Re: iptables rule for sshd
On Mon, Aug 02, 2004 at 09:10:39AM +0300, NabilM@kuveytturk.com.tr wrote:
> Dah.. :-) thanks for the help. You guys are life savers.
>
> So now I am able to ssh from the local machine. Thanks to all you folks.
You are welcome :)
> However, when I try to connect from the Internet using ssh, it just
> disconnects me. Why is that? When I try to connect, I even see that the
> packet count for ssh rule in the INPUT chain gets an increase of four
> packets. Are there other thing I need to look into like host.allow and
> stuff? I can ping the machine from the internet because I have a
> firewall rule for icmp-type echo-reply. Any ideas why it doesn't like
> ssh connections, even after having the ssh ACCEPT rule.
I hope you have a corresponding entry for "ssh" in your OUTPUT
chain as well. You could send your configuration by doing:
iptables -L -nv > Filter.txt
iptables -L -nv -t nat > Nat.txt
And then just attach the Filter.txt and Nat.txt files.
> Also, since I am new, I am having lots of problems in guessing what
> packets are coming in and what rules need to be added. Is there a GOOD
> way to analyze the packets traversing through my interfaces? I know that
> I can add the -j LOG rule, but that is too hard to read, or perhaps is
> there a better way to analyze these logs?
Well I use tethereal or tcpdump. Also you might try the "evil" ettercap.
Take care,
Didar
--
BOFH excuse #45:
virus attack, luser responsible
Random signature generated by Signify v1.07
http://www.debian.org/
Reply to: