From owner-freebsd-stable Wed Aug 2 1:13: 6 2000 Delivered-To: freebsd-stable@freebsd.org Received: from snafu.adept.org (adsl-63-201-63-44.dsl.snfc21.pacbell.net [63.201.63.44]) by hub.freebsd.org (Postfix) with ESMTP id B67C137B822 for ; Wed, 2 Aug 2000 01:13:03 -0700 (PDT) (envelope-from mike@adept.org) Received: from localhost (mike@localhost) by snafu.adept.org (8.9.3/8.9.3) with ESMTP id BAA15996; Wed, 2 Aug 2000 01:12:24 -0700 (PDT) (envelope-from mike@adept.org) Date: Wed, 2 Aug 2000 01:12:23 -0700 (PDT) From: Mike Hoskins To: plamendp@bgstore.com Cc: freebsd-stable@freebsd.org Subject: Re: telnet connection refused from IP outside subnet In-Reply-To: <200008010956.MAA07790@plamen.bgstore.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Tue, 1 Aug 2000 plamendp@bgstore.com wrote: > Actualy, I don't have 'login failers'. I just can't > connect! "Connection refused", not login failer! I do not get login > prompt at all! Correct... However, per inetd(8), wrapped services log failed attempts using the auth syslog facility. > 'host' is ok in both directions (host and host gives the > same name/IP). Can I assume resolving is ok ? You did this from your server, not your home system, correct? Just checking, since inetd will obviouslly be using the DNS of your server to see if a given host is allowed. Do you have the same problem if you comment out the PARANOID line in /etc/hosts.allow? #ALL : PARANOID : RFC931 20 : deny What's a traceroute look like from the disallowed connection to the server, and from the server to your disallowed IP? > If i could force things to be logged somehow :-) I can send my > /etc/syslog.conf if it will be of help ? Hmm, I understand your pain... I just attempted to make sshd log failed attempts and... I must be overlooking something really simple, because it's not working. I looked at inetd(8) and sshd(8). I have the following in /etc/ssh/sshd_config by default: SyslogFacility AUTH LogLevel INFO So I created the following in /etc/syslog.conf (Yes, those are tabs): auth.* /var/log/auth.log In sshd_config I even tried bumping LogLevel up to VERBOSE. I touched /var/log/auth.log and it is writeable by syslogd. I then removed an allow rule for one of my boxes, ssh'd in, and got denied without anything being logged to auth.log. Sshd is standalone... So logging behavior relating to inetd shouldn't matter, but I noticed mention of daemon.* being used by inetd so tried logging those too... Still nothing. Hmm. -mrh To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message