[vox-tech] SSH On Home Network

ME vox-tech@lists.lugod.org
Mon, 10 Mar 2003 18:45:19 -0800 (PST)


Mike Simons said:
> On Mon, Mar 10, 2003 at 04:16:01PM -0800, Jim Angstadt wrote:
>> > Could you try this:
>> > # iptables -t filter -D  INPUT 1 -p tcp -s
>> > 192.168.0.0/24 -d 192.168.0.3\
>> >  --destination-port 22 -j ACCEPT
>>
>> I get "Illegal option '-s' with this command".
>
> He meant a -A instead of -D, but I think you have confirmed that the
> firewall rules are really the problem you shouldn't waste time messing
> with them.

Sorry about that. I meant "-I" instead of -A or -D
-I inserts the rule a point "1" to be the first rule checked. This should
ensure that an ACCEPT is triggered for ssh to short-circuit the other
checks in-line.

-ME



-- 
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCS/CM$/IT$/LS$/S/O$ !d--(++) !s !a+++(-----) C++$(++++) U++++$(+$) P+$>+++
L+++$(++) E W+++$(+) N+ o K w+$>++>+++ O-@ M+$ V-$>- !PS !PE Y+ PGP++
t@-(++) 5+@ X@ R- tv- b++ DI+++ D+ G--@ e+>++>++++ h(++)>+ r*>? z?
------END GEEK CODE BLOCK------
decode: http://www.ebb.org/ungeek/ about: http://www.geekcode.com/geek.html
  Campus IT(/OS Security): Operating Systems Support Specialist Assistant