[wplug] ipchains
Robert Dale
rdale at wplug.org
Thu Jul 5 20:02:32 EDT 2001
Of course, you should be using ssh ;)
On Thu, 5 Jul 2001, Josue Batista wrote:
> Thanks everyone! Issue resolved.
>
> The problem we had was a combination of two issues:
>
> 1. /etc/hosts.allow
> There was a typo in the /etc/hosts.allow file. The
> "in.telnet:" line was written as "in.xtelnetd:". So
> we fixed that "oops".
>
> The BIG issue: ipchains.
> ========================
> 2. Next we flush ipchains and make sure there was no
> rules in it:
>
> /etc/init.d/ipchains stop
> /etc/init.d/ipchains status
>
> At this point we were able to telnet into this box
> from the outside.
>
> 3. We examined the /etc/sysconfig/ipchains and we
> found the culprit:
>
> -A input -p tcp -s 0/0 -d 0/0 0:1023 -y -j REJECT
>
> 4. We left that line there, but before that line we
> added:
>
> -A input -p tcp -s 161.201.12.39 -d 0/0 23 -y -j
> ACCEPT
>
> 5. We restarted ipchains and verified our new rule was
> added:
> /etc/init.d/ipchains restart
> /etc/init.d/ipchains status
>
> 6. We were able to telnet in, Yeah!!
>
> Thanks again to all of you for your kind help.
>
> -- Josue
--
Robert Dale
wplug member since 1998
More information about the wplug
mailing list