LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Get 'connection was forcibly closed' (https://www.linuxquestions.org/questions/linux-networking-3/get-connection-was-forcibly-closed-421114/)

jcrowley 03-02-2006 08:59 PM
Get 'connection was forcibly closed'
 
Have a Red Hat 9 server.

Am trying to connect to the server from a Windows 2000 machine (for a couple of different applications).

Telnet is running on the server (I can self-connect to telnet on the server). If I try to connect from the Win box, I always get a "An existing connection was forcibly closed by the remote host" message.

Wrote a simple TestPort routine in the Win box -- feed it an IP address and list of ports and it will try to open a socket connection to each port.

Every port returns the same error as above (usually after about a 30 second delay).

On the Linux box netstat shows listeners active for all the ports.

Both machines are on the same sub-net, and I'm using IP addresses instead of names, so not going through any DNS. Both machines can ping each other.

I'm a newbie to Linux, and suspect it's some type of authorization issue, but have been trolling the Web all day without coming up with an answer. Appreciate any help.

Thanks.

gilead 03-02-2006 09:11 PM
If you get that for all ports, it may be a firewall on the Linux box. Have you used nmap from http://www.insecure.org/nmap/ before? There is a Windows version so you can scan the Linux box from Windows and see what ports are open.

One the Linux box, have a look in /etc/init.d for a file called iptables (or firewall, or something like that). Try, as root, running service iptables stop and then run nmap again (or just try and telnet to the box).

It may be that telnet is disabled - it's not the best choice for remote access. Have you tried ssh?

jcrowley 03-02-2006 09:12 PM
May have solved this -- turned off the firewall.

Of course, in normal practice I want a firewall enabled, so what do I have to configure to let these ports through?

gilead 03-02-2006 09:40 PM
The standard telnet port is 23 and the standard ssh port is 22. If you're using iptables, you can use something like:
For telnet
Code:
iptables -t filter -A INPUT  -p TCP --dport 23 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -t filter -A OUTPUT -p TCP --sport 23 -m state --state ESTABLISHED -j ACCEPT
For SSH
Code:
iptables -t filter -A INPUT  -p TCP --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -t filter -A OUTPUT -p TCP --sport 22 -m state --state ESTABLISHED -j ACCEPT
That can be refined to only allow new connections with SYN set, or only connections from certain IPs, etc. Also, if you have more than one network card in the box, you should specify the interface.

jcrowley 03-03-2006 06:14 AM
Thanks
 
Stopping the firewall did the trick.

Thanks for the help and the link to NMAP.
John


All times are GMT -5. The time now is 06:50 AM.