iptables (Re: Connection Refused on ssh)

John J. Boyer director at chpi.org
Fri Oct 8 18:29:10 UTC 2004


John,

I really think the problem may be with iptables. We've eliminated just
about everything else. H³owever, there is no ma pagel for netconfig, and
when I tried running it, I wasn't sure what to do. Really, all I need is
to let one IP address use ssh. There is a man mage for iptables, but it
looks so complicated that I wouldn't want to mess with it unless I knew
exactly what I was doing.

Thanks,
John


On Fri, 8 Oct 2004, John Heim wrote:

> At 11:22 AM 10/7/2004, Mike Gorse you wrote:
> >Also, are you sure that sshd is running on the machine (ie, pidof sshd 
> >returns something)?  If so, then try using ipchains or iptables to make 
> >sure it isn't being firewalled.  At one point we had a RH box at work on 
> >which I was trying to enable ssh, but the person who installed rh had 
> >selected an option for a firewall, so I wound up needing to edit a file in 
> >/etc/sysconfig (the file did say that manually editing it was not 
> >recommended, but it didn't say how I was supposed to edit it if not 
> >manually) to tell it to accept connections on port 22 as it did for 23 and 
> >others.
> 
> 
> You can run  netconfig. It would allow you to allow ssh connections through 
> your firewall. When you exit, it saves it's settings in 
> /etc/sysconfig/iptables. That file is the one that says you shouldn't edit 
> it manually.
> 
> That netconfig program is pretty limited in what it can do.   And the file 
> it creates has the same format as iptables-save.  So what you can do is 
> issue iptables commands until you've got your firewall configured just the 
> way you want it thand do this:
> 
> $ iptables-save > /etc/sysconfig/iptables
> 
> The next time you reboot, your firewall will be just like it was when you 
> issued the above command.
> 
> 
> 
> 
> 
> _______________________________________________
> Blinux-list mailing list
> Blinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/blinux-list
> 

-- 
John J. Boyer; Executive Director, Chief Software Developer
Computers to Help People, Inc.
http://www.chpi.org
825 East Johnson; Madison, WI 53703





More information about the Blinux-list mailing list