On Thu, 2002-01-17 at 13:30, Tal Amir wrote: > On Fri, 18 Jan 2002, Tzafrir Cohen wrote: > > > Date: Fri, 18 Jan 2002 01:08:00 +0200 (IST) > > From: Tzafrir Cohen <[EMAIL PROTECTED]> > > To: Tal Amir <[EMAIL PROTECTED]> > > Cc: the linux-il mailing list <[EMAIL PROTECTED]> > > Subject: Re: access problem > > > > On Thu, 17 Jan 2002, Tal Amir wrote: > > > > > hi all, > > > > > > this is kind of trickey, so i'll try to be as clear as i can. > > > i have a RH 6.2 machine at work, functioning as a mail-relay to an > > > exchange server sitting in the local LAN, with NAT address. > > > the linux machine is in a DMZ, with 1 nic, real ip. > > > everything worked wonderfull for more then 2 years, until last week, when > > > someone did a hard reset to that machine. > > > > > > > Yuck. It is possible that some files got trashed in the process. > > thats my guess to... ;( > > > > > > as for now, users that try to telnet this machine > > > > <ssh-advocacy> > > Install sshd and use it! > > Installing an ssh client on every windows machine is not practical. > > Download putty and put putty.exe on some SMB share > > </ssh-advocacy> > > > > ssh is installed, but that does not explain why telnet isnt working. > i use ssh most of the time. > > > > or get mail from it (using ms outlook) are > > > getting stuck in the autontication.the mail client gets stuck on > > > "verifying username and password" for 1-2 > > > minuetes, and then gives up with a connection timeout. > > > > Outlook has very strange-looking error messages. Figuring them out is not > > always easy. > > > > telnet your-server 110 > > > > If and when a (tcp) connection is established, try writing the following: > > > > USER username > > PASS topsecretpasswordinplaintext > > QUIT > > > > (wu-imapd is very polite, and will give you a prompt for every step. > > > > telnet to port's 110 and 25 works. only mail clients cant get to > authonticate. this is the most wierd part (?!) like tzafrir said, try to sniff the connection. go figure what outlook tries to do exactly... maybe you should also start sendmail with "strace" and see what it tries to do, maybe this will give you a new direction.
> > > > > > i forgot to mention that some users use this machine as a pop3 server, and > > > others use the exchange (all mail messages > > > are forwarded to teh exchange, except for users that have "CL username" in > > > sendmail.conf . > > > from the outside, all services work just fine. > > > > pop3 over the internet? Consider using spop3 (when you have some time) > > > > > this is not a firewall problem, since i unloaded the policy, tried and got > > > nothing as well. > > > for some reason, i cannot get to authonticate (as pop3 or telnet) from the > > > internal network. > > > there is nothing preventing me to access in hosts.deny . > > > i am able to ping that machine from the inside, but thats about all i can > > > do. nothing more. > > > i did not change anything,or even touched that machine since the last > > > time it worked, so there is no way that i did > > > something wrong in any of the configuration files. > > > the only change that was "made" was that hard reset. (boy, is that guy > > > gonna get it) ;) > > > > > > any idea's are welcomed. > > > tal. > > > > Let's go one step at a time: > > > > * Is anybody listening on the ports of the internal interfaces? Perhaps > > your programs only listen on specific IPs? > > > > there ARE NO internal interfaces. > 1 interface (eth0) with 1 real ip. this machine is in a dmz, and the > firewall translates everything to it. this is why its accesible from both > internal and external locations, and vice versa (it can access NAT > addresses). > > > Use netstat -ln --tcp and see if any service listens on an address that is > > not 0.0.0.0 (=all interfaces). > > > > > > * Do packets from the clients get to the server? > > Use tcpdump or any other sniffer. This could be a DNS problem or a routing > > problem. > > > > no routing problem. as i said, i can ping it from the internal LAN. > also from outside. > this is not the problem. > > > > * Have you looked at the logs? Any connection attempts logged? > > > another thing i forgot to mention : syslogd is running but not logging > anything. the last log entry is at the same date when the hard reset > acourd. i dont think that there is a connection, but go figure.. > > > > * Have you eliminated packet filtering? > > Make sure you log any packet that you drop. Watch the logs and see if > > connections don't yield messages of dropped packets. > > nothing of that kind. everything from the internal lan to that machine > (DMZ) is allowed. > like i said, i even unloaded the firewall's policy to make sure that this > is not a firewalling problem. > and this machine does not run any firewalling of its own, or filter's any > traffic..its all done by the firewall. > > > > > > > > -- > ----------------------------------- > _|_|_ Best Regard's , > ( ) * Amir Tal, > /v\ / System Administrator > /( )X > (m_m) > | | ICQ : 15748705 > | (_)_ __ > | | | '_ \| | | \ \/ / > | | | | | | |_| |> < > |_)_|_|_| |_|__,_/_/\ > http://whatsup.homelinux.com > ----------------------------------- > > > ================================================================= > To unsubscribe, send mail to [EMAIL PROTECTED] with > the word "unsubscribe" in the message body, e.g., run the command > echo unsubscribe | mail [EMAIL PROTECTED] > I have a wild shots in the air: (probably its not the case, but I've seen strange things before) Try to replace you ethernet adapter, maybe something went wrong with it, that it fails in very ***certain*** situations. (doesn't sound probable, but as I said I have seen very strange things before) Also, maybe it's some problem with the TCP/IP stack. Perhaps the kernel/module got screwed because of the reboot. I will not preach you about how to manage your computers, but I think you should consider some kind of journaling file system for your machines - just for cases like this. -- Noam Meltzer [EMAIL PROTECTED] ICQ: 4853872 ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
