Fórum Ubuntu CZ/SK
Ubuntu pro osobní počítače => Internet a sítě => Téma založeno: cutor 22 Září 2008, 16:27:25
-
ahoj
nejak mi nedari zprovoznit ssh pristup z venku do pc. Mam pevnou IP ale nemuzu se spojit.
Tady je nastaveni co tam mam nejak uz nevim co a jak.
Poradite prosim pripadne nasmerujete? dik moc.
PS: pokud nekdo vi jak zablokovat internetova radia tak dejte vedet.
#
# $Id: client-all.conf,v 1.2 2002/12/31 15:44:34 ktsaou Exp $
#
# This configuration file will allow all requests originating from the
# local machine to be send through all network interfaces.
#
# No requests are allowed to come from the network. The host will be
# completely stealthed! It will not respond to anything, and it will
# not be pingable, although it will be able to originate anything
# (even pings to other hosts).
#
version 5
# Accept all client traffic on any interface
# interface any world
# client all accept
DEFAULT_CLIENT_PORTS="1024:65535"
server_icq_ports="tcp/5190"
client_icq_ports="default"
client_radmin_ports="default"
server_radmin_ports="tcp/6000"
client_sshmoje_ports="default"
server_sshmoje_ports="tcp/6022"
interface eth1 vnitrni
protection strong 10/sec 10
policy drop
server dns accept
server netbios_ns accept
server netbios_dgm accept
server netbios_ssn accept
server samba accept
server squid accept
server icmp accept
server ping accept
server ssh accept
server sshmoje accept
server vnc accept
server radmin accept
client all accept
interface eth0 vnejsi
protection strong 10/sec 10
policy drop
server icmp accept
# server ping accept
server ssh accept src xx.xxx.xxx.xxx
server sshmoje accept
client dns accept
client icmp accept
client ping accept
client telnet accept
client http accept
client https accept
client ftp accept
client ntp accept
client ssh accept
client icq accept
client jabber accept
client webcache accept
client all accept
router vnitrni2vnejsi inface eth1 outface eth0
masquerade
route all accept
FIREHOL_LOG_LEVEL=7
-
Hm, a nefunguje jen ssh, nebo jeste neco? Jste si jist ze to bude nastavenim fireholu? Co logy a vypis z ssh?
-
Připojíte se z vnitřní sítě? Pokud ano tak si zkontrolujte nastavení routeru jestli máte přesměrované porty.
-
ano ssh uvnitr funguje v pohode. z cele vnitrni site jede vpohode net, mail, skype, atd....
Zkusim zkontrolovat ten router pripadne vypnout firehol a zkusim co to udela.
-
U portu 8080 potrebuju nastavit aby paket z venku z eth0 se smeroval na IP xx.xxx.xxx.xx:8080 lezici na eth2. Jde o stream radia z mojeho pocitace ven. Uz jsem to mel jednou nastavene z iptables ale jak jsem nahodil firehol tak se vsechno sesypalo a nedari se mi ty pravidla tam zanest prikazama pro iptables. Asi si to firehol nejak hlida:(
root@pkchemsrv:~# vi /etc/firehol/firehol.conf
client_icq_ports="default"
server_webmin_ports="tcp/10000"
client_webmin_ports="default"
server_radio_ports="tcp/8080"
client_radio_ports="default"
interface eth2 internal
protection strong 10/sec 10
policy drop
server dns accept
server netbios_ns accept
server netbios_dgm accept
server netbios_ssn accept
server samba accept
server squid accept
server icmp accept
server ping accept
client all accept
interface eth0 external
protection strong 10/sec 10
policy drop
server icmp accept
server ping accept
server ssh accept
client dns accept
client icmp accept
client ping accept
client telnet accept
client http accept
client https accept
client ftp accept
client ntp accept
client ssh accept
client icq accept
client jabber accept
client webcache accept
router internal2external inface eth2 outface eth0
masquerade
route all accept
FIREHOL_LOG_LEVEL=7
-
http://www.abclinuxu.cz/poradna/linux/show/221908
zkuste. Jinak se toho na netu vali vic.