LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (http://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Cannot login using ssh (iptables not working as expected) (http://www.linuxquestions.org/questions/linux-networking-3/cannot-login-using-ssh-iptables-not-working-as-expected-815274/)

shadyabhi 06-20-2010 09:31 AM

Cannot login using ssh (iptables not working as expected)
 
Please help guyz, I am not able to add iptables rule..

On the computer on which I have to login, Shoreline is installed.I know I can add rule to /etc/shoreline/rules but I decided to manually enter an iptable rule by typing:

Quote:

/sbin/iptables -A local2fw -s 10.100.98.74 -p tcp -m tcp --dport 22 -j ACCEPT
Then why am I not able to login using 10.100.98.74... I get connection refused error...
Tell me what more info do u need. Pls

TB0ne 06-20-2010 12:38 PM

Quote:

Originally Posted by shadyabhi (Post 4009340)
Please help guyz, I am not able to add iptables rule..

On the computer on which I have to login, Shoreline is installed.I know I can add rule to /etc/shoreline/rules but I decided to manually enter an iptable rule by typing:

FULL iptables-save output is here(before command) http://dl.dropbox.com/u/7728421/save.txt
After I executed the command . http://dl.dropbox.com/u/7728421/save_after.txt

Then why am I not able to login using 10.100.98.74... I get connection refused error...Tell me what more info do u need. Pls

Spell your words out.

Is SSH running on port 22, or somewhere else? And did you try to check the Shoreline documentation???
http://www.shorewall.net/FAQ.htm#faq1h

If you're using Shoreline, you need to allow connections through it, as well as IPtables. Otherwise, it'll be blocked.

shadyabhi 06-20-2010 01:00 PM

Quote:

If you're using Shoreline, you need to allow connections through it, as well as IPtables. Otherwise, it'll be blocked.
Is it? Because I think, if iptables-save is showing that it can accept connections from that ip, then shoreline configuration should not matter

TB0ne 06-20-2010 06:44 PM

Quote:

Originally Posted by shadyabhi (Post 4009485)
Is it? Because I think, if iptables-save is showing that it can accept connections from that ip, then shoreline configuration should not matter

Shoreline is a firewall, just like iptables can be. Opening one doesn't open another, anymore than opening the front door of your house, will unlock the back door.


All times are GMT -5. The time now is 08:52 PM.