On Sun, Jul 16, 2023 at 11:03:52AM +0200, Roger Price wrote: [...] > On a Debian 9 machine I typed the commands > > iptables -F > iptables -X > iptables -P INPUT ACCEPT > iptables -P FORWARD ACCEPT > iptables -P OUTPUT ACCEPT > > and then _immediately_ attempted to ssh from Debian 11 to that Debian 9 machine. > > rprice@titan ~ ssh rprice@kananga > rprice@kananga's password: > Linux kananga 4.9.0-4-686 #1 SMP Debian 4.9.65-3+deb9u1 (2017-12-23) i686 > ... > > Success! I can ssh 11->9 after flushing the firewall and before rebooting. \o/ :-) > I do not know what firewall management tool is in use. The first 4 lines > shown by iptables -L were > > Chain INPUT (policy DROP) > num target prot opt source destination > 1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 /* "main[2993]-set_basic_rules[971]" */ > 2 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ctstate ESTABLISHED /* "set_basic_rules[1028]-allow_basic_established[878]" */ > 3 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 ctstate RELATED /* "set_basic_rules[1028]-allow_basic_established[892]" */ > > Does the style of comment give a clue to the tool used ? I must pass up on this one. I'm not very much into all those tools (and a bit tight on time, guests now getting up and hoping for some breakfast :-) I'll dig into it later unless someone (TM) beats me to it. Cheers -- t
Attachment:
signature.asc
Description: PGP signature