accessing box from internal network but not from external
Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
Ok, heres my setup...Mandrake 8.0 box with Connection sharing and a firewall in place using the "control center." My secondbox is running Win98SE and currently has internet available via aforesaid Mandrake box. All that is hunky-dory.
The linux box is set up with eth0 as external network and eth1 as internal network alongside the windows box.
Now, I have a telnet server and wu-FTPD running on the linux box but I am unable to use these services via the windows box on my internal network. I do not need to access these services from outside my local network, in fact, I'd like them disabled from the outside world. My understanding is the the firewall is setup for the external connection (eth0) but that everything is allowed though the internal conneciton (eth1, IP:192.168.0.1). Is this the case?
I tried allowing FTP and telnet through the firewall, but to no avail.
/etc/hosts.deny has "ALL:ALL EXCEPT localhost: DENY"
/etc/hosts.allow has "ALL: 127.0.0.1 ALL: 192.168.0."
I am a recent newbie so if I'm missing any vital info, lemme know. Thanks.
I don't ever use the wrappers as they are too basic in options, so I may be incorrect, but I'm sure your line that says (/etc/hosts.allow has "ALL: 127.0.0.1 ALL: 192.168.0.) should be (/etc/hosts.allow has "ALL: 127.0.0.1 ALL: 192.168.0/255.255.255.0)
Ok, so now my internet sharing conked out on me! This is where my systems are at.
Mandrake-Linux 8.0 box: (Internet Connection Sharing Enabled) I can ping the windows box on my local network via eth1. I can connect to the web via eth0.
Windows 98SE box on local network: IP addy gotten from linux box's DHCP server, all fine and good. I can ping the linux box and other systems out on the internet, very interesting. What's more interesting is that I cannot connect to web pages and AIM and the such. BUT! I can PING!
I wanna get this working first, before I mess with the telnet and FTP problems.
I don't know exactly...In the Mandrake Control Center, I turned on Internet sharing. After doing so, I noticed that during boot it enabled something called IPv4. I'm not quite sure if this is the exact name as I'm not at the system right now. When I get back to my dorm room I'll try out the IP addy thing and going around a DNS server. I'll post and letcha know.
I tried connecting to http://188.8.131.52/ on the windows box and it loaded the Cisco page, but typing in the URL does not load. So....DNS server problems. I looked in linuxconf on the gateway linux box and the DNS servers are all coorect. How do I tell eth1 (which is carrying requests from the windows box) to look to the DNS servers? Solving this, in my perfectly newberific opinion, should make everything work again.
I was looking at the route command and its parameters...do I need to add a route from 192.168.0.1 to the IP of the DNS server?
Ok.....so now I have my connection shared again...but I still cannot access FTP and telnet on the linux box fromt eh windows one. I tried this with a cleared hosts.allow and hosts.deny as well as the ones that raz mentioned above.
I set the firewall to block everything but web server (port 80). This doesnt shut it all off from the internal device (eht1) does it?
My impression was that a firewall only blocked out the outside world (eth0).
Wow I answered a question correctly. I didn't see that one coming. :-)
Anyway, I'm confused as to what kind of firewall software you've put up.
Use this process to see what needs fixing:
Then supply more details on the software and settings.
on linux box:
1) When you "#netstat -nap" you see the telnet 23 and ftp 21 ports ready and listening. yes goto (2), no goto (5)
2) When you "#telnet localhost" it works. yes goto (3), no goto (5)
3) When you "#telnet linux_ip_address" it works yes goto (4), no goto (6)
on windozes box:
(4) When you "ping linux_ip_address" it works yes goto (5), no goto (7)
(5) When you "telnet linux_ip_address" nothing happens or socket timesout goto (8).
answer your firewall script is incorrectly configured to block the access from the internal private network.
(5) start the deamons and check the xinetd.d setting also check the /etc/hosts file for localhost setting 127.0.0.1
(6) firewall blocking the local subnet, /etc/hosts file doesn't know it's own IP address.
(7) a routing problem or firewall blocking ICMP type 8 requests
(8) Firewall set-up to block internal connections to those ports.
Mandrake uses a program called tinyFirewall. It's name doesn't exactly lead me to believe that this is what I want. I tired configuring pmfirewall, but to no avail. pmfirewall would start because of a protocal error with ipchains ::shrug::.....on the other front...
The windows box cannot telnet or ping the linux box. It cannot ping anything but itself. However, I do have intenet (w/ DNS) and the FTP works (either by connecting to 192.168.0.1 or the linuix box's external IP).
as for the "netstat -nap" command....it brings up a slew of stuff and I don't see anyhting about telnet and the FTP program is only mentioned once with no association to the number 21.
As for the telnet on the linux box...rthere is no obvious trace of the telnet deamon running in linuxconf...there is no option to enable/start it and I know its installed.
hmmmm...I REALLY appreciate the help raz...Thanks,
Ok, I'm ditching the Mandrake firewall thing.....and I'm persuing pmfirewall. I installed ipchains and ran the install script everything's fine. But when I go to run pmfirewall I get "ipchains: Protocol Not Available" running down the screen, a lot of them. What does this mean? I did everything right in the install script, but no dice.