have you tried "iptables -L -n" to see what your fw is doing? I can't really follow the syntax as it is mostly from the gui tool (redhat-config-securitylevel ?).
I'm not sure what I'm looking for with the forward rules. The results are: Chain FORWARD (policy ACCEPT) target prot opt source destination <INPUT_RULE> all -- 0.0.0.0/0 0.0.0.0/0
The rules I wrote are based on the GUI tool. I fiddled with the GUI tool, read the files, learned to tweak the file based on the syntax used.
Intersting it does not run as a inetd service!Currently, there is no vsftpd file in there. I've located the copy with the RPM, and have copied it over, and changed disable to no. I seemed to recall reading yesterday that the default disable value is yes.
WOOPS, now I see the problem, I am leading you astray, it is xinetd now, not inetd, so the dir where your telnet, and normally ftpd reside is /etc/xinetd.d/
It looks like the telnet file in xinetd.d has disable set to yes. So it doesn't look like it's listening. I will also turn this on and test.I have temporarily released the system's firewall block on telnet, andIs the telnet daeman listening? (ususlly it would be started via xinetd)
cannot access the telnet port. I have also just checked, and I cannot
You may need to allow sendmail & telnet in tcpwrappers (sendmail in RH's rpm is compiled aginst tcpwrappers so you may be having issues there as well. But that happens after the firewall and will send back a error to the client, usually like access denied, before you even get a prompt. I presume you are simply not connecting at all as far as the client is concerned.Sendmail outbound is not a problem, nor does inbound appear to be an issue. So far, the SMTP server seems to be working correctly. I am able to create virtual email domains and aliases for sendmail, and then mail to them from the outside. However, I can't talk to my own SMTP server, and I'm not sure why.
Did you try an ftp from that other network? You may need to add a route, but at least your isp woun't be involved.Not yet. I'll need to arrange a test, which probably won't happen until Monday.
I will put the rules at the top of the accept list, just under the FTP rules, and test.Make sure there is a log entry before any other accept rules. Maybe someone else that reads this and uses the same tool as originally set these up, can comment on the iptables rules you have listed.
-Bob
-- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
