Linux Servers dropping connections
I have two different linux servers both of which drop connections when I attempt to ftp or telnet. I also recently started running an smtp server (sendmail) on one of the two and I can't seem to establish a connection to sendmail either.
I'm running SuSE 8.0 and I am currently using the firewall setup utility that came with the OS. I told the firewall to enable http/https, telnet, smtp, ftp, and telnet. To eliminate the firewall as the problem, I shut the firewall down but got the same results. All the daemons have been inetd for these services also. Can anyone tell me how to start debugging this situation? Thanks, Charles |
When you say dropping, do you mean that the connection succedes but then terminates abnormaly?
Can you post the output from: iptables -nL netstat -nlp |
Dropping connections
By dropping connections I mean that it is appearent that an attempt is made
to connect but there is no indication that the connection is actually made. It seems to behave like a time out, with a pause then the message: "Connection has been dropped by foreign host" here is the netstat Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:37 0.0.0.0:* LISTEN 18151/inetd tcp 0 0 0.0.0.0:7 0.0.0.0:* LISTEN 18151/inetd tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN 18151/inetd tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN 18151/inetd tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1021/portmap tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 726/(squid) tcp 0 0 0.0.0.0:6000 0.0.0.0:* LISTEN 1310/X tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 18151/inetd tcp 0 0 0.0.0.0:23 0.0.0.0:* LISTEN 18151/inetd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1138/sendmail: acce tcp 0 0 :::22 :::* LISTEN 1046/sshd udp 0 0 0.0.0.0:7 0.0.0.0:* 18151/inetd udp 0 0 0.0.0.0:1040 0.0.0.0:* 726/(squid) udp 0 0 0.0.0.0:37 0.0.0.0:* 18151/inetd udp 0 0 0.0.0.0:3130 0.0.0.0:* 726/(squid) udp 0 0 0.0.0.0:3401 0.0.0.0:* 726/(squid) udp 0 0 0.0.0.0:111 0.0.0.0:* 1021/portmap Active UNIX domain sockets (only servers) Proto RefCnt Flags Type State I-Node PID/Program name Pat h unix 2 [ ACC ] STREAM LISTENING 8846 1805/kdeinit: Runni /tm p/ksocket-root/kdeinit-:0 unix 2 [ ACC ] STREAM LISTENING 8851 1808/kdeinit: dcops /tm p/.ICE-unix/dcop1808-1095830031 unix 2 [ ACC ] STREAM LISTENING 1033110 9754/kdesud /t mp/ksocket-root/kdesud_:0 unix 2 [ ACC ] STREAM LISTENING 8772 1732/medusa-idled /tm p/medusa-idled-service unix 2 [ ACC ] STREAM LISTENING 2202 1138/sendmail: acce /va r/run/sendmail/control unix 2 [ ACC ] STREAM LISTENING 3044 1294/nscd /va r/run/.nscd_socket iptables -nL follows: Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 LOG all -- 127.0.0.0/8 0.0.0.0/0 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOFING ' LOG all -- 0.0.0.0/0 127.0.0.0/8 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOFING ' DROP all -- 127.0.0.0/8 0.0.0.0/0 DROP all -- 0.0.0.0/0 127.0.0.0/8 LOG all -- 192.168.1.1 0.0.0.0/0 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOFING ' DROP all -- 192.168.1.1 0.0.0.0/0 input_int all -- 0.0.0.0/0 192.168.1.1 DROP all -- 0.0.0.0/0 192.168.1.255 DROP all -- 0.0.0.0/0 255.255.255.255 LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 6 level 4 prefix `SuSE-FW-UNAUTHORIZED-TARGET ' DROP all -- 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy DROP) target prot opt source destination TCPMSS tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x02 TCPMSS clamp to PMTU Chain OUTPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 11 LOG flags 6 level 4 prefix `SuSE-FW-TRACEROUTE-ATTEMPT ' ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 11 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 3 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 4 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 9 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 10 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 13 DROP icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 3 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 6 level 4 prefix `SuSE-FW-OUTPUT-ERROR ' Chain forward_dmz (0 references) target prot opt source destination Chain forward_ext (0 references) target prot opt source destination Chain forward_int (0 references) target prot opt source destination Chain input_dmz (0 references) target prot opt source destination LOG all -- 192.168.1.0/24 0.0.0.0/0 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOF ' DROP all -- 192.168.1.0/24 0.0.0.0/0 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 0 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 3 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 11 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 12 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 14 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 18 LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 5 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 4 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 13 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 17 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 2 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT ' DROP icmp -- 0.0.0.0/0 0.0.0.0/0 REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:113 flags:0x16/0x02 reject-with tcp-reset LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP ' DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 flags:0x16/0x02 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP ' DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 flags:0x16/0x02 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:23 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP ' DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:23 flags:0x16/0x02 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:37 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP ' DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:37 flags:0x16/0x02 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP ' DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 flags:0x16/0x02 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:111 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP ' DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:111 flags:0x16/0x02 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:143 