On Mon, Apr 09, 2007 at 06:12:06PM +0200, csanyipal wrote: > On Mon, Apr 09, 2007 at 03:53:24PM +0200, Jochen Schulz wrote: > > > > I use iptables as a firewall and have added a rule to open the port 22: > > > > That probably means you are blocking any traffic not explicitly allowed, > > correct? Maybe it would help to show us your complete iptables script. > > I attach the iptables script to this mail.
Sorry, I forgotten the iptables script! -- Regards, Paul Csányi
# Generated by iptables-save v1.2.11 on Thu Jan 12 10:39:07 2006 *raw :PREROUTING ACCEPT [313:52448] :OUTPUT ACCEPT [355:33392] COMMIT # Completed on Thu Jan 12 10:39:07 2006 # Generated by iptables-save v1.2.11 on Thu Jan 12 10:39:07 2006 *nat :PREROUTING ACCEPT [4:936] :POSTROUTING ACCEPT [37:3404] :OUTPUT ACCEPT [37:3404] COMMIT # Completed on Thu Jan 12 10:39:07 2006 # Generated by iptables-save v1.2.11 on Thu Jan 12 10:39:07 2006 *mangle :PREROUTING ACCEPT [313:52448] :INPUT ACCEPT [313:52448] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [355:33392] :POSTROUTING ACCEPT [355:33392] COMMIT # Completed on Thu Jan 12 10:39:07 2006 # Generated by iptables-save v1.2.11 on Thu Jan 12 10:39:07 2006 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [355:33392] :block - [0:0] -A INPUT -j block -A FORWARD -j block -A block -m state --state RELATED,ESTABLISHED -j ACCEPT -A block -i ppp0 -p tcp --dport 25 -j ACCEPT -A block -i ppp0 -p tcp --dport 22 -j ACCEPT -A block -i ppp0 -p tcp --dport 80 -j ACCEPT -A block -i ppp0 -p udp --dport 5060 -j ACCEPT -A block -i ppp0 -p tcp --dport 5060 -j ACCEPT -A block -i ppp0 -p tcp --dport 1720 -j ACCEPT -A block -i ppp0 -p tcp --dport 5555 -j ACCEPT -A block -i ppp0 -p tcp --dport 6680:6699 -j ACCEPT -A block -i ppp0 -p tcp --dport 1234 -j ACCEPT #-A block -i ppp0 -p tcp --dport 5432 -j ACCEPT #-A block -i ppp0 -p tcp --dport 389 -j ACCEPT -A block -i ppp0 -p tcp --dport 9433 -j ACCEPT -A block -i ! ppp0 -m state --state NEW -j ACCEPT -A block -j DROP COMMIT # Completed on Thu Jan 12 10:39:07 2006
