OS X firewall? No telnet or ssh

bulliver · 03-30-2005, 02:10 PM

Hello all. I am having trouble with my G4 running OS X 10.3.8. I cannot ssh or telnet or send/recieve mail from this box to my server (which does NAT for this box). I can ping the server, and internet connectivity is working fine. I can also ssh to other boxes on the internal network from this box, just not the server. The strangest thing is when I used nmap to scan the server from this apple box:

Code:

Host vyvyan.badcomputer.org (192.168.0.10) appears to be up ... good.
Initiating SYN Stealth Scan against vyvyan.badcomputer.org (192.168.0.10)
The SYN Stealth Scan took 164 seconds to scan 1601 ports.
Warning:  OS detection will be MUCH less reliable because we did not find at least 1 open and 1 closed TCP port
All 1601 scanned ports on vyvyan.badcomputer.org (192.168.0.10) are: filtered
Too many fingerprints match this host for me to give an accurate OS guess
TCP/IP fingerprint:
SInfo(V=3.00%P=powerpc-apple-darwin7.5.0%D=3/30%Time=424A6E38%O=-1%C=-1)

The ip of the server is correct, but the TCP/IP fingerprint seems to show it is scanning itself...

I installed a security update a few days ago, could this be the culprit? Is there some sort of firewall that may have been installed/activated?

It just seems odd that I can connect to any other box in my network. As far as the failings go, when I try to telnet to port 25 or ssh to the server, it just hangs ans eventually times out. Again, I can ping the server, and internet connectivity is still working fine.

Any insight appreciated, and just ask if you need more details. I am still rather new at OS X...

keefaz · 03-31-2005, 04:00 AM

Is the sshd server running in OSX box ? (System Preferences > Sharing > enable ssh remote control)

buzznick · 03-31-2005, 08:17 AM

I had a similar problem after installing the new security update on OS X. I cured it by changing the settings in the "Sharing" preferences panel back to how they were before.

bulliver · 03-31-2005, 02:14 PM

sshd was running. I turned it off and there was no change. The firewall is listed as 'Off'.

More info:
'vyvyan' is the server that NATs for all other boxes (linux)
'nina' is a file server (linux)
'virgo' is my main workstation (linux)
'eden' is the G4

I can ping from any box to any other box fine.
eden successfully mounts the NFS share from nina
I can ssh from eden to any box _except_ vyvyan
I can ssh from any box to eden
I can ssh/telnet port 25 from any box _except_ eden to vyvyan

Any connection between eden and vyvyan times out except a ping, which works fine, and web browsing, which is getting NATed just fine.

This is not a problem on the server, every other box in the network can connect, ssh, send and recieve mail from vyvyan just fine....

What the heck?

keefaz · 03-31-2005, 04:39 PM

You could always ssh to a linux machine then ssh to the gateway

Did you try to swap the macintosh IP with a Linux box one to see if that
IP is not allowed to connect as ssh to your gateway ?

bulliver · 03-31-2005, 06:28 PM

Quote:

You could always ssh to a linux machine then ssh to the gateway

Yes, I can do that. The problem is that's not what I need. I need to be able to send and receive mail to/from my server, which the Mac won't talk to.

Edit:
Well I feel dumb...

I have a custom script that parses my apache and exim logs for connections attempting to relay spam and bot attacks, then bans the IP address in my firewall. Somehow I managed to ban my Mac

It only blocks tcp packets, hence why the pings still worked. Reveals a hole in my firewall I need to fix though...

I'm still scratching my head on why web browsing still worked though? Something to do with NAT I guess.

In any event, the problem is solved for now, caused by human error as usual

Thanks guys,

keefaz · 04-01-2005, 06:19 AM

Good

and don't forget ping don't send TCP frames but use ICMP protocol by default instead