SSH problem - firewall issue?

Hi,
I've a remote server which I use to connect sometimes to check some
server-logs, etc..

I haven't changed anything to the firewall (iptables), but I think it's
here where my problem is.

I've done a iptables -L -vx to print out all rules. This is the result:
Chain INPUT (policy ACCEPT 5 packets, 441 bytes)
pkts bytes target prot opt in out source
destination

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
0 0 accounting-in all -- eth0 eth1 anywhere
anywhere
0 0 accounting-out all -- eth1 eth0 anywhere
anywhere

Chain OUTPUT (policy ACCEPT 5 packets, 363 bytes)
pkts bytes target prot opt in out source
destination

Chain RH-Lokkit-0-50-INPUT (0 references)
pkts bytes target prot opt in out source
destination

Chain accounting-in (1 references)
pkts bytes target prot opt in out source
destination
0 0 RETURN all -- any any anywhere
192.168.0.101
0 0 RETURN all -- any any anywhere
192.168.0.102
0 0 RETURN all -- any any anywhere
192.168.0.103
0 0 RETURN all -- any any anywhere
192.168.0.104
0 0 RETURN all -- any any anywhere
192.168.0.105
0 0 RETURN all -- any any anywhere
192.168.0.106
0 0 RETURN all -- any any anywhere
192.168.0.107
0 0 RETURN all -- any any anywhere
192.168.0.108
0 0 LOG all -- any any anywhere
anywhere LOG level warning ip-options prefix `onbekend
client-ip: '
0 0 DROP all -- any any anywhere
anywhere

Chain accounting-out (1 references)
pkts bytes target prot opt in out source
destination
0 0 RETURN all -- any any 192.168.0.101
anywhere MAC 00:A0:24:A5:AA:17
0 0 RETURN all -- any any 192.168.0.102
anywhere MAC 00:01:4A:20:55:88
0 0 RETURN all -- any any 192.168.0.103
anywhere MAC 00:14:51:13:C7:A6
0 0 RETURN all -- any any 192.168.0.104
anywhere MAC 00:15:C5:69:26:8C
0 0 RETURN all -- any any 192.168.0.105
anywhere MAC 000:09:FD:6D:94
0 0 RETURN all -- any any 192.168.0.106
anywhere MAC 00:17:F2:2E:7F:E7
0 0 RETURN all -- any any 192.168.0.107
anywhere MAC 00:0A:E4:C1:6D:10
0 0 LOG all -- any any anywhere
anywhere LOG level warning ip-options prefix `Onbekende
mac-adres:'
0 0 REJECT all -- any any anywhere
anywhere reject-with icmp-port-unreachable

On the server I've also done a netstat -an and I see clearly that port
22 is listening. Using the local network on the server, I can connect
with putty.

How can I open up the firewall for SSH? Thank you!

On 18 Nov 2006 04:47:48 -0800, Jacques Vandensavel
<(E-Mail Removed)> wrote:
> Hi,
> I've a remote server which I use to connect sometimes to check some
> server-logs, etc..
>
> I haven't changed anything to the firewall (iptables), but I think it's
> here where my problem is.
>
> I've done a iptables -L -vx to print out all rules. This is the result:
>
> On the server I've also done a netstat -an and I see clearly that port
> 22 is listening. Using the local network on the server, I can connect
> with putty.
>
> How can I open up the firewall for SSH? Thank you!
>
Check the /etc/hosts.allow and /etc/hosts.deny files.


--
unfair competition, n.:
Selling cheaper than we do.

Bill Marcum schreef:

> Check the /etc/hosts.allow and /etc/hosts.deny files.

Hi Bill, I think my ISP was blocking port 22, when connecting from
another ISP. I'm not quite sure about this, have to check this tonight.
Thx for the input!

In news:(E-Mail Removed) oups.com,
Jacques Vandensavel <(E-Mail Removed)> wrote:

>> Check the /etc/hosts.allow and /etc/hosts.deny files.
>
> Hi Bill, I think my ISP was blocking port 22, when connecting from
> another ISP. I'm not quite sure about this, have to check this
> tonight. Thx for the input!

In the event that the IP address from which you're posting is involved:

$ tcptraceroute 81.241.249.74 22
....
15 sle-belga1-4-0.sprintlink.net (80.66.129.178) ...
16 ge0-1.ipopsstr5.isp.belgacom.be (194.78.0.89) ...
17 * * *
18 74.249-241-81.adsl-static.isp.belgacom.be (81.241.249.74) [closed] ...