Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I spent way too many hours on this and still can't get it to work, hope someone can help.
I have an old RH Linux install, I think RH Linux 6.2 very basic install, no gui, just command line and X11. I can do everything I want on local lan, telnet, ftp, X11 all using root. But I cannot access any services from outside using my router's port forwarding.
I tried port forwarding ftp (21), telnet(23) and vncserver(5901) to the correct local IP address but I always get "Connection Refused" or "target machine actively refused it". I know I'm getting to the server, but something is blocking root access.
I turned off IPTABLES, and I really don't want to get into SSH right now (I know all about security issues, this is just a test server, nothing important on here, so hackers you can go for it!)...just please let me know what I have to do to get root access to my own machine...please.
I checked all the obvious stuff, like ftpaccess, securetty, etc...like I said, everything works the way I want on a local lan, just coming in from outside is where the problem is.
I just don't get it, with no firewall, what could be blocking it.
I'll refrain from moaning about not using ssh (but.... WHY??? it's already there isn't it??), but do avoid ftp for now certainly. it's a clunky and confusing protocol from the archaic dual channel method it uses. That said though, if the box is listening, and ipchains (this is the 13 year old RH6.2 right????) is allowing in requests from remote locations, then it should work. dynamic DNS is certainly irrelevant as long as it's resolving to the right IP - check that that is correct.
so "ipchains -vnL" should work, or "iptables -vnL" if it did use iptables. That's my best guess though, only allowing local subnet access in netfilter.
1) Your DDNS is not resolving the correct IP. Forget DDNS for now and just use your router's public IP.
2) Your ISP is blocking incoming connections on those ports. Try setting up one of your services to listen on a non-standard port and see if it is still blocked
3) Your router is blocking the connections - check the firewall settings
4) Your machine is blocking the connections - check the ipchains settings as described by acid_kewpie
Last edited by suicidaleggroll; 06-11-2013 at 09:19 AM.
thanks suicidaleggroll (wow! now that's a username!) and acid_kewpie, (gee, I wish I had been more creative with my username)....
Just to respond to the 4 options:
1. DDNS is working properly because I can get to other services on other machines, for example, RDP (port 3389) to a Windows machine, mySQL (port 3306) to another Windows machine, FTP (port 21) to a Windows machine (before I switched over to the Linux box), etc.
2. ISP is not blocking, because everything works on same ports on Windows machines.
3. (see 1. and 2.)
4. yes, I think this is correct, my Linux machine is blocking, but why ? iptables -nvL shows no rules and ipchains -nvL says "Incompatible with this kernel"
There must be some setting somewhere that is blocking root access to this machine if the connection is coming from anything other than local subnet....but where is this setting? Is there anything other than iptables that could be blocking? maybe some kind of network settings, but I don't see it.
I'm familiar IP packet forwarding, I have two NICs in this machine, so packets can be forwarded based on second NIC IP address and static routes, but what does the second setting mean?
AHHHHH....I figured it out! After tons of searches, reading, learning,...it was my DDNS...I havd both a ?????.com and ?????.org defined in my DDNS host and I was using the wrong one for the linux server, ....wow...several days to find a typo problem, who hasn't been there?
By the way, suicidaleggroll, your no. 1 suggestion did it for me, "Forget DDNS for now and just use your router's public IP". When I tried that, everything worked....I thought to my self, wtf!!!
Oh well, I certainly know a lot more about linux now than I ever did. Thanks for the support and motivation to keep searching.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
