telnet on local LAN question
Paul Allen Newell
pnewell at cs.cmu.edu
Thu Aug 18 05:34:58 UTC 2011
On 8/17/2011 12:49 PM, Roberto Ragusa wrote:
> On 08/17/2011 08:25 AM, Paul Allen Newell wrote:
>
> One of the interesting things is I am now getting
>> "connection refused" rather than "no route to host" and I need to see
>> what change I made caused that (which is also interesting as I would
>> have expected "connection refused" if the resolution was "REJECT"?)
> This could depend on the "--reject-with icmp-host-prohibited" part.
> Other kind of --reject-with could give "connection refused".
>
I think my earlier email shows when I am getting the change ... though I
don't have a good explanation of why
>
> The firewall is probably quite ok now.
I am not certain about this ... plus I think I have to deal with F14
Firewall and LAN router firewall (???)
> More investigation can be done with "tcpdump -i eth0 -n -n" on the
> destination machine (do not do this remotely as it will generate
> traffic and confuse you). Take note of what kind of reply the SYN
> packet gets.
This is for tomorrow's testing when hopefully I can get a few answers to
what I discovered and posted in earlier email. I am already wishing I
could better tag the process so I was sure I knew which user command is
associated with which entry in the log (and to make sure I am seeing an
entry for each test)
> An additional thing to check is if you are listening on port 23 (or 25).
> Try "netstat -tnlp" and search ":23" (or ":25"). You will find the
> name of the process listening. Check if it is listening on 0:0:0.0 or
> just on 127.0.0.1. The 127.0.0.1 would be wrong, and should be fixed
> in the configuration of the mail program.
I have an entry for :25 ... 127.0.0.1:25. No entry for :23.
Given that I am using telnet and not mail as it seems like a simplier
problem to learn how to get commands/ports to work on my LAN (mail seems
to have multiple ports and telnet is a single one ... and a very simple
test to run), what do I need to do if 127.0.0.1 is wrong for telnet
23/25 or telnet without a specified port (which seems to be 23, right?)
Thanks,
Paul
More information about the users
mailing list