example, there are umpteen half-baked interfaces to the kernel function that opens a file--whereas there used to be ONE. So-called "software engineers" characterize this as "improvement."

You get what you pay for. This diatribe isn't a fix, it's just a reality check. Most Linux aficionados spend untold time tearing their hair out. I don't see this with commercial UNIXes, such as MacOS.

Customer: replied 8 months ago.
you are absolutely correct about all of the above. while im sure it wasnt obvious that i tried the ps as well as netstat and could not find any trace of a firewall running, the configuration of the SuSE firewall kept throwing me an error stating that one was running. i only needed to open one port with no luck so i found a script that flushes iptables and then sets the default to receive all packets. however, that did not work for me and i have been searching for clues as to where to look now since yesterday around noon with no luck.
Customer: replied 8 months ago.
unfortunately you cant connect since all connectivity is lost. the machine can not be reached nor can it reach out.
Customer: replied 8 months ago.
no i am managing the server remotely so when i flushed the input chain, i lost connection.
Expert:  Bruce Wilner replied 8 months ago.

Tell me what service you are endeavoring to contact OR host and what ports are open.

Also, do you have a listener on that port? /etc/inetd.conf (or whatever sixty-nine files SuSE has split that into as an "improvement") must be configured so that inetd knows to listen for incoming requests on such-and-such TCP or UDP port and, when each one is accepted, spawn such-and-such demon to handle it, either iteratively or concurrently as directed.

"... remotely ... lost connection"

You remind me of my friend who went into business hosting payphones all over this and that airport and hotel. Now and then, a certain phone simply would not answer, which was a clear sign that local miscreants had put a firecracker in the coin return and detonated it for kicks.

Not sure WHY I was so reminded, but it's a cute story anyway . . .