LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Is it possible to ssh into a box connected to linksys WRT54G (https://www.linuxquestions.org/questions/linux-networking-3/is-it-possible-to-ssh-into-a-box-connected-to-linksys-wrt54g-143505/)

Tyir 02-07-2004 09:00 PM
Is it possible to ssh into a box connected to linksys WRT54G
 
NOTE: I'm very new at this, so I might be doing something ridiculous..
I'v been trying to figure out how to ssh into my box. It is connected to my wireless WRT54G rotuer through ethernet.
I can ssh 192.168.1.103 (by the way, my coputer has a DHCP, but its been 103 for awhile, i figured i might make it if i can get this working...) on my network with no problems

If I ssh myip it just hangs intil i Control-C


I have a firewall script configured by guarddog on my box

In my router settings, I have (in Port Range Forward) port 22 to 22 with Both for TCP and UDP to 192.168.1.103

What else....
in security, i have in Black WAN requests, to have fireall enabled, and Block Anonymous Internet Requests checked off (note, i tried it with both off, but it stayed the same, so i figured it would be best with them on anyways)

I made sure when i configred my firewall that ssh was allowed, (and was on port 22)

Thanks

MattOlz 02-07-2004 09:26 PM
For me on my dlink router, I can access my server from its internal IP, but not the external (like you are trying). Telnet into another computer, then try it from there, or ask someone to try it for you. I found it works for others, just not me.

Tyir 02-07-2004 10:08 PM
I had just tested it on a windows comp w putty on my network, tyrign 192.168.1.103, and it timed out also....

And yea, iv asked other people to try, it still doesn't work, it times out..

defubar 02-08-2004 01:55 AM
Some interesting info here that you may be interested in.

http://www.batbox.org/wrt54g-linux.html

Tyir 02-08-2004 10:44 AM
:O id rather not mess around with the linux installed on the router itself if i can avoid it.....

Hangdog42 02-08-2004 05:59 PM
Quote:
If I ssh myip it just hangs intil i Control-C
I'm assuming you mean your the IP your ISP gave you. If this is wrong, ignore what follows:


To SSH to a computer from outisde your LAN, you need to set port forwarding on your router. Get into the web software and forward port 22 to your linux box (192.168.1.103).

From within your LAN, you should be able to point directly to 192.168.1.103 without the router port forwarding set up, but from outside your LAN you must forward port 22 for SSH to work. If you can't connect from within your LAN, then something else is wrong.

Tyir 02-08-2004 07:44 PM
Something else is wrong....

I changed the ip on my box to a static one, (192.168.1.166)

On my box, i can ping/ssh into it with no problem

But on the other computers on my network, now I can't ping or ssh, i guess this is a deepr problem :P


Is there something obvious I'm missing?
I have a firewall which is supposed to let ssh through, but it times out even with it off.. anyway ping should still work...

GAAAAAAAAHHHHHHHHHHHHHH!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

so now that i switched to a static ip for my linux box, i can't ping it with the windows computers on the network!!
Please help, i can't find this problem anywhere......
Note, i CAN connect to the internet, and i CAN ping the windows boxes, its like they just can't see me!
I have tried it with the firewall off, as well, the command for that is
cd /etc/rc.d
./rc.firewall stop
right?

If this helps, this is the output of ifconfig -a
Code:
root-22:38:32-~:ifconfig -a
eth0      Link encap:Ethernet  HWaddr 00:E0:29:3A:59:22 
          inet addr:192.168.1.166  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:27283 errors:0 dropped:0 overruns:0 frame:0
          TX packets:27084 errors:0 dropped:0 overruns:0 carrier:0
          collisions:18 txqueuelen:100
          RX bytes:14212479 (13.5 Mb)  TX bytes:3001912 (2.8 Mb)
          Interrupt:3 Base address:0xdf80

lo        Link encap:Local Loopback 
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:121 errors:0 dropped:0 overruns:0 frame:0
          TX packets:121 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:12669 (12.3 Kb)  TX bytes:12669 (12.3 Kb)

root-22:38:34-~:

EDIT::

wohoo! i fixed it!
everything was set up ok, my firewall was being a bitch
so i turned it off, and it works
but i need a new firewall
I'm having such terrible luck with guarddo,g and i had bad luck with firestarter too..

Can someone post a good basic firewall script
I need ssh access obviously, http and IM clients and stuff

but not webserver stuff etc

thanks

Hangdog42 02-09-2004 07:38 AM
This is pretty basic......First, drop everything

iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP

Now allow things in that originate from within your computer using state matching:

iptables -A INPUT -m state --state ESTABLISHED, RELATED -j ACCEPT
iptables -A OUTPUT -m state --state NEW,ESTABLISHED RELATED -j ACCEPT

Finally, open the specific ports that you want to use from outside your box. I'll use ssh as examples:

iptables -A INPUT -p tcp --dport 22 -j ACCEPT

Alter the port line as needed to allow access to whatever other services you are running. The state matching should allow your browser and IM, but I have seen people having trouble with IM. You may need to explicitly open ports that IM needs.

The iptables tutorial is kind of a long read, but there is a wealth of info there on writing rules.

Finally, since you will be exposing services to the internet, you will definitly want to run an IDS like Snort and a file monitor like Aide or Tripwire


All times are GMT -5. The time now is 08:23 AM.