[plug] inetd
Rob Hall
rhall at echidna.stu.cowan.edu.au
Wed May 5 16:07:26 WST 1999
On Wed, 05 May 1999, you wrote:
>> That was my thoughts, but if I remove hosts.allow and hosts.deny all works
>> fine.
>
>Are you sure? It just doesn't sound like a tcpwrapper problem
>For starters, tcpwrappers have nothing to do with ping, so I'd be very
>surprised if ping started working when you removed hosts.{allow,deny}
>
That was my thoughts exactly. Yet, I renamed allow & deny and all works
perfectly. Goes against logic.
>> I did have a firewall installed, but removed
it to trace what was
>> causing this. I have temporarily set the default
policy as masquerade at
>> boot up.
>
>You mean you're masquerading _everything_? that doesn't sound like a good
>idea at all.
>
>Better would be to run:
>
>ipfwadm -F -a accept -m -W ppp0 -S 10.0.0.0/24
>
That's what (or similar) to what I origionally had. In fact I had a fairly
tight firewall. I just set masquerade as default to rule out my firewall. I
have to leave masquerade on for a few icq users.
>> Ping just sits there until I cancel it. Telnet says "unable to establish a
>> connection" or something similar.
>
>Again, not symptons of tcpwrappers. As I said before, ping isn't affected
>by tcpwrappers because it's handled by the kernel, and if you were being
>denied by tcpwrappers you'd find your Telnet would say "Connected to ..."
>followed by a blank line, and then telnet would exit.
>
Exactly.... that is why I'm confused, bewildered ...
I hear what you are saying Matt. I am in aggreemant with you. I can't
understand how allow/deny can cause this. But the fact remains that if I
delete or move them, I suddenly have access.
Here is another weird little symtpom:
If I telnet in when there are now allow/deny files, and install the allow/deny
files and restart inetd, it all works perfectly. As soon as I reboot the
server, I have problems. So I dial in (it allows me to do this and establish
telnet this way) and remove the files, reboot the server, and all works fine.
This caught me out yesterday when I set it up on site. I tested it all and
everything was fine. But as soon as the server was booted up today, everything
was thrown out the window! That's when I dialled in and disabled the firewall.
Still no change. So I deleted allow/deny, rebooted and everthing worked fine.
I then reinstalled allow/deny, restarted inetd and it worked. Somewhat
bewildered, I thought I'd reboot the server just to see what would happen. It
dialled up ok but I couldn't telnet or ping it. Weird thing is that I could
telnet to port 25!
At this point I got fed up, dialed in, deleted allow/deny and it is working
again (somewhat insecure).
Maybe diald does something strange? If anyone has any ideas I'll listen
(pretty desperate at this point).
Rob
More information about the plug
mailing list