Linux Help
guides forums blogs
Home Desktops Distributions ISO Images Logos Newbies Reviews Software Support & Resources Linuxhelp Wiki

Welcome Guest ( Log In | Register )



Advanced DNS Management
New ZoneEdit. New Managment.

FREE DNS Is Back

Sign Up Now
 
Reply to this topicStart new topic
> Telnet/ftp Ports Blocked, All ports areblocked
BigB23USAABC
post Nov 5 2003, 01:43 PM
Post #1


Whats this Lie-nix Thing?
*

Group: Members
Posts: 1
Joined: 5-November 03
Member No.: 1,756



I setup an Telnet server on a RedHat 7.3 box and it worked fine for one day. Once I shut down the machine and restarted all of the ports used for Telnet and FTP have been blocked and I have no idea how to unblock them. Any Suggestions??
Go to the top of the page
 
+Quote Post
hughesjr
post Nov 7 2003, 07:35 AM
Post #2


Its GNU/Linuxhelp.net
*******

Group: Admin
Posts: 3,433
Joined: 25-July 03
From: Corpus Chrsiti, TX, USA
Member No.: 1,151



If this machine is connected to the internet, I would recommend that you use ssh (with sftp) instead of telnet and ftp ... if that is possible for your situation.

But to answer your question, you probably have either iptables or ipchains as a firewall .... you would need to allow port 23 (for telnet) and port 21 (for FTP) into the machine...I think the default firewall for redhat 7.3 was iptables.

To see if iptables (or ipchains) is the problem, issue the command:

iptables -L

If you get results that have more than this:
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination


then you actaully have an IPTABLES firewall and it is turned on...

Next issue the command:

/etc/init.d/iptables stop

and try to connect to the services ... if it works, we need to fix your iptables firewall to allow ftp/telnet in...

If you don't have iptables then you probably have ipchains ... try the same this command if the IPTABLES stuff above didn't work...

/etc/init.d/ipchains stop

If you have ipchains then this line as the first rule in the file /etc/sysconfig/ipchains will allow all users to connect to ftp and telnet (and ssh):

-A input -s 0.0.0.0/0.0.0.0 -d 0.0.0.0/0.0.0.0 21:23 -p 6 -j ACCEPT

and the command in iptables (/etc/sysconfig/iptables) would be:

-A INPUT -m state --state NEW -s 0.0.0.0/0.0.0.0 -m tcp -p tcp --dport 21,23 -j ACCEPT

If at all possible, I would recommend that you limit the connections in to your local network and not to all users ... if you local network was 192.168.0.0 with a subnet mask of 255.255.255.0, then I would recommend this instead for -s in each of the above rules:

-s 192.168.0.0/255.255.255.0

But then you can only connect from the local network...


--------------------
Johnny Hughes
hughesjr@linuxhelp.net
Enterprise Alternatives: CentOS, WhiteBoxEL
Favorite Workstation Distros (in order): CentOS, Gentoo, Debian Sarge, Ubuntu, Mandrake, FedoraCore, Slackware, SUSE
Favorite Server Distros (in order): CentOS, WhiteBoxEL, Debian Sarge, Slackware, Mandrake, FedoraCore, Gentoo, SUSE
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 



RSS Lo-Fi Version Time is now: 16th December 2017 - 12:00 PM