Try this: In your bastille-firewall.cfg file add ssh to your INTERNAL_INTERFACES= part. Just keep re-reading the notes until you think you got it. In order to enable ssh and port 22 to be seen on the internet I added "22+ ssh+" to the trusted intefaces. There is a whole Q&A section at the bottom as well.
TRUSTED_IFACES="lo" PUBLIC_IFACES="eth+ ppp+ slip+" INTERNAL_IFACES="eth0+ ssh+" On Monday 24 December 2001 06:15, you wrote: > Some further information on this problem. > > There are no entries in either the /etc/hosts.deny or hosts.allow files. > So this isnt causing the problem. > > I can perform an iptables -F and then set all the default policies back > to accept and everything works fine. Of course this leaves me with no > firewall too. So it looks like it is some firewalling rule that is > causing the problem. > > I attached a copy of my bastille-firewall.cfg file to see if anyone sees > a problem with it. I don't see anything in there that could be causing > this. > > > Thanks, > Ian K. Harrell > [EMAIL PROTECTED] > > "Dragon ." <[EMAIL PROTECTED]> wrote: > > Try this, I couldn't connect with SSH from anywhere and I swore up and > > down > > > that Bastille was setup correctly. Look in the hosts.deny file. I > > found an > > > entry with ALL:ALL... I deleted that line and everything worked fine. > > I > > > could still browse to FTP and HTTP when the line was there but I > > couldn't > > > connect via SSH. Its another place to look. > > > > From: "Ian K.Harrell" <[EMAIL PROTECTED]> > > Reply-To: [EMAIL PROTECTED] > > To: [EMAIL PROTECTED] > > Subject: [newbie] cant connect to apache, ssh, ftp or telnet from > > network > > > Date: 21 Dec 2001 09:42:11 EST > > > > Hi all, > > > > I installed 8.1 the other day. (3 disc set from cheapbytes). Then use > > Interactive Bastille to configure firewalling, internet masquerading > > and > > > basic system security. > > > > The problem is that while i can connect to the machine locally > > (http://localhost) noone can connect to it over the lan with either > > telnet, ssh, ftp or http. These servers are running and I told Bastille > > to leave these ports open to the internal network. > > > > On the public network i left ssh and 80 open so i could connect in over > > the web from home and so we could host a small company web site. Still > > noone can connect to them from the internet BUT i went to www.grc.com > > and ran the port probe and it showed the ports as being open. This > > makes > > > me wonder if it is a firewall rule that Bastille put in there or is > > there something else going on? > > > > Right now the only thing that is working over the lan is internet > > masquerading. > > > > Any ideas? > > Ian K. Harrell > > [EMAIL PROTECTED] > > > > > > > > Want to buy your Pack or Services from MandrakeSoft? > > Go to http://www.mandrakestore.com > > > > > > > > > > _________________________________________________________________ > > Get your FREE download of MSN Explorer at > > http://explorer.msn.com/intl.asp. > > > --------------------------------------------- > > Attachment: message.footer > > MIME Type: text/plain > > --------------------------------------------- ---------------------------------------- Content-Type: text/plain; charset="us-ascii"; name="bastille-firewall.cfg" Content-Transfer-Encoding: 7bit Content-Description: ---------------------------------------- ---------------------------------------- Content-Type: text/x-c; charset="us-ascii"; name="config" Content-Transfer-Encoding: 7bit Content-Description: ---------------------------------------- ---------------------------------------- Content-Type: text/x-c; charset="us-ascii"; name="config" Content-Transfer-Encoding: 7bit Content-Description: ---------------------------------------- ---------------------------------------- Content-Type: text/plain; charset="us-ascii"; name="message.footer" Content-Transfer-Encoding: 8bit Content-Description: ----------------------------------------
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com