[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-users] IPCHAINS & Rules Settings
- Subject: RE: [cobalt-users] IPCHAINS & Rules Settings
- From: aljuhani <aljuhani@xxxxxxxxx>
- Date: Sat Oct 26 09:19:01 2002
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
Steven.
When I had the probelm I described in my 1st message, I tried to connect to
the server from different IPs three times with no luck. That is why I posted
my Ipchains rules in the 1st message, as I thought may be there is something
missing I should add or if the rules order is not appropiate.
Thanks
Al-Juhani
aljuhani@xxxxxxxxx
>===== Original Message From cobalt-users@xxxxxxxxxxxxxxx =====
> I tested everything from Pop3, SSH, FTP and HTTP were all
> working fine. I did
> then a port scan which usually shows me all ports with
> connection refused
> message (from PortSentry), This time my scan were blocked and
> all ports showed
> timed-out connections. The server were working fine and I
> was accessing pop3
> with no problem BUT then after 15 minutes all services became
> un-reashable. I
> mean checking email times-out just like if the server is
> offline. Same goes
> for ssh. Ping respond ok. Websites browsing/loading slow!
> then I re-booted
> the server to flush the IPCHAINS Rules and now everything
> back to norms.
>
> But I need to apply the IPCHAINS rules, and want to know what
> is wrong.
PortSentry is probably dropping you with ipchains when you portscan your
box (which is normal). You can set PortSentry to ignore your IP by
adding your IP to the portsentry.ignore file. You could also use
ipchains to accept all connections from your your IP with a rule like:-
/sbin/ipchains -A input -s xxx.xxx.xxx.xxx/32 -d 0/0 -j ACCEPT
where xxx.xxx.xxx.xxx is the IP of the computer you're portscanning
from.
~
Steven