Networking :: Telnet Is Not Working With Iptables?
Sep 29, 2009
i want to open specific port using iptables i.e 3159 Whenever i tried to telnet it generates the following error
Code:
# telnet 172.16.4.100 3195
Trying 172.16.4.100...
telnet: connect to address 172.16.4.100: No route to host
telnet: Unable to connect to remote host: No route to host
but when I stopped iptables
Code:
# service iptables stop
Its working fine
i added the ports in iptables i.e.
Code:
#iptables -A INPUT -p tcp --dport 3195 -j ACCEPT
for safe side I also added telnet port
Code:
# iptables -A INPUT -p tcp --dport 23 -j ACCEPT
but result was same.... In short telnet works without iptables but with iptables it generates the error mentioned above
View 10 Replies
ADVERTISEMENT
Jul 10, 2011
I have a sendmail daemon running on Linux, I can telnet @ port 25 from local shell, however if I telnet from a remote system @ port 25, it doesn't work. There is no firewall in between.
View 3 Replies
View Related
Feb 18, 2010
I am trying to find the difference between the above two services. Both are under xinetd and can someone please explain the difference between them (is one more secure than the other one?)
View 1 Replies
View Related
Jun 10, 2009
I have an old iptables script (?) that I got from iptablesrocks.org, which works fine with my antique Fedora 4 system. I transferred it to a brand new RHEL 5.3 install, but when I go to use 'iptables-restore < firewall_script' it throws a 'no command specified' error at the very last line of the script, which I have never seen before. The script works fine on Fedora 10 and RHEL 5.1, I am pretty sure it even works fine on RHEL 5.2. Could it be that the fact that I am using 64-bit Linux for the first time, and need to do something different? Here is the script: [URL]
View 5 Replies
View Related
Jun 20, 2010
On the computer on which I have to login, Shoreline is installed.I know I can add rule to /etc/shoreline/rules but I decided to manually enter an iptable rule by typing:
Quote:
/sbin/iptables -A local2fw -s 10.100.98.74 -p tcp -m tcp --dport 22 -j ACCEPT
Then why am I not able to login using 10.100.98.74... I get connection refused error...
View 3 Replies
View Related
Jan 28, 2011
I've used iptables since it replace ipchains, and I've never had a problem like this.The problem is, as you can see by the title, that port forwarding simply does not work.
network topology:
Slackware Linux Server:
eth0 - LAN (192.168.0.0/25)
eth1 - DSL Static IP
eth2 - cable Static IP
eth1 is our standard office connection; it handles all of our default traffic (web browsing for the staff, email, etc). eth2 is our VPN connection, as well as use for all incoming connections (www, etc). Behind the linux box I have a series of Windows Server 2008 R2 boxes that are used to run our office software, website, etc - I don't care how nice they make their products these days, I simply don't trust any MS box open to the net.
Therefore, this leaves me with having to port forward port 80 from eth2 to the internal IP address of the web server.
My ruleset is as follows:
$WWW - ip address of the web server
iptables -A FORWARD -d $WWW -p tcp --dport 80 -j ACCEPT
iptables -t nat -A PREROUTING -i eth2 -p tcp --dport 80 -j DNAT --to $WWW
Running ip route shows that I have routing entries for all 3 networks, and I can ping, ssh, etc to any of the addresses without issue. OpenVPN connects across eth2 as well, and all 15 of my VPN tunnels work fine. However - and here's the kicker - if I delete the default route and replace it with the route for eth2, port forwarding works fine.
If we accept that my networks are as follows:
192.168.0.0/25 - eth0 net, gw .1
1.1.1.0/29 - eth1 net, gw .1, eth1 ip .2
2.2.2.0/30 - eth2 net, gw .1, eth2 ip .2
then ip route reveals the following:
2.2.2.0 via 2.2.2.1 dev eth2
2.2.2.0 dev eth2 scope link src 2.2.2.2
1.1.1.0 dev eth1 scope link src 1.1.1.2
[code]....
