Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 3 Sep 2001 20:08:38 -0300
From:      "Conrado Vardanega" <cvspam@ig.com.br>
To:        "Chris BeHanna" <behanna@zbzoom.net>
Cc:        <freebsd-stable@freebsd.org>
Subject:   Re: Access disallowed through ssh
Message-ID:  <NDBBLGPICDCECKDGFCGFAECPCKAA.cvspam@ig.com.br>
In-Reply-To: <20010903185529.B14526-100000@topperwein.dyndns.org>

next in thread | previous in thread | raw e-mail | index | archive | help
Ok, there is more information about the problem:

  -- its NOT the hosts.allow, its "ALL : ALL : allow" and I don't even have
a PARANOID line there.

  -- its NOT firewall matter, I've no firewall rules at this machine and
people can "telnet 200.193.xx.xx 22" and get tcp sessions open. Therefore
the Network Layer is ok.

  --  its NOT reverse/unmatching dns entry. Both, public and private
addresses, are named and they're all matching correctly.

Thanks!

Conrado

> -----Mensagem original-----
> De: owner-freebsd-stable@FreeBSD.ORG
> [mailto:owner-freebsd-stable@FreeBSD.ORG]Em nome de Chris BeHanna
> Enviada em: segunda-feira, 3 de setembro de 2001 20:01
> Para: FreeBSD-Stable
> Assunto: Re: Access disallowed through ssh
>
>
> On Mon, 3 Sep 2001, Conrado Vardanega wrote:
>
> > I've a small network, from which I can ssh to my local server, which is
> > 192.168.3.1/24.
> >
> > >From any other IP addresses, however, I'm having access
> disallowed, getting
> > the following message:
> >
> > "Received disconnect from 200.193.xx.xx: 2: Sorry, you are not
> allowed to
> > connect."
> >
> > Note: 200.193.xx.xx is the address of the router that does NAT
> and forwards
> > its port 22/tcp to the server.
> >
> > This began sometime with no apparent changes to the system. The
> hosts.allow
> > is default, which already allowed me access it in the past.
>
>     hosts.allow recently got this line as its first rule via mergemaster:
>
>      ALL : PARANOID : RFC931 20 : deny
>
>     If your NAT box has forward and reverse DNS records and they don't
> match, you're out of there.
>
>     There were also some rule changes merged into /etc/rc.firewall the
> last time around.
>
> > Any hint of what could be?
>
>     Check /var/log/messages and /var/log/security to see if you're
> filtering yourself out.  Watch the server's NIC interface with tcpdump
> to see if packets are actually getting forwarded to it.
>
>     Another thought:  is this one of those cable/DSL router/firewall
> thingies?  Go into its web admin interface and make sure the rules are
> what you think they are.  Perhaps it got reset by a brief power
> interruption or something.
>
> --
> Chris BeHanna
> Software Engineer                   (Remove "bogus" before responding.)
> behanna@bogus.zbzoom.net
> I was raised by a pack of wild corn dogs.
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-stable" in the body of the message
>


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?NDBBLGPICDCECKDGFCGFAECPCKAA.cvspam>