new RH6.2 install; ftp and telnet not working from other computers

[SYEDWASIMALI]

Hi everyone,

It has been a day and half that I am struggling with this problem and finally, I think I will present this question here.

The test subject is the PIII box (10.20.30.40) with RH6.2 Custom installation all by itself. 'netstat -a | grep "ftp"' shows that the ftp service is running. Next, if I locally try to 'ftp localhost' or 'ftp 10.20.30.40', it works. However, a ftp attempt from a different computer on the same subnet, physically sitting right next to it, fails as follows:

C:\WINNT\SYSTEM32\DRIVERS\ETC>ftp 10.20.30.40
-> ftp: connect:Connection refused
ftp> bye

Let me also say that a ping attempt from the other computer works just fine.

I get the same failures for 'rlogin' or 'telnet' attempts. Conclusion: All IP services seem to be up and active on '10.20.30.40' itself, but they are inaccessible from outside. Further, if I try to ftp or telnet 'out' of '10.20.30.40', it works fine.

It seems like a firewall-like entity on '10.20.30.40' itself is preventing other computers from accessing tcp applications. What I don't know is how to find out what/where is it? Let me also note that I did not explicitly select any packages from the standard RH6.2 distribution install that advertise FW properties. I checked /etc/hosts.allow and added the only line "ALL: ALL". Also, I made sure that /etc/hosts.deny file has all the lines commented out. '10.20.30.40' can access the DNS server on the network and do name resolutions, so this doesn't look like TCP/IP configuration problem.

Has anyone experienced this problem before? Most recently, I installed RH7.0 and that installation went smoothly without a glitch. Any help or suggestion in this regard will be highly appreciated.

thanks in advance.

-Syed.

 

[Guest_imported]

check with
chkconfig --list
and make sure
that it looks something like this

xinetd based services:
rexec: off
rlogin: off
rsh: off
chargen: off
chargen-udp: off
daytime: off
daytime-udp: off
echo: off
echo-udp: off
time: off
time-udp: off
finger: off
ntalk: off
talk: off
telnet: on
wu-ftpd: on
rsync: off
amanda: off
comsat: off
dbskkd-cdb: off
amandaidx: off
amidxtape: off
imap: off
imaps: off
ipop2: off
ipop3: off
pop3s: off
eklogin: off
gssftp: off
klogin: off
krb5-telnet: off
kshell: off
linuxconf-web: off
swat: off


if it is not than enable it with
chkconfig [--level levels] name <on|off|reset>

AutoVon

 

[SYEDWASIMALI]

thanks for the reply.

I tried and all these services are on. 'telnet' and 'ftp' are both working local to the installed machine. Also, both 'telnet' and 'ftp' works well 'to' other computers, but not the other way around.

On occasions, 'telnet' from a different computer into the installed machine works, but soon after login, the installed drops the connection. Again, this behavior tells me that there a tcp level security mechanism that is preventing the connections to fail.

-Syed

 

[amikeliunas]

Based on your description, your diagnosis is correct:
you have a mini-firewall--it's called tcp wrappers and
it's configured via the /etc/xinetd.conf file (or dirctory). It is currently allowing local connections,
but no remote ones. Look into this file and check the man
page for more info: man xinetd or man xinetd.conf
Good luck!

 

[spolyson]

I am having this exact same problem, and have seen it before on other Linux systems when they are freshly installed. I think there is a simple solution that I used one time -- but now I can't remember it.

If you ever found a solution to this problem, could you let me know? Thanks.

- Sue Polyson Evans

 

[ifincham]

Hi,







Firstly, if you do 'netstat -ap' you will almost certainly see that the program listening to the ftp & telnet ports is xinetd (or inetd). In other words, the ftp & telnet servers are NOT running as such but xinetd is listening for traffic on their behalf. The way these servers run is 'on-demand' under control of xinetd (or inetd) which launches the actual server on demand - but only if the conditions in the appropriate config file are satisfied.







I have a suspicision that RH 6.2 had the older inted instead of xinetd. If so you need to look in '/etc/inetd.conf' to see if there are any restrictions for the services. Otherwise, for xinetd, there are individual config files in /etc/xinetd.d - for example /etc/xinetd.d/wu-ftpd . These can have restrictions, e.g 'only_from = 127.0.0.1'.







You can rule out xinetd/inetd by running the server on its own (as root) :







/etc/rc.d/init.d/xinetd stop (or inetd)



/usr/sbin/in.ftpd -S







This should set the ftp server running directly ('ps -aux | grep ftpd' to confirm). Then try to connect again.



Look also in /ftp/access & /ftp/hosts for restrictions.







Hope this helps