On Fri, 2005-01-28 at 12:15 -0600, Lyle Worthington wrote: > > Where xx.xx.xx.xx/24 is our class C at our office. Now the problem we > see is that all of a sudden ssh is no longer allowed through. There > are no entries in the log about connections actually being blocked, > but nothing gets through. From multiple IPs on our C block we can hit > SMTP and HTTP, just not SSH. Does anyone have any ideas? Anywhere I > can look? Need any more information?
Are you quite sure that it is a firewall problem. In my experience (and I have seen a few things like this) it is often something else that is failing and everyone automatically points to the firewall. I have seen exactly this problem and it turned out that the admin on the box had put up a cron job that changed the host.allow file so access was blocked over the weekend. I would suggest that you sniff (tcpdump) the traffic on the inbound and outbound interfaces (or networks if you have monitoring points around the firewall) to establish if the traffic ever reaches the firewall and if it leaves it. This will tell you if the problem really is in the firewall. Also I would upgrade to 3.6 stable, there have been a lot of bug fixes. Russell
smime.p7s
Description: S/MIME cryptographic signature
