Hi,
>I've installed it successfully. But as I configured it. The permit/deny
>mechanism for ftp is OK, but it doesn't work for TELNET. Although I put
>a permit rule for a specific host, this host just can't log into my firewall
>station. It seems that it just deny everything?!!
Try putting a single rule in to permit all for telnet
This should do it
tn-gw: timeout 3600
tn-gw: permit-hosts * -passok -xok
Note that this will let all connect from everywhere!
If it still wont connect then start back tracking. replace
the tn-gw entry in inetd.conf with the original telnetd
and try that. If that works and tn-gw doesnt then try looking
at the name server configuration. When a machine connects
the first thing that it does is to look up the name of the
machine from the IP address and then look up the address
again from the name. If it does not get back to where it
started then it denies access and logs the fact via syslog.
I have had some problems with the name server lookups from
the toolkit. The reverse lookup is done OK but the forward
lookup is done with the trailing dot removed for some reason
so the resolver adds the local domain to it and tries to
look this up. This fails of course and then it tries it
without the local domain which does work. The only problem
is that this takes a long time and seriously slows things
down, especially with http where you form lots of connections.
Any ideas?
Lyndon
References:
|
|
