Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have IPCop with green and red cards. In my green network I have a SSH server using port 22 (IP: 192.168.0.1). My red card is connected to internet with fix IP. I want access my SSH server from outside using port 22 (my ISP blocks other ports). I set external services to open port 22 and forward port 22 from red to my internal ip 192.168.0.1 port 22. I also enabled SSH in IP configuration web page. All seems right, my access from internal network to internet is OK. But external access to my SSH server is completely imposible!!
Additional information: I'm trying to access from really outside. I can access the Ipcop web page from outside (https://x.x.x.x:445). I think I have to edit /etc/rc.d/rc.firewall.up, but don't know what to change. Any idea to fix the problem? Thanks in advance
Start by adding some -j LOG entries to your rc.firewall. eg iptables t nat -I PREROUTING -p tcp -i eth~ --dport 22 -j LOG --log-level 6 --log-prefix "incoming_ssh "
and iptables -I INPUT -p tcp -i eth~ --dport 22 -j LOG --log-level 6 --log-prefix "input_ssh "
Use -I to place these rules first in each chain.
If the packets are getting to these points, change the entries ti -A to place them at the end of the chains. If the packets are getting this far, you need to check the server on the destination pc.
try,
netstat -tanp
and see if ssh is waiting on port 22 and the correct interface.
You should at least get responses to SYN packets if ssh server is alive.
If packets are not getting to your ssh server pc, check to see if IPCOP has banned you for too many packets... wouldn't be the first to have this problem.
rc.firewall.up in the ssh server pc, if it runs Linux 2.4.xx
IPCOP uses ipchains and you may have some fun writing rules into it and having them remain.
2nd iptables -t nat -I PRE~
3rd look for your log outputs im /var/log/messages
try,
tail -f /var/log/messages,
again, on the ssh server.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.