LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   FC9 : SSH OK but unable to connect via FTP, VNC, etc. (https://www.linuxquestions.org/questions/linux-networking-3/fc9-ssh-ok-but-unable-to-connect-via-ftp-vnc-etc-645043/)

revof11 05-27-2008 06:12 AM
FC9 : SSH OK but unable to connect via FTP, VNC, etc.
 
I can successfully connect to my PC on my local network via SSH. However, I cannot connect to it by any other means (my primary concerns being FTP and VNC). I have disabled the local firewall and the SELinux enforcement (I am behind a firewall on the network already and it is not necessary) but still cannot connect.

The system is:
Quote:
$ uname -a
Linux revof11-fedora 2.6.25.3-18.fc9.i686 #1 SMP Tue May 13 05:38:53 EDT 2008 i686 i686 i386 GNU/Linux
You can see the GUI-based config options here:
I can connect to the server successfully using localhost as you can see here:
Quote:
]$ ftp localhost
Connected to localhost (127.0.0.1).
220 (vsFTPd 2.0.6)
Name (localhost:myuser):

$ vncviewer localhost:1

VNC Viewer Enterprise Edition E4.4.0 (r12094) for X
Built on May 6 2008 10:43:38
Copyright (C) 2002-2008 RealVNC Ltd.
See http://www.realvnc.com for information on VNC.
However, doing so from any other computer on the network doesn't work:
Quote:
$ftp my.ip.address
> ftp: connect :Unknown error number
ftp>

>vncviewer my.ip.address:1

VNC Viewer : Error
unable to connect to host: A socket operation was attempted to an unreachable host. (10065)
Does anyone out there have any suggestions/fixes?

sunethj 05-27-2008 08:11 AM
did you try ftp to the local ip address from the fc9 box (instead of the localhost put ip address and see.) if that fails then it may be because the server is not listening in that ip address.

espiya7 05-27-2008 10:34 AM
try checking these files:

/etc/hosts.allow
/etc/hosts.deny

try adding your service to the hosts.allow file if it is not included and remove your service if it's in the hosts.deny

revof11 05-27-2008 12:53 PM
Quote:
Originally Posted by sunethj (Post 3165902)
did you try ftp to the local ip address from the fc9 box (instead of the localhost put ip address and see.) if that fails then it may be because the server is not listening in that ip address.
That does actually work. If I FTP or VNC to my.ip.address:port, it works just fine. It works exactly as if I was using localhost or 127.0.0.1.

So...

Quote:
Originally Posted by espiya7 (Post 3166022)
try checking these files:

/etc/hosts.allow
/etc/hosts.deny

try adding your service to the hosts.allow file if it is not included and remove your service if it's in the hosts.deny
Both files where empty (well, they were commented, but there was nothing directly useful in there). I looked at the man 5 hosts_options page and was able to come up with the following for my /etc/hosts.allow file:

Code:
#
# hosts.allow        This file contains access rules which are used to
#                allow or deny connections to network services that
#                either use the tcp_wrappers library or that have been
#                started through a tcp_wrappers-enabled xinetd.
#
#                See 'man 5 hosts_options' and 'man 5 hosts_access'
#                for information on rule syntax.
#                See 'man tcpd' for information on tcp_wrappers
#

ALL: ALL: ALLOW
I restarted my network interface, my inet.d services, xinetd, etc. and had no luck. I rebooted and had no luck. I did the same using vsftpd: ALL: ALLOW with no luck as well.

However, while booting, I noticed messages for "enabling iptables firewall settings" (or something to that nature, it's not appearing in my /var/log/messages, /var/log/boot.log or dmesg). I'm going to try working with some other configurations with the firewall and SELinux both enabled to see if I can get it working that way...

Unless you have more suggestions...?

revof11 05-27-2008 01:02 PM
OK... I was actually able to get it all working by emptying my /etc/hosts.allow file and re-enabling the firewall via Gnome. When I did this, I set up the following:

That will suffice.

But I'm still curious as to why the rules were applied even after I explicitly turned it off via the GUI. Bug?

richardedwards 05-29-2008 11:06 AM
I had exactly the same issue. Got to be a bug...surely two of us can't make foolish errors! :)


All times are GMT -5. The time now is 10:44 AM.