<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8">
<META NAME="GENERATOR" CONTENT="GtkHTML/3.26.3">
</HEAD>
<BODY>
On Tue, 2010-05-25 at 05:17 -0400, Bob Goodwin wrote:
<BLOCKQUOTE TYPE=CITE>
<PRE>
I have two f12 computers, box9 will ping box6 but box6 to box9
reports 100% loss. When we had Firestarter there was a log that
usually indicated where the firewall was blocking data.
It seems to me there should be a way to determine this without
Firestarter? How do I do that?
[bobg@box6 ~]$ service sshd status
openssh-daemon (pid 1522) is running...
Pinging the numerical addresses does not help.
Thanks.
Bob
--
</PRE>
</BLOCKQUOTE>
If this applies for ssh only, you could do something like this, on box9:<BR>
<BR>
<BR>
IPTABLES -I INPUT -i eth0 -s ip.of.box.6 -p tcp -m tcp --dport 22 -j ACCEPT<BR>
<BR>
<BR>
If you need more services to be available for box9, you simply let out -m tcp and --dport 22, to get this:<BR>
<BR>
<BR>
IPTABLES -I INPUT -i eth0 -s ip.of.box.6 -j ACCEPT<BR>
<BR>
<BR>
To see all the packages from box6, you can insert the rule below:<BR>
<BR>
<BR>
IPTABLES -I INPUT -i eth0 -s ip.of.box.6 -m state --state NEW -j LOG --log-prefix "IPTABLES - NEW PACKETS FROM BOX6: " --log-level 6<BR>
<BR>
<BR>
and watch the result in /var/log/messages (with tail -f /var/log/messages)<BR>
<BR>
<BR>
<BR>
<TABLE CELLSPACING="0" CELLPADDING="0" WIDTH="100%">
<TR>
<TD>
<BR>
<BR>
Calin<BR>
<BR>
Key fingerprint = 37B8 0DA5 9B2A 8554 FB2B 4145 5DC1 15DD A3EF E857<BR>
<BR>
=================================================<BR>
Simon: "Some of these words -- they're misspelled. She started correcting my spelling when she was three." --Episode #5, "Safe"
</TD>
</TR>
</TABLE>
</BODY>
</HTML>