[TCLUG] Debian untested incoming problems - RESOLVED

Thu May 20 07:39:36 CDT 2004

Well, thanks to the iptables --list, I found out where the restrictions came
from;
I have a version of guarddog firewall installed, for whatever reason, and
when
it installed, it used the most restrictive policies possible, so that
NOTHING
can come in.

Since the machine is behind an NAT router, and has no ports forwarded to it
from the router, and the rest of the LAN is physically secure and
hard-wired,
and doesn't run any servers except an ssh daemon, I don't know WHY
guarddog was put on this machine.  I did an apt-get to remove it, and used
iptables to remove the restrictive policies. Now I have to get inet or xinet
working again so sshd will kick off....

Thanks for the tip, Garrett.

Mike Bird
> Message: 6
> Date: Mon, 17 May 2004 14:44:27 -0500 (CDT)
> From: "Garrett Krueger" <gkrueger at cleosci.com>
> Subject: Re: [TCLUG] Debian untested incoming problems
> To: "TCLUG Mailing List" <tclug-list at mn-linux.org>
> Message-ID: <24734.12.47.38.130.1084823067.squirrel at 12.47.38.130>
> Content-Type: text/plain;charset=iso-8859-1
>
> Look at the access control lists.  I'm guessing your version of Debian
> uses iptables since that's a 2.4 kernel support.
>
> Do an:   iptables  --list
>
> See if you have restrictive configurations blocking incoming traffic.
>
> Garrett
>
>
> > I have a Debian untested version of Linux on several of my boxen. It
works
> > swell on all but one of them.  On that one, I can get out to the LAN and
> > the
> > Internet, but I can't get into the box from elsewhere on the LAN. I
can't
> > even ping it. I have the exact same version (it's a 2.4.x kernel)
running
> > on
> > the same hardware, and I can get into that one just fine. But this
machine
> > I
> > can't.  However, when I'm on the machine itself, I can get out just
fine.
> > What all do you want to give me a clue towards debugging this?
> >
> > Mike Bird

_______________________________________________
TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
Help beta test TCLUG's potential new home: http://plone.mn-linux.org
Got pictures for TCLUG? Beta test http://plone.mn-linux.org/gallery
tclug-list at mn-linux.org
https://mailman.real-time.com/mailman/listinfo/tclug-list