Date: Mon, 3 Sep 2001 19:00:34 -0400 (EDT) From: Chris BeHanna <behanna@zbzoom.net> To: FreeBSD-Stable <stable@freebsd.org> Subject: Re: Access disallowed through ssh Message-ID: <20010903185529.B14526-100000@topperwein.dyndns.org> In-Reply-To: <NDBBLGPICDCECKDGFCGFGECKCKAA.cvspam@ig.com.br>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 3 Sep 2001, Conrado Vardanega wrote:
> I've a small network, from which I can ssh to my local server, which is
> 192.168.3.1/24.
>
> >From any other IP addresses, however, I'm having access disallowed, getting
> the following message:
>
> "Received disconnect from 200.193.xx.xx: 2: Sorry, you are not allowed to
> connect."
>
> Note: 200.193.xx.xx is the address of the router that does NAT and forwards
> its port 22/tcp to the server.
>
> This began sometime with no apparent changes to the system. The hosts.allow
> is default, which already allowed me access it in the past.
hosts.allow recently got this line as its first rule via mergemaster:
ALL : PARANOID : RFC931 20 : deny
If your NAT box has forward and reverse DNS records and they don't
match, you're out of there.
There were also some rule changes merged into /etc/rc.firewall the
last time around.
> Any hint of what could be?
Check /var/log/messages and /var/log/security to see if you're
filtering yourself out. Watch the server's NIC interface with tcpdump
to see if packets are actually getting forwarded to it.
Another thought: is this one of those cable/DSL router/firewall
thingies? Go into its web admin interface and make sure the rules are
what you think they are. Perhaps it got reset by a brief power
interruption or something.
--
Chris BeHanna
Software Engineer (Remove "bogus" before responding.)
behanna@bogus.zbzoom.net
I was raised by a pack of wild corn dogs.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010903185529.B14526-100000>