incoming ssh/sftp blocked by iptables
William Hooper
whooperhsd3 at earthlink.net
Wed Apr 14 21:32:42 UTC 2004
Fulko.Hew at sita.aero said:
>
>
> With test 2 there are now a set of iptable rules that
> block (amongst other things) SSH and SFTP.
I don't believe the firewall setup has changed for a while now.
> When starting the system it seems as though the NTP
> script 'knows' that iptables is in effect and adds
> a hole to talk through.
As someone else pointed out NTP (and IIRC it does this for your DNS
servers in some cases) use UDP, so that connection tracking (seeing that
the data is coming back from a request and not some random scan) doesn't
work.
--
William Hooper
More information about the fedora-test-list
mailing list