Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place! |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
07-28-2003, 05:29 PM
|
#1
|
Member
Registered: Jul 2003
Location: Scotland, Fife
Distribution: Mandrake 9.1
Posts: 31
Rep:
|
Putty and Shorewall.. need help with firewall
Hi there,
I am trying to get putty to work remotely over a lan with my mandrake 9.1 box.
I am using xp. When attempting to connect to linux box. It displays "connection refused"
This is down to the shorewall firewall on the linux box.
I have opened ports on shorewall before.
This time I want to be double sure that the port which is going to be opened will not be open to the net. But only the lan.
I have read info about how to do. (below)
=========================================================================
At this point, edit your /etc/shorewall/policy and make any changes that you wish.
Enabling other Connections
If you wish to enable connections from the internet to your firewall, the general format is:
ACTION SOURCE DESTINATION PROTOCOL PORT SOURCE PORT ORIGINAL ADDRESS
ACCEPT net fw <protocol> <port>
Example - You want to run a Web Server and a POP3 Server on your firewall system:
ACTION SOURCE DESTINATION PROTOCOL PORT SOURCE PORT ORIGINAL ADDRESS
ACCEPT net fw tcp 80
ACCEPT net fw tcp 110
If you don't know what port and protocol a particular application uses, see here.
Important: I don't recommend enabling telnet to/from the internet because it uses clear text (even for login!). If you want shell access to your firewall from the internet, use SSH:
ACTION SOURCE DESTINATION PROTOCOL PORT SOURCE PORT ORIGINAL ADDRESS
ACCEPT net fw tcp 22
At this point, edit /etc/shorewall/rules to add other connections as desired
================================================
What I need to do is.
ACCEPT networkadaptername fw tcp 23
-Is this correct to open the port on my linux box to the network?
-And this will not be accessible via the net?
Thank you very much for reading.
And have a good day
|
|
|
07-28-2003, 05:41 PM
|
#2
|
LQ Addict
Registered: Dec 2001
Location: Brooklyn, NY
Distribution: *NIX
Posts: 3,704
Rep:
|
Well, I believe instead of source you need to put your network address, such as 10.0.0.0 if you configured your LAN for use 10.0.0.0/8 address space, then as the port use 22 not 23, 23 is telnet, unless you configured sshd to accept connections on port 23 and disabled telnet.
|
|
|
07-28-2003, 06:47 PM
|
#3
|
Member
Registered: Jul 2003
Location: Scotland, Fife
Distribution: Mandrake 9.1
Posts: 31
Original Poster
Rep:
|
Name it as Network address(ip).. ok..righty then.
And I use port 22. I assumed it was 23 because that was the default no. when I downloaded putty. But as you said that is the telnet default.
I want to use ssh as it is said to be more secure.
Thank you very much Neo77777
|
|
|
07-29-2003, 12:07 PM
|
#4
|
Member
Registered: Jul 2003
Location: Scotland, Fife
Distribution: Mandrake 9.1
Posts: 31
Original Poster
Rep:
|
Failed to work..
I opened port 22 and 23 to local network in shorewall rules file.
I still get refused connections in putty.
Wrote something like this.
ACCEPT loc fw tcp 22,23
I'm baffled.
Anyone got an idea?
|
|
|
08-04-2003, 11:07 AM
|
#5
|
LQ Newbie
Registered: Jul 2003
Location: Ottawa
Distribution: Mandrake 9.1
Posts: 23
Rep:
|
did you try your local ip instead of loc ?
|
|
|
08-04-2003, 03:43 PM
|
#6
|
Member
Registered: Jul 2003
Location: Scotland
Distribution: Debian
Posts: 74
Rep:
|
try disconnecting your mandrake box from the net and then trying:
# shorewall clear
(someone check if this is right?)
it would be useful just to confirm that it is indeed the firewall and not just sshd that is refusing your connection
|
|
|
All times are GMT -5. The time now is 05:22 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|