View 7 Replies
View Related
Aug 9, 2009
trying to alter the source IP of my outgoing http packets through iptables. This should be simple enough, right? Regardless, I'm cracking my head trying to understand what I am doing wrong. Wireshark shows that the outgoing packets do not have the source IP modified at all. I want this to happen for TCP packets sent on Port 80 (http traffic). I am using the nat table in iptables to attempt POSTROUTING. I've tried several different rules at separate times:
iptables -t nat -A POSTROUTING -p tcp --dport 80 -j SNAT --to-source 172.16.8.50 <--- Still sends out TCP packets as originating from 172.16.8.100
iptables -t nat -A POSTROUTING -s 172.16.8.100 -p tcp --sport 80 -o eth0 -j SNAT --to-source 172.16.8.50:80 <--- Still sends out TCP packets as originating from 172.16.8.100
iptables -t nat -A POSTROUTING -d 172.16.10.71 -j SNAT --to-source 172.16.8.50 <--- This rule was a last-ditch effort. It is supposed to rewrite the source IP for ALL packets going to the single client machine. Still doesn't work - the packets have the source IP unchanged.
I have another server - let's call it serverB/172.16.8.50 - that forwards all http TCP packets on port 80 to serverA/172.16.8.100. This part works. But when ServerA responds, it responds with its source IP for ServerA. I need it to respond with the source IP of ServerB. Otherwise, the client gets confused and ignores the packets (because the client sent an HTTP request to ServerB, but the response comes from ServerA).
View 14 Replies
View Related
Jan 18, 2011
I am using putty in my windows machine to access my Linux server terminal.
Code:
Putty works fine if I disable my Linux IPTABLES. My Windows machine IP is 192.168.1.249
Linux server IP address is 192.168.1.200 I don't know how to allow it through IPTABLES.The port which putty is using is 22.
View 3 Replies
View Related
Sep 12, 2009
For the background, I'll be using my router as a firewall with snort-inline enabled. I got 3 NIC's: one for the WAN, the second will be bridged to the WAN NIC for queuing traffic which snort-inline requires, and the third is the LAN NIC (the computer I use for everyday work). Here's how I have my interfaces set up:
Code:
# /etc/network/interfaces
# Loopback interface
auto lo
iface lo inet loopback
[code]....
From what I understand, queuing needs to be set up on the bridge. From the documentation I've read it's done like this:
Code:
iptables -A INPUT -j QUEUE
And then to forward traffic, I did:
Code:
iptables -t nat -A POSTROUTING -o br0 -j MASQUERADE
I've done this and am able to ping the router, obtain a DNS address from dnsmasq from the LAN computer. From the router I am able to connect to the internet (ping, links <address>...). From the LAN computer trafficking isn't getting forwarded, Firefox, links, ping all don't resolve.
View 7 Replies
View Related
Feb 18, 2010
I was trying to setup port forwarding on my setup. My network consists of:
Code:
[Server: xxx.xxx.xxx.15]
|
|
[ switch ]
[code]....
I ran the following 2 commands:
# iptables -t nat -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j DNAT --to-destination xxx.xxx.xxx.15:80
# iptables -A INPUT -i eth1 -p tcp -m tcp --dport 80 -j ACCEPT
Yet I am unable to connect. Are these the correct commands? I am using IP Masquedering on the same box using the following commands:
Code:
$IPTABLES -P INPUT ACCEPT
$IPTABLES -F INPUT
$IPTABLES -P OUTPUT ACCEPT
[code]....
I don't think there is a hidden firewall in the switch but if these commands are correct, then I may need to contact my ISP and see if they are blocking the commands. I just wanted to make sure I was not doing some stupid mistake before I try to contact my ISP.
EDIT: Also, is it possible to forward Port 80 requests to different servers depending on the hostname used to connect, so say [URL] redirects to server xxx.xxx.xxx.15 while hhh.com redirects to xxx.xxx.xxx.16?
