Before leaving home on a visit to Italy (where I am now) I re-booted my server. I noticed that shorewall did not print out its usual messages, but foolishly did not check what caused this. Now I can ping the machine, but cannot ssh into it (I chose a strange port) or access its web-server.
My question is: given that I can ping the machine, is there any way I can re-boot it remotely, or even just re-start shorewall?
Timothy Murphy wrote:
My question is: given that I can ping the machine, is there any way I can re-boot it remotely, or even just re-start shorewall?
You haven't provided enough info, but I would guess no. ssh would be the typical method for doing this. Obviously, it is not possible to reboot a machine using ping. So the question is are there any other working services you could use (rsh, vnc, X Server)?
Matt Flaschen
Matthew Flaschen wrote:
Timothy Murphy wrote:
My question is: given that I can ping the machine, is there any way I can re-boot it remotely, or even just re-start shorewall?
You haven't provided enough info, but I would guess no. ssh would be the typical method for doing this. Obviously, it is not possible to reboot a machine using ping. So the question is are there any other working services you could use (rsh, vnc, X Server)?
Actually there *is* a package to allow reboot via ping, it listens (like tcpdump) and finds a ping with a special secret content, and acts on it. I had it on a machine 5-6 years ago.
There was an article, something like "A ping of death for Linux" in one of the mags, which is where I saw it. Don't see it after a quick look.
Matthew Flaschen wrote:
You haven't provided enough info, but I would guess no. ssh would be the typical method for doing this. Obviously, it is not possible to reboot a machine using ping. So the question is are there any other working services you could use (rsh, vnc, X Server)?
Sadly, no. I assume shorewall is not running, and the server has reverted to default mode, which presumably is to allow nothing except ping.
I actually have a double defence (as is normal, I assume) - I have to add pinholes in the ADSL modem to open ports, and also have to open ports in shorewall. Having opened ports on the modem for http, ssh, vnc, imap and ldap, I re-started shorewall (I thought that might conceivably be necessary) and did not observe that shorewall did not restart properly (as I said).
It's not the end of the world. Italy without email is bearable. (Wish it was warmer though.) But I wondered if any guru had a secret weapon. Apparently not.
to wake (or shake) my server up remotely.
2009/1/7 Timothy Murphy gayleard@eircom.net:
Before leaving home on a visit to Italy (where I am now)
Welcome to Italy ;)
I noticed that shorewall did not print out its usual messages,
Which messages?
but foolishly did not check what caused this. Now I can ping the machine,
If you can ping the machine so I guess it's up and running.
but cannot ssh into it (I chose a strange port) or access its web-server.
If you got that port reachable from the internet, but you don't remember the ssh port number you used, you could scan your IP to discover it using, for example, nmap.
My question is: given that I can ping the machine, is there any way I can re-boot it remotely, or even just re-start shorewall?
No, using ping only :-)
Cheers
Giuseppe Fuggiano wrote:
I noticed that shorewall did not print out its usual messages,
Which messages?
When I run "sudo service shorewall restart" I normally get a long stream of messages (maybe 100 lines) on the screen, describing what shorewall macros are being read, etc. It's possible I switched on verbosity in shorewall.conf , but I don't remember doing so.
Timothy Murphy wrote:
Before leaving home on a visit to Italy (where I am now) I re-booted my server. I noticed that shorewall did not print out its usual messages, but foolishly did not check what caused this. Now I can ping the machine, but cannot ssh into it (I chose a strange port) or access its web-server.
My question is: given that I can ping the machine, is there any way I can re-boot it remotely, or even just re-start shorewall?
If there is, it's a very serious bug.
-- Chris
Chris Snook wrote:
Timothy Murphy wrote:
Before leaving home on a visit to Italy (where I am now) I re-booted my server. I noticed that shorewall did not print out its usual messages, but foolishly did not check what caused this. Now I can ping the machine, but cannot ssh into it (I chose a strange port) or access its web-server.
My question is: given that I can ping the machine, is there any way I can re-boot it remotely, or even just re-start shorewall?
If there is, it's a very serious bug.
-- Chris
To do it yourself would be a bad bad bug, as Chris mentioned. Now, doing it the manual way, if you have a person available that has physical access to the server, you can reboot it remotely, and restart shorewall rather easily and without a bad security hole.
~Seann
-
Bill Davidsen -
Chris Snook -
Giuseppe Fuggiano -
Matthew Flaschen -
Seann Clark -
Timothy Murphy