First of all, thanks a ton for all the suggestions, but I still cannot connect to apache, telnet, ftp or ssh. Heck I can't even ping the LM8.1 computer from another machine either over the internet (ppp0) or over the lan (eth0) but internet masquerading works just fine.
All the appropriate services are up and running nothing can connect to them though unless I flush the iptables firewall rules and set all the policy defaults to allow. There are no entries at all in hosts.allow or hosts.deny and the services i want to allow connections to are all listed in the bastille-firewall.cfg file in the correct places. Everything can be connected to from the localhost as well, just not over the internet (for 21, 22, and 80) or over the ethernet (for 21, 22, 23, and 80). Anyone have any more suggestions? Ian K. Harrell [EMAIL PROTECTED] Grant Fraser <[EMAIL PROTECTED]> wrote: > One more thing. Is ssh running? Try opening a console and log in as root. type > service sshd start > see if sshd is part of your boot up process. > > On Monday 24 December 2001 15:19, you wrote: > > Try this: > > In your bastille-firewall.cfg file add ssh to your INTERNAL_INTERFACES= > > part. Just keep re-reading the notes until you think you got it. In order > > to enable ssh and port 22 to be seen on the internet I added "22+ ssh+" to > > the trusted intefaces. There is a whole Q&A section at the bottom as well. > > > > > > TRUSTED_IFACES="lo" > > PUBLIC_IFACES="eth+ ppp+ slip+" > > INTERNAL_IFACES="eth0+ ssh+" > > > > On Monday 24 December 2001 06:15, you wrote: > > > Some further information on this problem. > > > > > > There are no entries in either the /etc/hosts.deny or hosts.allow files. > > > So this isnt causing the problem. > > > > > > I can perform an iptables -F and then set all the default policies back > > > to accept and everything works fine. Of course this leaves me with no > > > firewall too. So it looks like it is some firewalling rule that is > > > causing the problem. > > > > > > I attached a copy of my bastille-firewall.cfg file to see if anyone sees > > > a problem with it. I don't see anything in there that could be causing > > > this. > > > > > > > > > Thanks, > > > Ian K. Harrell > > > [EMAIL PROTECTED] > > > > > > "Dragon ." <[EMAIL PROTECTED]> wrote: > > > > Try this, I couldn't connect with SSH from anywhere and I swore up and > > > > > > down > > > > > > > that Bastille was setup correctly. Look in the hosts.deny file. I > > > > > > found an > > > > > > > entry with ALL:ALL... I deleted that line and everything worked fine. > > > > > > I > > > > > > > could still browse to FTP and HTTP when the line was there but I > > > > > > couldn't > > > > > > > connect via SSH. Its another place to look. > > > > > > > > From: "Ian K.Harrell" <[EMAIL PROTECTED]> > > > > Reply-To: [EMAIL PROTECTED] > > > > To: [EMAIL PROTECTED] > > > > Subject: [newbie] cant connect to apache, ssh, ftp or telnet from > > > > > > network > > > > > > > Date: 21 Dec 2001 09:42:11 EST > > > > > > > > Hi all, > > > > > > > > I installed 8.1 the other day. (3 disc set from cheapbytes). Then use > > > > Interactive Bastille to configure firewalling, internet masquerading > > > > > > and > > > > > > > basic system security. > > > > > > > > The problem is that while i can connect to the machine locally > > > > (http://localhost) noone can connect to it over the lan with either > > > > telnet, ssh, ftp or http. These servers are running and I told Bastille > > > > to leave these ports open to the internal network. > > > > > > > > On the public network i left ssh and 80 open so i could connect in over > > > > the web from home and so we could host a small company web site. Still > > > > noone can connect to them from the internet BUT i went to www.grc.com > > > > and ran the port probe and it showed the ports as being open. This > > > > > > makes > > > > > > > me wonder if it is a firewall rule that Bastille put in there or is > > > > there something else going on? > > > > > > > > Right now the only thing that is working over the lan is internet > > > > masquerading. > > > > > > > > Any ideas? > > > > Ian K. Harrell > > > > [EMAIL PROTECTED] > > > > > > > > > > > > > > > > Want to buy your Pack or Services from MandrakeSoft? > > > > Go to http://www.mandrakestore.com > > > > > > > > > > > > > > > > > > > > _________________________________________________________________ > > > > Get your FREE download of MSN Explorer at > > > > > > http://explorer.msn.com/intl.asp. > > > > > > > --------------------------------------------- > > > > Attachment: message.footer > > > > MIME Type: text/plain > > > > --------------------------------------------- > > > > ---------------------------------------- > > Content-Type: text/plain; charset="us-ascii"; name="bastille-firewall.cfg" > > Content-Transfer-Encoding: 7bit > > Content-Description: > > ---------------------------------------- > > > > ---------------------------------------- > > Content-Type: text/x-c; charset="us-ascii"; name="config" > > Content-Transfer-Encoding: 7bit > > Content-Description: > > ---------------------------------------- > > > > ---------------------------------------- > > Content-Type: text/x-c; charset="us-ascii"; name="config" > > Content-Transfer-Encoding: 7bit > > Content-Description: > > ---------------------------------------- > > > > ---------------------------------------- > > Content-Type: text/plain; charset="us-ascii"; name="message.footer" > > Content-Transfer-Encoding: 8bit > > Content-Description: > > ---------------------------------------- > > ---------------------------------------- > Content-Type: text/plain; charset="iso-8859-1"; name="message.footer" > Content-Transfer-Encoding: 7BIT > Content-Description: > ---------------------------------------- > > --------------------------------------------- > Attachment: message.footer > MIME Type: text/plain > ---------------------------------------------
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
