[wplug] ipchains
Josue Batista
josue_batista at yahoo.com
Thu Jul 5 20:17:20 EDT 2001
Absolutely. That is the next step. I'm helping a
fellow in TX to setup his Linux box and I needed just
raw access to get things started. SSH is way to go...
are you using OpenSSH?
-- Josue
--- Robert Dale <rdale at wplug.org> wrote:
>
> Of course, you should be using ssh ;)
>
> On Thu, 5 Jul 2001, Josue Batista wrote:
>
> > Thanks everyone! Issue resolved.
> >
> > The problem we had was a combination of two
> issues:
> >
> > 1. /etc/hosts.allow
> > There was a typo in the /etc/hosts.allow file.
> The
> > "in.telnet:" line was written as "in.xtelnetd:".
> So
> > we fixed that "oops".
> >
> > The BIG issue: ipchains.
> > ========================
> > 2. Next we flush ipchains and make sure there was
> no
> > rules in it:
> >
> > /etc/init.d/ipchains stop
> > /etc/init.d/ipchains status
> >
> > At this point we were able to telnet into this box
> > from the outside.
> >
> > 3. We examined the /etc/sysconfig/ipchains and we
> > found the culprit:
> >
> > -A input -p tcp -s 0/0 -d 0/0 0:1023 -y -j REJECT
> >
> > 4. We left that line there, but before that line
> we
> > added:
> >
> > -A input -p tcp -s 161.201.12.39 -d 0/0 23 -y -j
> > ACCEPT
> >
> > 5. We restarted ipchains and verified our new rule
> was
> > added:
> > /etc/init.d/ipchains restart
> > /etc/init.d/ipchains status
> >
> > 6. We were able to telnet in, Yeah!!
> >
> > Thanks again to all of you for your kind help.
> >
> > -- Josue
>
> --
> Robert Dale
>
> wplug member since 1998
>
>
> _______________________________________________
> wplug mailing list
> wplug at wplug.org
> http://www.wplug.org/mailman/listinfo/wplug
=====
- ABC Tech Solutions
http://www.abcsolutions.org
[Java/Oracle/Linux] [C/S & Internet Database Apps]
__________________________________________________
Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail
http://personal.mail.yahoo.com/
More information about the wplug
mailing list