I have a number of PCs running on a local area network.

One runs Vista and one runs Red Hat 9 Linux (Yes I know it is old but the applications only run on this version).

I also remotely access an RH9 server offsite.

Using Putty and CuteFTP8 and web cgi files I am able to get into and run and change applications on the remote RH9 server.

I can also login directly to my local RH9 PC and do what I like that way.

However I can not get access through Putty or Cute or web cgi to my RH9 PC from the Vista PC. Although the application client runs perfectly against the local version of the application database on my Linux PC.
The message from Putty is (after a long delay) "Network error : Connection timed out".
Cute FTP fails with a similar message.

Do I need to do something on my modem/router to allow the connection (allow ports or something?) or do I need to do something on the RH9 PC?

If this is some basic security change I need to make to the PC I would appreciate some pointers on where to look and what to do.

Thanks,

Lordlava

Hi, Red Hat 9 is quite old... but I am guessing the port is probably blocked via firewall. See if you have iptables running, iptables -nvL and copy the output here in code tags, (iptables is in /sbin if you are not running with a user who has /sbin in their $PATH). What will be looked into, is if port 22 is open or closed. I believe FTP uses 21, SCP and SFTP use 22 tho.

Attached is the output from the iptables -nvL comand
It does not appear to mean anything to me.


Chain INPUT (policy ACCEPT 18 packets, 5788 bytes)
pkts bytes target prot opt in out source destination
7489 516K RH-Lokkit-0-50-INPUT all -- * * 0.0.0.0/0 0.0.0.0/0

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 RH-Lokkit-0-50-INPUT all -- * * 0.0.0.0/0 0.0.0.0/0

Chain OUTPUT (policy ACCEPT 7488 packets, 512K bytes)
pkts bytes target prot opt in out source destination

Chain RH-Lokkit-0-50-INPUT (2 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT udp -- * * 61.9.133.193 0.0.0.0/0 udp spt:53 dpts:1025:65535
3 361 ACCEPT udp -- * * 61.9.242.33 0.0.0.0/0 udp spt:53 dpts:1025:65535
0 0 ACCEPT udp -- eth0 * 0.0.0.0/0 0.0.0.0/0 udp spts:67:68 dpts:67:68
0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp spts:67:68 dpts:67:68
7461 509K ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpts:0:1023 flags:0x16/0x02 reject-with icmp-port-unreachable
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:2049 flags:0x16/0x02 reject-with icmp-port-unreachable
7 1166 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:0:1023 reject-with icmp-port-unreachable
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:2049 reject-with icmp-port-unreachable
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpts:6000:6009 flags:0x16/0x02 reject-with icmp-port-unreachable
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:7100 flags:0x16/0x02 reject-with icmp-port-unreachable

OK Can I ask the question a different way?

Assuming the local RH9 Linux PC is blocking access how can I identify the port that I should be using or alternatively authorise a port to allow access? For example the remote Linux server allows access via port 22. It would be nice if I could do the same. Then I can type in the local PC IP address and the port and I am in.

Is there somewhere I can look that explains this in English or if simple enough can someone explain it here?

OK I found a solution that appears to work.

cd /sbin

iptables -F INPUT
iptables -A INPUT -p tcp --dport 22 -s '192.168.1.103' -j ACCEPT
service iptables save

Where the IP address is the local IP address allocated by the modem/router and 22 is the portno I wanted access to.
Now I can use Putty to login into the Linix RH9 PC.

I could not get the IP range working or the REJECT command but I am happy and can proceed.

Thanks.