[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: (fedora) Re: how to setup rsh(d) on FC4



Mikkel L. Ellertson wrote:
J. K. Cliburn wrote:

On 2/8/06, Jacob (=Jouk) Jansen <joukj hrem nano tudelft nl> wrote:


a apprich science-computing de wrote on 8-FEB-2006 11:30:21.57



I try to get the rsh command working to a FC4 system

[snip]


what does /var/log/messages tell you about login via rsh?

No Route to host


I know you said you have the relevant ports unfiltered in iptables,
but isn't this the typical message received when you attempt to access
a blocked port?


Nope. You will get connection refused if the port is set to reject,
and a timeout message if it is set to drop. You get the No route to
host when there is a network configuration problem.

To test whether netfilter on the server side might result in a "No route to host" indication on the client side, I removed a rule in iptables that allowed traffic on port 23 on an internal server running telnetd under xinetd. The default catchall netfilter rule (a rule which remains unmodified from when I installed FC4) in /etc/sysconfig/iptables is this:

-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited

This rule results in the following message when I attempt to connect to port 23:

[jcliburn osprey ~]$ telnet petrel
Trying 192.168.1.6...
telnet: connect to address 192.168.1.6: No route to host

Here's the relevant snippet from tethereal.

    Source: 192.168.1.6 (192.168.1.6)
    Destination: 192.168.1.3 (192.168.1.3)
Internet Control Message Protocol
    Type: 3 (Destination unreachable)
    Code: 10 (Host administratively prohibited)

I believe Mr. Jansen has a problem with one or more filtered ports.

Jay


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]