On Tue, Apr 16, 2002 at 09:23:27AM -0400, Russell Hires wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> So the output statement lets stuff out? I have no problem with traffic going
> out, either from the firewall computer or the ones inside the firewall. But
> if I want to contact my firewall computer via ssh from somewhere besides my
> home network...how would I allow that? I thought it would be as simple as
> ipchains -A input -l -i ppp0 -d 0.0.0.0/0 22 -p TCP -j ACCEPT
>
> but it hasn't worked out that way...
>
> Still thinking hard about all this.... :-)
>
According to my /etc/services file, ssh also wants UDP traffic on this
port, so you might need:
ipchains -A input -l -i ppp0 -d 0.0.0.0/0 22 -p UDP -j ACCEPT
I'd suggest looking at each line in your firewall script and, with
your man pages in hand, tracking down what each line does. Eventually,
any problems should pop out at you. In lieu of someone being able to
specifically answer your specific question, this is your best bet.
I'm not an expert on this-- I've only done what I described above.
Otherwise, I'd tell you exactly what to do.
Another (probably silly) question: is sshd running on this box?
Paul
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 20:11:24 EDT