Koozali.org: home of the SME Server

Legacy Forums => Experienced User Forum => Topic started by: Andrew Gray on August 28, 2003, 08:03:24 AM

Title: listening ports not working
Post by: Andrew Gray on August 28, 2003, 08:03:24 AM

Hi again folks, I have another question with regard to the e-smith 5.6 box I have which uses a satellite dish for incoming traffic, and a modem for outgoing traffic
(I have turned off the rp_filter with the command: "echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter"  This allows traffic to arrive on a different interface than it was sent out on)

It seems that I can't connect to any daemons running on the e-smith box, eg http (port 80) or ssh (port 22).  I am suspecting that it's related to the fact that this box uses a satellite connection for incoming (download) traffic.  Any help would be much appreciated.  below is the output of the ifconfig and route command:

- Andrew Gray

root@livingstone-01:~ $ ifconfig
eth0      Link encap:Ethernet  HWaddr 00:48:54:82:6F:A7
          inet addr:192.168.50.1  Bcast:192.168.50.255  Mask:255.255.255.0
          EtherTalk Phase 2 addr:65280/27
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:723 errors:0 dropped:0 overruns:0 frame:0
          TX packets:791 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0
          RX bytes:86025 (84.0 Kb)  TX bytes:261233 (255.1 Kb)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          EtherTalk Phase 2 addr:0/0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:79 errors:0 dropped:0 overruns:0 frame:0
          TX packets:79 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0
          RX bytes:8265 (8.0 Kb)  TX bytes:8265 (8.0 Kb)

pentaval0 Link encap:Ethernet  HWaddr 00:30:6A:80:A1:D2
          inet addr:10.1.1.2  Bcast:255.255.255.255  Mask:255.255.255.255
          UP BROADCAST RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:794 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0
          RX bytes:258365 (252.3 Kb)  TX bytes:0 (0.0 b)

ppp0      Link encap:Point-to-Point Protocol
          inet addr:203.109.170.54  P-t-P:203.220.79.129  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:432 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1389 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0
          RX bytes:35992 (35.1 Kb)  TX bytes:131956 (128.8 Kb)

sl0       Link encap:Serial Line IP
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0
          RX bytes:0 (0.0 b)  TX bytes:124 (124.0 b)


root@livingstone-01:~ $ route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         *               255.255.255.255 UH    0      0        0 pentaval0
acc01-wick-bne. *               255.255.255.255 UH    0      0        0 ppp0
192.168.50.0    *               255.255.255.0   U     0      0        0 eth0
127.0.0.0       *               255.0.0.0       U     0      0        0 lo
default         *               0.0.0.0         U     0      0        0 ppp0


NB: The pentaval interface is the interface for the satellite card (pent@value card from pentamedia.com.  It recieved traffic based on a hardware address filter, filtered at the card level I think)

Title: Re: listening ports not working
Post by: Andrew Gray on August 28, 2003, 09:48:29 AM

Hi folks,

I found out what was wrong.  It was simply my iptables config.  I ran the following command and it openned up the selected port:

iptables -I INPUT -i pentaval0 -p tcp -m tcp --dport 22 -j ACCEPT

and lo and behold, I can connect now!  I also added that line to the end of /etc/rc.d/rc.local.  I don't know if that's the best place to put it or not, but I know that it'll work there.  Are there suggestions for a better place to put the line?  Perhaps in the e-smith config database?  

Comments welcome.

- Andrew Gray



Andrew Gray wrote:
>
> Hi again folks, I have another question with regard to the
> e-smith 5.6 box I have which uses a satellite dish for
> incoming traffic, and a modem for outgoing traffic
> (I have turned off the rp_filter with the command: "echo 0 >
> /proc/sys/net/ipv4/conf/all/rp_filter"  This allows traffic
> to arrive on a different interface than it was sent out on)
>
> It seems that I can't connect to any daemons running on the
> e-smith box, eg http (port 80) or ssh (port 22).  I am
> suspecting that it's related to the fact that this box uses a
> satellite connection for incoming (download) traffic.  Any
> help would be much appreciated.  below is the output of the
> ifconfig and route command:
>
> - Andrew Gray
>
> root@livingstone-01:~ $ ifconfig
> eth0      Link encap:Ethernet  HWaddr 00:48:54:82:6F:A7
>           inet addr:192.168.50.1  Bcast:192.168.50.255
> Mask:255.255.255.0
>           EtherTalk Phase 2 addr:65280/27
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:723 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:791 errors:0 dropped:0 overruns:0
> carrier:0
>           collisions:0
>           RX bytes:86025 (84.0 Kb)  TX bytes:261233 (255.1 Kb)
>
> lo        Link encap:Local Loopback
>           inet addr:127.0.0.1  Mask:255.0.0.0
>           EtherTalk Phase 2 addr:0/0
>           UP LOOPBACK RUNNING  MTU:16436  Metric:1
>           RX packets:79 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:79 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0
>           RX bytes:8265 (8.0 Kb)  TX bytes:8265 (8.0 Kb)
>
> pentaval0 Link encap:Ethernet  HWaddr 00:30:6A:80:A1:D2
>           inet addr:10.1.1.2  Bcast:255.255.255.255
> Mask:255.255.255.255
>           UP BROADCAST RUNNING NOARP MULTICAST  MTU:1500
> Metric:1
>           RX packets:794 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0
>           RX bytes:258365 (252.3 Kb)  TX bytes:0 (0.0 b)
>
> ppp0      Link encap:Point-to-Point Protocol
>           inet addr:203.109.170.54  P-t-P:203.220.79.129
> Mask:255.255.255.255
>           UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500
> Metric:1
>           RX packets:432 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:1389 errors:0 dropped:0 overruns:0
> carrier:0
>           collisions:0
>           RX bytes:35992 (35.1 Kb)  TX bytes:131956 (128.8 Kb)
>
> sl0       Link encap:Serial Line IP
>           UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500
> Metric:1
>           RX packets:0 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:2 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0
>           RX bytes:0 (0.0 b)  TX bytes:124 (124.0 b)
>
>
> root@livingstone-01:~ $ route
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags Metric
> Ref    Use Iface
> default         *               255.255.255.255 UH    0    
> 0        0 pentaval0
> acc01-wick-bne. *               255.255.255.255 UH    0    
> 0        0 ppp0
> 192.168.50.0    *               255.255.255.0   U     0    
> 0        0 eth0
> 127.0.0.0       *               255.0.0.0       U     0    
> 0        0 lo
> default         *               0.0.0.0         U     0    
> 0        0 ppp0
>
>
> NB: The pentaval interface is the interface for the satellite
> card (pent@value card from pentamedia.com.  It recieved
> traffic based on a hardware address filter, filtered at the
> card level I think)