[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Connection timeouts with SSH and CVS

* Norman Davis <norman.j.davis.jr@gmail.com> [05-01-03 22:12]:

> Problem solved! 
> Our firewall is blocking ranges of incoming ports that just happens to
> incidentally work (usually, but not always) for windows.
> Too see your settings, type 
> sysctl net.ipv4.ip_local_port_range
> The default is 32768 61000, and so my system had been picking incoming
> ports for SSH and CVS responses around 32768 initially and our
> firewall here was blocking that.


shouldn't a firewall by default accept any incoming connection (no
matter what port) that is related to an outgoing connection?

iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

So, is this _really_ the problem? Or just a workaround? I mean, why
should a windows client accept an incoming cvs response at a port
and a linux client doesn't? They are behind the same firewall...

Can anybody help me to understand that?

Dani Belz                                        http://dan-b.net
GPG EF658E3D | 6CD2 C40F 74A7 DFF6 FD29  7A31 2DE7 09CD EF65 8E3D

Attachment: signature.asc
Description: Digital signature

Reply to: