yep, looks like it's IPCHAINS! The two lines: REJECT tcp -y---- anywhere anywhere any -> 0:1023 and REJECT udp ------ anywhere anywhere any -> 0:1023
are rejecting tcp and udp traffic from anywhere to any port between 0 and 1023. Telnet runs at port 23, ergo, your traffic is being blocked! You can delete these two chains with: ipchains -D input 3 < -- numeric identifier for the "tcp" reject chain and ipchains -D input 5 <--for udp Then you can customize your ipchains to allow telnet, but disallow everything else, or however you might want to do that. Try man ipchains for more information there. You will also need to remove these chains from the startup scripts (rc.firewall or rc.local I think). If you want to just wax all your ipchains, the ipchains -F will do the trick. <rant>Use openssh, telnet is insecure and not as functional</rant> -matthew Billy Davis wrote: > Matthew: > > Attached is the ipchains output > > Thanks, > Billy Davis > > > ----- Original Message ----- > From: "Matthew Boeckman" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Wednesday, April 17, 2002 3:48 PM > Subject: Re: Telnet connection fails > > > >>please post the output of >>ipchains -L >> >> >>Billy Davis wrote: >> >> >>>The firewall may be the problem, since I have done nothing here, and am >>>totally unaware of what to do. When I set the Server up last week, I >>>selected MEDIUM firewall security and took the defaults. Sounds like I >>> > need > >>>to do something else. Can you tell me what? >>> >>>Thanks, >>> >>>Billy >>> >>> >>> >>> >>>----- Original Message ----- >>>From: "ABrady" <[EMAIL PROTECTED]> >>>To: <[EMAIL PROTECTED]> >>>Sent: Wednesday, April 17, 2002 3:08 PM >>>Subject: Re: Telnet connection fails >>> >>> >>> >>> >>>>On Wed, 17 Apr 2002 14:48:42 -0400 >>>>"Billy Davis" <[EMAIL PROTECTED]> quietly intimated: >>>> >>>> >>>> >>>>>We have an RH7.2 Server on the same network with a Win2K Client and an >>>>>SCO Server. All 3 systems can be successfully pinged from the other >>>>>systems. However, when we try to telnet to the RedHat box from the >>>>>Win2K Client, we get this message: >>>>> >>>>> Could not open a connection to host: Connect failed >>>>> >>>>>When we try to telnet to the RedHat box from the SCO box, we get this >>>>>message: >>>>> >>>>> Unable to connect to remote host: Connection refused >>>>> >>>>>When we try to telnet to the SCO box from the RedHat box, we get a >>>>>successful login. >>>>> >>>>>We used serviceconf on the RedHat box to enable the telnet server and >>>>>then rebooted the RedHat box. However, we notice with the ps -d >>>>>command, that telnetd is NOT running. >>>>> >>>>>Both hosts.allow and hosts.deny are empty. >>>>> >>>>>What have we missed? >>>>> >>>>>Thanks >>>>> >>>>> >>>>How about the firewall? The port has to be open in order to accept >>>>telnet. >>>> >>>>-- >>>>I love the way Microsoft follows standards. In much the same manner >>>>that fish follow migrating caribou. >>>> >>>> >>>> >>>>_______________________________________________ >>>>Redhat-list mailing list >>>>[EMAIL PROTECTED] >>>>https://listman.redhat.com/mailman/listinfo/redhat-list >>>> >>>> >>> >>> >>>_______________________________________________ >>>Redhat-list mailing list >>>[EMAIL PROTECTED] >>>https://listman.redhat.com/mailman/listinfo/redhat-list >>> >>> >>> >>> >> >>-- >>Matthew Boeckman (816) 777-2160 >>Manager - Systems Integration Saepio Technologies >>== >>== >>/earth is 98% full ... please delete anyone you can. >> >> >> >>_______________________________________________ >>Redhat-list mailing list >>[EMAIL PROTECTED] >>https://listman.redhat.com/mailman/listinfo/redhat-list >> -- Matthew Boeckman (816) 777-2160 Manager - Systems Integration Saepio Technologies == == /earth is 98% full ... please delete anyone you can. _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
