incoming ssh/sftp blocked by iptables

William Hooper whooperhsd3 at
Wed Apr 14 21:32:42 UTC 2004

Fulko.Hew at said:
> With test 2 there are now a set of iptable rules that
> block (amongst other things) SSH and SFTP.

I don't believe the firewall setup has changed for a while now.

> When starting the system it seems as though the NTP
> script 'knows' that iptables is in effect and adds
> a hole to talk through.

As someone else pointed out NTP (and IIRC it does this for your DNS
servers in some cases) use UDP, so that connection tracking (seeing that
the data is coming back from a request and not some random scan) doesn't

William Hooper

More information about the test mailing list