Re: Blocked high ports
In article <cistron.Pine.LNX.4.10.10001241443340.4175-100000@gwyn.tux.org>,
Bradley M Alexander <storm@tux.org> wrote:
>I installed Debian/Slink afresh on defiant (the desktop) over the weekend,
>and immediately upgraded it to Potato. defiant is dns and dhcp server fro
>my home network. Got the dns tables set back up, and noticed that nothing
>on the network was able to do DNS queries. Started doing a bit of digging,
>and also noticed I could only ftp in passive mode. Normally ftp connects,
>then switches that connection to an arbitrary hign (>1024) port. The two
>systems would connect, then nothing would happen.
Sounds like misconfigured masquerading. Are you using masquerading?
Did you load the ip_masq_ftp module ?
Are you using the 'ipmasq' package? It has happened to me several
times that that package was installed and nothing worked anymore.
I prefer purging it (dpkg --purge ipmasq) and adding the masquerading
rules to /etc/init.d/network myself. Make sure you enable forwarding
as well (echo 1 > /proc/sys/net/ipv4/ip_forward), a common mistake
>I checked /var/log/syslog and saw connection refused messages as far as
>the eye could see. Blocking connections from the local nodes,
>E.ROOT-SERVERS.NET (one of the top-level DNS'), etc.
That doesn't say anything without the exact message.
> I tried telnetting
>into the localhost on an arbitrary port:
>
>[storm@riogrande storm]$ telnet localhost 6699
>Trying 127.0.0.1...
>telnet: Unable to connect to remote host: Connection refused
Ofcourse. There's nothing listening on 6699. "Connection refused"
means "I can't connect because nothing is listening".
>Please CC me directly in your responses.
OK, and Reply-To: set to debian-user
Mike.
--
The From: and Reply-To: addresses are internal news2mail gateway addresses.
Reply to the list or to miquels@cistron.nl (Miquel van Smoorenburg)
Reply to: