You are not logged in.
I'm attempting to set up my Arch Linux workstation as a router; it has two ethernet chipsets - one onboard, and one in a pci slot. I try ssh 127.0.0.1 and the connection gets refused.
I had ssh working just fine earlier until I installed/configured iptables per the instructions in the wiki on setting up Arch for NAT. My configuration is as follows:
ip route ls | grep eth0 # (eth0 is my LAN interface)
10.0.0.0/28 dev eth0 proto kernel scope link src 10.0.0.1
cat /etc/hosts.allow | grep sshd
sshd:ALL
cat /etc/ssh/sshd_config | grep 22
Port 22
ListenAddress 10.0.0.0:22
cat /etc/iptables/iptables.rules | grep 22
-A open -i eth0 -p tcp -m tcp --dport 22 -j ACCEPT
-A open -i eth1 -p tcp -m tcp --dport 22 -j ACCEPT
-A open -i lo -p tcp -m tcp --dport 22 -j ACCEPT
The full iptables.rules:
# Generated by iptables-save v1.4.0 on Sat Apr 5 18:59:37 2008
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
:fw-interfaces - [0:0]
:fw-open - [0:0]
:interfaces - [0:0]
:open - [0:0]
-A INPUT -p icmp -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -j interfaces
-A INPUT -j open
-A INPUT -p tcp -j REJECT --reject-with tcp-reset
-A INPUT -p tcp -j REJECT --reject-with icmp-port-unreachable
-A INPUT -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j DROP
-A INPUT -f -j DROP
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,RST,PSH,ACK,URG -j DROP
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP
-A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -j fw-interfaces
-A FORWARD -j fw-open
-A FORWARD -j REJECT --reject-with icmp-host-unreachable
-A fw-interfaces -i eth0 -j ACCEPT
-A interfaces -i lo -j ACCEPT
-A interfaces -i eth0 -j ACCEPT
-A open -i eth0 -p tcp -m tcp --dport 22 -j ACCEPT
-A open -i eth1 -p tcp -m tcp --dport 22 -j ACCEPT
-A open -i lo -p tcp -m tcp --dport 22 -j ACCEPT
-A open -i eth1 -p tcp -m tcp --dport 80 -j ACCEPT
-A open -i eth0 -p tcp -m tcp --dport 80 -j ACCEPT
-A open -i eth1 -p tcp -m tcp --dport 28070 -j ACCEPT
-A open -i eth1 -p udp -m udp --dport 28070 -j ACCEPT
COMMIT
# Completed on Sat Apr 5 18:59:37 2008
# Generated by iptables-save v1.4.0 on Sat Apr 5 18:59:37 2008
*nat
:PREROUTING ACCEPT [2:128]
:POSTROUTING ACCEPT [2:128]
:OUTPUT ACCEPT [0:0]
-A POSTROUTING -s 192.168.0.0/24 -o eth1 -j MASQUERADE
COMMIT
# Completed on Sat Apr 5 18:59:37 2008
Is there anything I'm missing or that might be causing this problem?
Offline
cat /etc/ssh/sshd_config | grep 22
Port 22 ListenAddress 10.0.0.0:22
That second line is wrong, read the manpage.
Offline