On Sep 12, 2006, at 7:33 PM, Lan Barnes wrote:
During the summer I had occasion to use the laptop away from home without my usual firewall protections. Naturally I used lokkit to magically enable nasty security.Being a script (I think?), lokkit did obscure things but I'm going toassume they had to do with changing the iptables. Of course, I forgot toset it back.
So, then, it was a firewall issue.I've noticed lots of things tend to like to reject packets with "icmp- host-prohibited" messages, which causes all sorts of entertaining responses depending on the client software that's trying to connect.
When you said "no route to host" I was going to reply first thing with "Make sure your iptables aren't rejecting SSH packets on port 22", as that's exactly the symptom we see with our RHEL boxes at work. For most of our firewalling needs, I use:
-j REJECT --reject-with icmp-host-prohibited instead of using DROP, primarily because you notice it nearly instantly.Glad you found the reason, even if I did have to just dig through 56 messages to get here.
Gregory -- Gregory K. Ruiz-Ade <[EMAIL PROTECTED]> OpenPGP Key ID: EAF4844B keyserver: pgpkeys.mit.edu
PGP.sig
Description: This is a digitally signed message part
-- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