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP ' DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:143 flags:0x16/0x02 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:6000 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP ' DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:6000 flags:0x16/0x02 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state ESTABLISHED tcp dpts:600:65535 flags:!0x16/0x02 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state ESTABLISHED tcp dpt:20 flags:!0x16/0x02 ACCEPT udp -- 192.168.1.4 0.0.0.0/0 state NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535 ACCEPT udp -- 151.164.30.104 0.0.0.0/0 state NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535 ACCEPT udp -- 151.164.11.201 0.0.0.0/0 state NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535 DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:21 DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:22 DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:23 DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:37 DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:37 DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:80 DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:111 DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:111 DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:143 DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:1040 DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:3130 DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:3401 DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:6000 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 4 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 5 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 13 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 17 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT ' LOG udp -- 0.0.0.0/0 0.0.0.0/0 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT ' LOG all -- 0.0.0.0/0 0.0.0.0/0 state INVALID LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT-INVALID ' DROP all -- 0.0.0.0/0 0.0.0.0/0 Chain input_ext (0 references) target prot opt source destination LOG all -- 192.168.1.0/24 0.0.0.0/0 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ANTI-SPOOF ' DROP all -- 192.168.1.0/24 0.0.0.0/0 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 0 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 3 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 11 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 12 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 14 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 18 LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 5 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 4 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 13 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 17 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 2 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT ' DROP icmp -- 0.0.0.0/0 0.0.0.0/0 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-ACCEPT ' ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED tcp dpt:53 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-ACCEPT ' ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED tcp dpt:80 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-ACCEPT ' ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED tcp dpt:443 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:143 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-ACCEPT ' ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED tcp dpt:143 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:993 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-ACCEPT ' ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED tcp dpt:993 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:110 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-ACCEPT ' ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED tcp dpt:110 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:995 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-ACCEPT ' ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED tcp dpt:995 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-ACCEPT ' ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED tcp dpt:25 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:23 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-ACCEPT ' ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED tcp dpt:23 REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:113 flags:0x16/0x02 reject-with tcp-reset LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP ' DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 flags:0x16/0x02 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP ' DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 flags:0x16/0x02 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:23 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP ' DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:23 flags:0x16/0x02 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:37 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP ' DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:37 flags:0x16/0x02 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP ' DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 flags:0x16/0x02 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:111 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP ' DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:111 flags:0x16/0x02 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:143 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP ' DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:143 flags:0x16/0x02 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:6000 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP ' DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:6000 flags:0x16/0x02 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state ESTABLISHED tcp dpts:600:65535 flags:!0x16/0x02 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state ESTABLISHED tcp dpt:20 flags:!0x16/0x02 ACCEPT udp -- 192.168.1.4 0.0.0.0/0 state NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535 ACCEPT udp -- 151.164.30.104 0.0.0.0/0 state NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535 ACCEPT udp -- 151.164.11.201 0.0.0.0/0 state NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535 DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:21 DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:22 DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:23 DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:37 DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:37 DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:80 DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:111 DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:111 DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:143 DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:1040 DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:3130 DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:3401 DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:6000 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED udp dpts:1024:65535 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 4 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 5 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 13 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 17 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT ' LOG udp -- 0.0.0.0/0 0.0.0.0/0 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT ' LOG all -- 0.0.0.0/0 0.0.0.0/0 state INVALID LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT-INVALID ' DROP all -- 0.0.0.0/0 0.0.0.0/0 Chain input_int (1 references) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 0 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 3 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 11 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 12 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 14 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 18 LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 5 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 4 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 13 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 17 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 2 LOG flags 6 level 4 prefix `SuSE-FW-DROP-ICMP-CRIT ' DROP icmp -- 0.0.0.0/0 0.0.0.0/0 REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:113 flags:0x16/0x02 reject-with tcp-reset LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:1024:65535 flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-ACCEPT ' ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED tcp dpts:1024:65535 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state ESTABLISHED tcp dpts:600:65535 flags:!0x16/0x02 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state ESTABLISHED tcp dpt:20 flags:!0x16/0x02 ACCEPT udp -- 192.168.1.4 0.0.0.0/0 state NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535 ACCEPT udp -- 151.164.30.104 0.0.0.0/0 state NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535 ACCEPT udp -- 151.164.11.201 0.0.0.0/0 state NEW,RELATED,ESTABLISHED udp spt:53 dpts:1024:65535 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x16/0x02 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 4 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 5 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 13 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 17 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT ' LOG udp -- 0.0.0.0/0 0.0.0.0/0 LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT ' LOG all -- 0.0.0.0/0 0.0.0.0/0 state INVALID LOG flags 6 level 4 prefix `SuSE-FW-DROP-DEFAULT-INVALID ' DROP all -- 0.0.0.0/0 0.0.0.0/0 unix 2 [ ACC ] STREAM LISTENING 3707 1310/X /tm p/.X11-unix/X0 unix 2 [ ACC ] STREAM LISTENING 8875 1811/kdeinit: klaun /tm p/ksocket-root/klauncherQLGPzb.slave-socket unix 2 [ ACC ] STREAM LISTENING 8946 1826/artsd /tm p/mcop-root/musashi_pctechnirvana_com-0722-41510a18 unix 2 [ ACC ] STREAM LISTENING 8975 1838/kdeinit: ksmse /tm p/.ICE-unix/1838 |
Those firewall rules look extremely complex and OTT. Try temporarily disabling the firewall with this to see if it helps:
iptables -F itpables -P INPUT ACCEPT itpables -P OUTPUT ACCEPT |
Dropping Connections
Tried it but got the same results.
|
There are several levels of security in the linux networking world, one is the iptables.
There is also a security perimeter are the tcp wrapper which uses the files hosts.allow and hosts.deny, found in the /etc directory. These files which ip adresses to let through and which to block. Not all services have support for the tcp wrapper system but at least the telnet should have that. If your IP are listen in the hosts.deny you won't be able to connect. Most common is to set ALL : DENY to block all hosts and then open upp specific services and hosts in the hosts.allow file. There are also a security feature built into the inetd service. |
Well, I finally got the telnet to work. I found that the daemon had not
been installed in the OS:tisk: . FTP is trying hard to work but I think the configuration is either wrong or I don't understand it. Probably both! FTP says it is running in anonymous mode yet it prompts me for username and password anyway. Futhermore it prompts ROOT as the default user. I thought this was forbidden by default. Anyway if I provide a password or change users and provide the password the FTP fails to connect saying that "this is an anonymous only server". Here is the output: When I do nothing: Connected to musashi.pctechnirvana.com. 220 ready, dude (vsFTPd 1.0.1: beat me, break me) Name (musashi.pctechnirvana.com:root): 530 This FTP server is anonymous only. ftp: Login failed. When I attempt user/password: ftp musashi.pctechnirvana.com Connected to musashi.pctechnirvana.com. 220 ready, dude (vsFTPd 1.0.1: beat me, break me) Name (musashi.pctechnirvana.com:root): <I type username here> 530 This FTP server is anonymous only. ftp: Login failed. It seems that I need to modify this server config. Can anyone help?:confused: |
Anonymous ftp requires you to give anonymous as username. Some installations also requires you to enter your e-mail address as password. The reson why it suggest root as user is usually that you have run the ftp command as the user root.
Your output seems to be in order. Try to login as user anonymous, giving an empty password or an email address, and you will get in. |
All times are GMT -5. The time now is 01:58 PM. |