Re: Network tcp/iptables issue with XRDP
> On 24 Oct 2023, at 15:14, Dan Ritter <dsr@randomstring.org> wrote:
>
> Henggi wrote:
>>
>>> On 24 Oct 2023, at 14:46, Dan Ritter <dsr@randomstring.org> wrote:
>>>
>> - when using „port=tcp://:3389“ in xrdp.ini:
>> root@server:~# ss -tlnp | grep 3389
>> LISTEN 0 2 0.0.0.0:3389 0.0.0.0:* users:(("xrdp",pid=96436,fd=11))
>>
>> - when using using „port=3389“ in xrdp.ini:
>> root@mail:~# ss -tlnp | grep 3389
>> LISTEN 0 2 *:3389 *:* users:(("xrdp",pid=202831,fd=11))
>
>
>> -> either way behaviour is the same, tcp connection works from localhost but not from other host.
>
> Note that "0.0.0.0" means IPv4 only, and * means v4 and v6 will
> be accepted.
I know… however, the reason why I pointed our the port config from xrdp.ini in 1st place, is that (according to "netstat -tulpn“) xrdp configured for * (to listen on tcp4 && tcp6) does ONLY listen on tcp6 but not tcp4.
- when using using „port=3389“ in xrdp.ini:
root@server:~# netstat -tulpn |grep -i rdp
tcp6 0 0 :::3389 :::* LISTEN 202831/xrdp
tcp6 0 0 127.0.0.1:3350 :::* LISTEN 202821/xrdp-sesman
- when using „port=tcp://:3389“ in xrdp.ini:
root@server:~# netstat -tulpn |grep -i rdp
tcp 0 0 0.0.0.0:3389 0.0.0.0:* LISTEN 204201/xrdp
tcp6 0 0 127.0.0.1:3350 :::* LISTEN 204191/xrdp-sesman
>
> Given the information that you have supplied, there is a packet
> dropping mechanism of some kind between your process on the
> other machine and this one. It could be on that other machine,
> on this machine, or in some network device between them.
My assumption too (unless it’s a weird bug within used pkg version of xrdp)… thats why i provided evidence of the cleared iptables & tcpdump before
How to figure out where exactly the connection gets dropped (e.g. which process or kernel module is dropping it)?
>
> Can you show that other ports on this machine are reachable from
> the other one? Say, 22?
client:~ user$ nc -zv 192.168.178.156 22
Connection to 192.168.178.156 port 22 [tcp/ssh] succeeded!
client:~ user$ nc -zv 192.168.178.156 25
Connection to 192.168.178.156 port 25 [tcp/smtp] succeeded!
client:~ user$ nc -zv 192.168.178.156 3389
nc: connectx to 192.168.178.156 port 3389 (tcp) failed: Operation timed out
> -dsr-
Reply to: