LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page PcAnywhere through Firewall
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 01-15-2004, 11:07 PM   #1
KevinGuy
LQ Newbie
 
Registered: Jul 2003
Posts: 29

Rep: Reputation: 15
PcAnywhere through Firewall

Ok, Here is my code to allow pcAnywhere through.

Code:
$IPT -t nat -A PREROUTING -i $EXT -p udp --dport 5632 -j DNAT --to 192.168.0.11:5632
$IPT -t nat -A PREROUTING -i $EXT -p tcp --dport 5631 -j DNAT --to 192.168.0.11:5631
Here is my problem:

Code:
Jan 15 21:59:56 RedHat kernel: **PACKET DROP** IN=eth0 OUT=eth1 SRC=66.1.46.3 DST=192.168.0.11 LEN=30 TOS=0x00 PREC=0x00 TTL=112 ID=60489 PROTO=UDP SPT=1709 DPT=5632 LEN=10
Jan 15 22:00:07 RedHat kernel: **PACKET DROP** IN=eth0 OUT=eth1 SRC=66.1.46.3 DST=192.168.0.11 LEN=48 TOS=0x00 PREC=0x00 TTL=112 ID=60506 DF PROTO=TCP SPT=1710 DPT=5631 WINDOW=65535 RES=0x00 SYN URGP=0
Jan 15 22:00:09 RedHat kernel: **PACKET DROP** IN=eth0 OUT=eth1 SRC=66.1.46.3 DST=192.168.0.11 LEN=48 TOS=0x00 PREC=0x00 TTL=112 ID=60511 DF PROTO=TCP SPT=1710 DPT=5631 WINDOW=65535 RES=0x00 SYN URGP=0
Jan 15 22:00:16 RedHat kernel: **PACKET DROP** IN=eth0 OUT=eth1 SRC=66.1.46.3 DST=192.168.0.11 LEN=48 TOS=0x00 PREC=0x00 TTL=112 ID=60523 DF PROTO=TCP SPT=1710 DPT=5631 WINDOW=65535 RES=0x00 SYN URGP=0
What do I need to add to let the outside get through my firewall to my pcAnywhere host(192.168.0.11) ? Because I am stumped =(

Thanks.
 
Old 01-16-2004, 01:22 PM   #2
Tinkster
Moderator
 
Registered: Apr 2002
Location: earth
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
Blog Entries: 11

Rep: Reputation: 928Reputation: 928Reputation: 928Reputation: 928Reputation: 928Reputation: 928Reputation: 928Reputation: 928
The possible rule-sets in iptables are
a bit too complex to be able to diagnose
the problem on these few lines of information.

Why don't you post the output of
iptables -L
, maybe we can tackle it from there?


Cheers,
Tink
 
Old 01-16-2004, 02:05 PM   #3
KevinGuy
LQ Newbie
 
Registered: Jul 2003
Posts: 29

Original Poster
Rep: Reputation: 15
Woops, Sorry I did not post that before. Here you go

Here is iptables -L -v

Code:
Chain INPUT (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
  400 44801 ACCEPT     all  --  lo     any     anywhere             anywhere
  434  156K DROP       all  --  eth0   any     10.0.0.0/8           anywhere
    0     0 DROP       all  --  eth0   any     172.16.0.0/12        anywhere
    0     0 DROP       all  --  eth0   any     192.168.0.0/16       anywhere
    0     0 DROP       all  --  eth0   any     0.0.0.0/8            anywhere
    0     0 DROP       all  --  eth0   any     127.0.0.0/8          anywhere
    0     0 DROP       all  --  eth0   any     192.0.2.0/24         anywhere
    0     0 DROP       all  --  eth0   any     169.254.0.0/16       anywhere
    0     0 DROP       all  --  eth0   any     BASE-ADDRESS.MCAST.NET/4  anywhere
    0     0 DROP       all  --  eth0   any     240.0.0.0/5          anywhere
    0     0 DROP       all  --  eth0   any     255.255.255.255      anywhere
    0     0 DROP       all  --  any    any     219.96.228.226       anywhere
    0     0 DROP       all  --  any    any     150.108.236.20       anywhere
    0     0 DROP       all  --  any    any     210.80.207.147       anywhere
    0     0 DROP       all  --  any    any     celta.telemar.com.br  anywhere
    0     0 DROP       all  --  any    any     24-148-22-92.na.21stcentury.net  anywhere
    0     0 SCAN       tcp  --  eth0   any     anywhere             anywhere           tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG
    0     0 SCAN       tcp  --  eth0   any     anywhere             anywhere           tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE
    1    40 SCAN       tcp  --  eth0   any     anywhere             anywhere           tcp flags:FIN,SYN,RST,ACK/RST
    0     0 FLAGS      tcp  --  eth0   any     anywhere             anywhere           tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,PSH,URG
    0     0 FLAGS      tcp  --  eth0   any     anywhere             anywhere           tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG
    0     0 FLAGS      tcp  --  eth0   any     anywhere             anywhere           tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE
    0     0 FLAGS      tcp  --  eth0   any     anywhere             anywhere           tcp flags:SYN,RST/SYN,RST
    0     0 FLAGS      tcp  --  eth0   any     anywhere             anywhere           tcp flags:FIN,SYN/FIN,SYN
    0     0 FLAGS      tcp  --  eth0   any     anywhere             anywhere           tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,ACK,URG
    0     0 LOG        all  -f  eth0   any     anywhere             anywhere           limit: avg 1/sec burst 5 LOG level info prefix `**FRAGMENT** '
    0     0 DROP       all  -f  eth0   any     anywhere             anywhere
    0     0 ACCEPT     udp  --  any    any     172.30.166.36        anywhere           udp spt:bootps dpt:bootpc
    0     0 ACCEPT     udp  --  any    any     cdnt01-a-rtr.roylok01.mi.comcast.net  anywhere           udp spt:bootps dpt:bootpc
    0     0 ACCEPT     tcp  --  eth1   any     anywhere             anywhere           tcp dpt:auth
    1    60 ACCEPT     tcp  --  eth0   any     anywhere             anywhere           tcp dpt:auth
    0     0 ACCEPT     udp  --  any    any     ns01.pntiac01.mi.comcast.net  anywhere           udp spt:domain
    0     0 ACCEPT     udp  --  any    any     ns02.pntiac01.mi.comcast.net  anywhere           udp spt:domain
    0     0 ACCEPT     udp  --  any    any     ns1.ameritech.net    anywhere           udp spt:domain
    0     0 ACCEPT     tcp  --  any    any     ns01.pntiac01.mi.comcast.net  anywhere           tcp spt:domain
    0     0 ACCEPT     tcp  --  any    any     ns02.pntiac01.mi.comcast.net  anywhere           tcp spt:domain
    0     0 ACCEPT     tcp  --  any    any     ns1.ameritech.net    anywhere           tcp spt:domain
    0     0 LOG        icmp -f  eth0   any     anywhere             anywhere           limit: avg 1/sec burst 5 LOG level info prefix `**ICMP FRAG** '
    0     0 DROP       icmp -f  eth0   any     anywhere             anywhere
    0     0 ACCEPT     icmp --  eth0   any     anywhere             anywhere           icmp destination-unreachable
    0     0 ACCEPT     icmp --  eth0   any     anywhere             anywhere           icmp source-quench
    0     0 ACCEPT     icmp --  eth0   any     anywhere             anywhere           icmp time-exceeded
    0     0 ACCEPT     icmp --  eth0   any     anywhere             anywhere           icmp parameter-problem
  160 14148 ACCEPT     icmp --  eth0   any     anywhere             anywhere           icmp echo-request
    1    48 ACCEPT     icmp --  eth1   any     anywhere             anywhere
    0     0 ACCEPT     icmp --  any    any     anywhere             anywhere           state RELATED,ESTABLISHED
    0     0 LOG        icmp --  any    any     anywhere             anywhere           limit: avg 1/sec burst 5 LOG level info prefix `**ICMP DROP** '
    0     0 DROP       icmp --  any    any     anywhere             anywhere
   20  1000 ACCEPT     tcp  --  eth1   any     anywhere             anywhere           tcp dpt:ssh
    0     0 ACCEPT     tcp  --  eth0   any     pcp03414601pcs.pimaco01.az.comcast.net  anywhere           tcp dpt:ssh
 4306  237K ACCEPT     tcp  --  eth0   any     216-161-147-130.tcsn.qwest.net  anywhere           tcp dpt:ssh
    0     0 ACCEPT     tcp  --  eth0   any     cpe-66-1-46-3.az.sprintbbd.net  anywhere           tcp dpt:ssh
32298 2668K TRAFFIC    all  --  any    any     anywhere             anywhere

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
    0     0 DROP       all  --  any    any     219.96.228.226       anywhere
    0     0 DROP       all  --  any    any     150.108.236.20       anywhere
    0     0 DROP       all  --  any    any     210.80.207.147       anywhere
    0     0 DROP       all  --  any    any     celta.telemar.com.br  anywhere
    0     0 DROP       all  --  any    any     24-148-22-92.na.21stcentury.net  anywhere
    4   216 ACCEPT     tcp  --  eth0   eth1    anywhere             anywhere           tcp dpt:webcache state NEW,RELATED,ESTABLISHED
    0     0 ACCEPT     tcp  --  eth0   eth1    anywhere             anywhere           tcp dpt:http state NEW,RELATED,ESTABLISHED
    2   120 ACCEPT     tcp  --  eth0   eth1    anywhere             anywhere           tcp dpt:smtp state NEW,RELATED,ESTABLISHED
 103K 8095K TRAFFIC    all  --  any    any     anywhere             anywhere
    0     0 ACCEPT     all  --  eth0   eth1    anywhere             anywhere           state RELATED,ESTABLISHED
    0     0 ACCEPT     all  --  eth1   eth0    anywhere             anywhere
    0     0 LOG        all  --  any    any     anywhere             anywhere           limit: avg 1/sec burst 5 LOG level info prefix `**FORWARD DROP** '
    0     0 DROP       all  --  any    any     anywhere             anywhere

Chain OUTPUT (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
  400 44801 ACCEPT     all  --  any    lo      anywhere             anywhere
    0     0 DROP       all  --  any    any     anywhere             219.96.228.226
    0     0 DROP       all  --  any    any     anywhere             150.108.236.20
    0     0 DROP       all  --  any    any     anywhere             210.80.207.147
    0     0 DROP       all  --  any    any     anywhere             celta.telemar.com.br
    0     0 DROP       all  --  any    any     anywhere             24-148-22-92.na.21stcentury.net
    0     0 STOPOUT    tcp  --  any    any     anywhere             anywhere           tcp dpt:10008
    0     0 STOPOUT    tcp  --  any    any     anywhere             anywhere           tcp dpt:65535
    0     0 STOPOUT    tcp  --  any    any     anywhere             anywhere           tcp dpt:12345
    0     0 STOPOUT    tcp  --  any    any     anywhere             anywhere           tcp dpt:asp
    0     0 STOPOUT    tcp  --  any    any     anywhere             anywhere           tcp dpts:31335:31337
    0     0 STOPOUT    udp  --  any    any     anywhere             anywhere           udp dpts:31335:31337
   16  4477 DROP       icmp --  any    eth0    anywhere             anywhere           icmp destination-unreachable
    0     0 ACCEPT     icmp --  any    eth1    anywhere             anywhere           icmp echo-reply
  165 14950 ACCEPT     icmp --  any    any     anywhere             anywhere           state NEW,RELATED,ESTABLISHED
49156   54M TRAFFIC    all  --  any    any     anywhere             anywhere

Chain FLAGS (6 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 LOG        all  --  any    any     anywhere             anywhere           limit: avg 2/sec burst 5 LOG level info prefix `**BADFLAGS** '
    0     0 DROP       all  --  any    any     anywhere             anywhere

Chain SCAN (3 references)
 pkts bytes target     prot opt in     out     source               destination
    1    40 LOG        all  --  any    any     anywhere             anywhere           limit: avg 2/sec burst 5 LOG level info prefix `**PORTSCAN** '
    1    40 DROP       all  --  any    any     anywhere             anywhere

Chain STOPOUT (6 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 LOG        all  --  any    any     anywhere             anywhere           limit: avg 1/sec burst 5 LOG level info prefix `**TROJAN?**  '
    0     0 DROP       all  --  any    any     anywhere             anywhere

Chain TRAFFIC (3 references)
 pkts bytes target     prot opt in     out     source               destination
 183K   64M ACCEPT     all  --  any    any     anywhere             anywhere           state RELATED,ESTABLISHED
 1182  238K ACCEPT     all  --  !eth0  any     anywhere             anywhere           state NEW
  221 52363 LOG        all  --  any    any     anywhere             anywhere           limit: avg 1/sec burst 5 LOG level info prefix `**PACKET DROP** '
  222 52411 DROP       all  --  any    any     anywhere             anywhere
I hope that helps.
Last edited by KevinGuy; 01-16-2004 at 02:10 PM.
 
Old 01-16-2004, 04:50 PM   #4
Dewar
Member
 
Registered: Sep 2003
Location: Washington State
Distribution: SuSE 8.0, SuSE 9.0, Slack 9.1
Posts: 90

Rep: Reputation: 15
You have to allow the PCAnywhere ports on your forward chain. Something like this should do it.

iptables -I TRAFFIC -p tcp --dport 5631 -j ACCEPT
iptables -I TRAFFIC -p udp --dport 5632 -j ACCEPT

-Dewar
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Wine and pcAnywhere LinxNew Linux - Software 1 05-09-2005 03:36 AM
Anybody know what port PCAnywhere uses? Swatson General 4 04-23-2004 12:45 PM
PCanywhere ramzi Linux - Software 3 09-19-2003 12:00 PM
PCAnywhere alwayslearning Linux - Software 3 02-19-2003 04:09 PM
pcAnywhere through firewall gseven1 Linux - Networking 0 02-08-2002 08:35 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 07:51 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration