Does the default configuration for redhat limit outgoing TCP?
redhat at billoblog.com
redhat at billoblog.com
Thu Aug 28 12:45:47 UTC 2008
I help administer a small research network containing machines using
MacOS X, Mandriva Linux, and SUSe Linux for the most part, with a few
Windows boxes thrown in. I have been playing with Linux for quite
awhile, but am completely stumped with this one. Most of my
experience is with Mandriva rather than Red Hat, and I'm hoping this
is a Red Hat configuration issue.
A user brought in a Red Hat box. /etc/redhat-release gives:
LSB_VERSION="1.3"
Red Hat Enterprise Linux AS release 3 (Taroon Update 4)
SGI ProPack 3SP6 for Linux, Build 306rp37-0508301842
uname -a gives:
Linux mymachine.mynetwork.com 2.4.21-sgi306rp21 #1 SMP Tue Aug 30
18:51:36 PDT 2005 ia64 ia64 ia64 GNU/Linux
My problem is this:
I cannot get any of the tcp-based clients to work for any addresses
outside my local domain. They work fine inside my local domain. The
local domain is behind a firewall that does network address
translation.
Here's what I've found:
1) It affects all tcp clients I try-- ssh, telnet, mozilla.
2) UDP works OK -- I can ping the outside world
3) Changing the ip address of the box to another one within the local
domain does not help
4) No other linux, windows or mac box has a problem
5) My firewall (and there is one) filters on the basis of ip address,
not mac address, and does not have any rule that targets this machine.
6) Iptables is turned off, or at least that's what it says when I do "/
etc/init.d/iptables stop."
7) I can ssh, telnet, etc. within the local domain
8) I can ssh *into* the box (the sshd server works fine) from within
the local network. I can also do an ssh tunnel using port forwarding
through the firewall (though that looks local to the machine). I can
do Xforwarding and open an xterm on a machine out in the world.
8) nc is also stumped. It can connect to a port on the back of the
firewall, but can't get past it.
Thus, for instance, on the Mandriva box I get:
mandriva_box% nc -v www.google.com 80
DNS fwd/rev mismatch: www.l.google.com != yo-in-f99.google.com
...
www.l.google.com [64.233.169.99] 80 (http) open
but on the Red Hat box I get:
redhat box% nc -v www.google.com 80
DNS fwd/rev mismatch: www.l.google.com != yo-in-f104.google.com
...
<hangs>
I *cannot* find any rules in my firewall that would do this. As I
noted, this problem is specific to *this* machine -- none of the other
machines behind the firewall. Changing the ip address of this machine
to that of a machine that is not having the problem does not help.
I'm hoping there's some Red Hat security configuration that limits TCP
traffic. I am not all that familiar with the Red Hat configuration
tools. I *did* turn off the firewall using redhat-config-
securitylevels, but that did not change anything.
Any ideas would be greatly appreciated. We in the lab have broken
into two groups -- those who are convinced it's the firewall, even
though nobody can see any problems with it, and those who are
convinced it must be configuration issue on the Red Hat box, even
though we can't find a configuration file that says "don't allow TCP
anywhere outside the local domain."
Thanks!
billo
More information about the Redhat-install-list
mailing list