LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Putty and Shorewall.. need help with firewall (https://www.linuxquestions.org/questions/linux-newbie-8/putty-and-shorewall-need-help-with-firewall-76742/)

Newman_SCO 07-28-2003 05:29 PM

Putty and Shorewall.. need help with firewall
 
Hi there,

I am trying to get putty to work remotely over a lan with my mandrake 9.1 box.

I am using xp. When attempting to connect to linux box. It displays "connection refused"

This is down to the shorewall firewall on the linux box.

I have opened ports on shorewall before.

This time I want to be double sure that the port which is going to be opened will not be open to the net. But only the lan.


I have read info about how to do. (below)
=========================================================================
At this point, edit your /etc/shorewall/policy and make any changes that you wish.

Enabling other Connections
If you wish to enable connections from the internet to your firewall, the general format is:
ACTION SOURCE DESTINATION PROTOCOL PORT SOURCE PORT ORIGINAL ADDRESS
ACCEPT net fw <protocol> <port>
Example - You want to run a Web Server and a POP3 Server on your firewall system:

ACTION SOURCE DESTINATION PROTOCOL PORT SOURCE PORT ORIGINAL ADDRESS
ACCEPT net fw tcp 80
ACCEPT net fw tcp 110

If you don't know what port and protocol a particular application uses, see here.
Important: I don't recommend enabling telnet to/from the internet because it uses clear text (even for login!). If you want shell access to your firewall from the internet, use SSH:

ACTION SOURCE DESTINATION PROTOCOL PORT SOURCE PORT ORIGINAL ADDRESS
ACCEPT net fw tcp 22

At this point, edit /etc/shorewall/rules to add other connections as desired
================================================




What I need to do is.

ACCEPT networkadaptername fw tcp 23


-Is this correct to open the port on my linux box to the network?
-And this will not be accessible via the net?

Thank you very much for reading.

And have a good day

neo77777 07-28-2003 05:41 PM

Well, I believe instead of source you need to put your network address, such as 10.0.0.0 if you configured your LAN for use 10.0.0.0/8 address space, then as the port use 22 not 23, 23 is telnet, unless you configured sshd to accept connections on port 23 and disabled telnet.

Newman_SCO 07-28-2003 06:47 PM

Name it as Network address(ip).. ok..righty then.
And I use port 22. I assumed it was 23 because that was the default no. when I downloaded putty. But as you said that is the telnet default.

I want to use ssh as it is said to be more secure.

Thank you very much Neo77777

Newman_SCO 07-29-2003 12:07 PM

Failed to work..

I opened port 22 and 23 to local network in shorewall rules file.

I still get refused connections in putty.


Wrote something like this.
ACCEPT loc fw tcp 22,23

I'm baffled.

Anyone got an idea?

Bungholio 08-04-2003 11:07 AM

did you try your local ip instead of loc ?

mindnumbed 08-04-2003 03:43 PM

try disconnecting your mandrake box from the net and then trying:
# shorewall clear
(someone check if this is right?)

it would be useful just to confirm that it is indeed the firewall and not just sshd that is refusing your connection


All times are GMT -5. The time now is 02:17 PM.