csanyipal:
> On Mon, Apr 09, 2007 at 08:56:40PM +0200, Jochen Schulz wrote:
>
>> If you can see either both incoming and outgoing packets or no packets
>> at all, your setup is fine and someone else is dropping them. If you see
>> only incoming packets, it's your fault.
>
> Could you try to login again, please?
Done. I tried to connect on port 443 but still got no response. Is your
host still up now? It doesn't look like that.
This problem might be easier to debug while talking over IRC, Jabber or
something like that. I'll go to sleep soon... If you have Jabber you can
reach me as solexx@jabber.ccc.de.
>> In any case, I would now try to let sshd listen on another port that is
>> probably not filtered (like 443).
>
> Done:
>
> sshd_config: Port 443
And you restarted sshd, didn't you? (Not that I think you are stupid, I
just want to rule out obvious and unnecessary errors.)
> iptables script: -A block -i ppp0 -p tcp --dport 443 -j ACCEPT
>
> But, if I run iptables -L then I can't see opened port 443! Why?
>
> Chain block (2 references)
> target prot opt source destination
> ACCEPT 0 -- anywhere anywhere state RELATED,ESTABLISHED
> ACCEPT tcp -- anywhere anywhere tcp dpt:smtp
> ACCEPT tcp -- anywhere anywhere tcp dpt:https
^^^^^
There it is. You can pass -n to iptables to only see port numbers and IP
addresses instead of service names (looked up from /etc/services) and
resolved host names.
J.
--
If I am asked 'How are you' more than a million times in my life I
promise to explode.
[Agree] [Disagree]
<http://www.slowlydownward.com/NODATA/data_enter2.html>
Attachment:
signature.asc
Description: Digital signature