View 3 Replies
View Related
Sep 28, 2010
I have managed to get iodine working between my ubuntu intrepid box and my windows client with a caveat.
The firewall rules allows DNS queries inbound. The client tunnel endpoint gets assigned an IP address and the tunnel is established properly.
However when I try to ping from the client machine, the reply packets are not coming back.
I used TCPDUMP on the Ubuntu box and watch the dns0 tunnel interface, and noticed that the packets are reaching the Ubuntu box from the client, but I don't see ANY ICMP echo replies until I turn off the firewall from Firestarter.
I see that outbound access rule is to allow all.
View 1 Replies
View Related
Apr 14, 2011
I've tried searching for this peculiar behavior, but couldn't find a solution that works for it - I have installed Redhat on my system and have a listener running on port 7878. I wanted to check if the port is accessible from a machine on the network, and so i telnet-ed from a remote machine and it worked. Now comes the weird problem - I used the same command (telnet xxx.xxx.xxx.xxx 7878) locally and it was able to telnet. However, if I try to connect using localhost, meaning, "telnet localhost 7878" or "telnet 127.0.0.1 7878", it gives me the following error:
Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection refused
telnet: Unable to connect to remote host: Connection refused
Here is my /etc/hosts entry:
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6
[Code]....
Not sure where the problem is. I expect telnet to connect irrespective of whether i use the IP address OR localhost when i use telnet locally.
View 5 Replies
View Related
Mar 25, 2011
I'm trying to test smtp connectivity to my postfix configuration and I can telnet to port 25 from the computer itself but cannot from the outside. I get a connection refused error message. What am I doing wrong? I believe my dns is setup correctly as it seems the telnet can hit the box so I'm fairly sure its not that.
View 14 Replies
View Related
Jan 12, 2011
I have some APC UPS devices that I'm trying to log in to. They are currently configured to use telnet -- as a safety precaution, they can only be accessed from our 'bounce' machine. So because I want to do this from a script, I'm doing it like this ssh decoherence@bouncemachine telnet stupidAPCdevice
This works fine on all the other devices I'm trying this on (Cisco gear, mostly) but the APC won't take any input. I get the login prompt but when I type in my username, ssh echoes it but the APC doesn't appear to ever receive it. It just hangs there at the username prompt. I'm guessing that its telnet implementation is a bit weird (seriously, all the management stuff on APC gear really sucks but anyway
Anyway, I'm just wondering if there are any simple flags I can pass to telnet to make it cooperate. The man page talks about a 'mode' command that lets you fiddle with LINEMODE which sounds like it might be promising but I don't know how to set that in the command line as opposed to interactively.
View 1 Replies
View Related
Sep 1, 2010
how to use telnet command
View 3 Replies
View Related
Dec 26, 2010
install telnet in fedora 14 then how to configure telnet?
View 13 Replies
View Related
Mar 2, 2010
I have Ubuntu 9.10 hooked up to my router through a wired NIC, and a couple of windows machines that are connected to the router through wireless cards.I want to telnet or ssh into the ubuntu box using putty on one of the windows machines. I have attempted to do this using the ubuntu ip address and the name of the box, and neither approaches have worked.
View 1 Replies
View Related
Nov 30, 2010
I would like to write a small configuration utility that will act as a daemon on the telnet port and SSH port that will only allow access to, and modification of, specific information in a structure imposed by the utility. How do I set this utility up so that when a user opens a telnet connection (or ssh) to the device, they are actually connected to the utility?
View 3 Replies
View Related
Dec 11, 2010
I have a doubt. If i write for instance the command "telnet myserver.mysite" and I manage to connect to the server, how many TCP connections are established?
View 2 Replies
View Related
Feb 3, 2011
my company there is 1 RHEL5 server and around 50 systems connected to it( running windows ). I want to know who is pinging or telneting to the server how can I find this information on the server OR where should I look for this information in the linux.
if I want to explore on this topic (i.e. who is trying to connect to server, from where user accessing server, whats his/her ip, whats his/her os etc. ) where should I look for it on the net ??
View 4 Replies
View Related
Aug 22, 2010
I am trying to use telnet from linux to connect to the port specified by me and trying to handle control C. But once Ctrl C is pressed the output on the client side stops showing. The server sends data but client doesnt print the same.
View 2 Replies
View Related
Jul 21, 2010
Hey even I'm not able to telnet to IPv6 address on port 23
View 2 Replies
View Related
Nov 25, 2010
When I execute a command (ping or telnet or ssh) on ip 192.168.0.20 it is ok.
If I execute the same command on
ip 192.168.0.020, it looks for
ip 192.168.0.18 instead of
ip 192.168.0.20
And it's the same for others ip if I put a 0 ahead last byte.
View 6 Replies
View Related
May 20, 2011
When I ping a destination IP address, it responds. However, when I try to telnet or ftp or sftp to the same IP address, it does not connect.
I do not know the physical location of the machine.
View 11 Replies
View Related
Jun 8, 2011
I'm running Telnet Server, VFTP, and VNC on a Fedora 14 box. The box's internal IP is 192.168.1.222 This machine is configured to live in the DMZ, The firewall is up on both the router and this box. I can remote in from home using our external IP. I can FTP. I can Telnet. All using our external IP. When i'm in the office, i can remote in using our external IP. I can FTP. I can Telnet. Again, all with the external IP. If i attempt to telnet 192.168.1.222 i get a connection refused. i can ping the 192.168 address
nmap tells me that all 1000 ports on 192.168.1.222 are closed
nmap tells me that my expected ports are open on the external IP.
.... This is a relatively new conundrum as it "used to work", and only appears not to since our last reboot (power outage). I know i have to be missing something simple here, but i differ to the experts.
View 5 Replies
View Related
Dec 16, 2010
Wrong prefix, its Ubuntu not Lubuntu. Three devices:
Laptop 1:
---Can ssh to any device.
---Accepts any internal ssh.
Desktop 1:
---Can ssh to any device.
---Accepts any internal ssh.
Desktop 2:
---Can ssh to any device.
---Can ssh to itself through localhost or 192.168.1.130.
---Any ssh(and telnet) aimed at this device times out.
All three devices recently had openssh-server installed yet only one seems deviant. I've been trying to ssh into desktop 2 to no avail, yes the machine is reachable, yes sshd is running, yes ufw is disabled, and no there is no external firewall that I know of. Anything else I can try? The router for the LAN being dd-wrt.
View 1 Replies
View Related
Jun 16, 2011
I implemented postfix as mail gateway but i need to block the ability to send
mails via telnet
How can i achive this?
View 1 Replies
View Related
Sep 16, 2010
I have a customer who is complaining that they can connect to prt y on IP x with telnet. They are seeing the following:
telnet x.x.x.x y
Trying x.x.x.x...
Connected to x.x.x.x.
Escape character is '^]'.
after some time the connection of course times out. Connection closed by foreign host. There is no telnet service running on this port so they cannot do anything, but they are complaining tht the fact that telnet "connects" is a security risk. I am having difficulty explaining why they are able to connect with telnet. I know it has to do with the socket layer API in Linux but I am having difficulty explaining this sufficiently. I also can't just say "this is the way linux works" to them. I am looking through "UNIX Network Programming" by W.
View 3 Replies
View Related
Oct 13, 2010
I have a question about telnet.Is there any way to configure a telnet server without disable firewall.I am using redhat 5.2 and fedora 12.I have lack of knowledge about firewall.
View 1 Replies
View Related
Jul 8, 2011
I am facing an error when I run the following command telnet localhost 7777
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection refused
View 2 Replies
View Related
