Hi,
This is not the usual "unable to telnet to my machine" post. I:
* have ensured that in.telnetd is started from inet.conf
* that hosts.allow/deny are correctly configured
* in.telnetd is listening, and on the correct port
When I check my syslog i notice that tcpd (as I have... (3 Replies)
/* Linux Slackware */
looking in my logs I see tons of entries similar to below. Does anyone know what these mean, and should I be concerned. I looked up a few of the IP's at Arin.net and saw that many of them belong to isp's (not good).. Any information is helpful..
Body of Messages log... (1 Reply)
I want to be able to get telnetd to start a program of my choice or one that I have written . . . or . . . write a daemon of my own to listen on a port other than 23 and when a connection arrives it should create a controlling tty/pty and then launch my program on the client side of the pty.
A... (2 Replies)
I hope someone can enlighten me on this. A few weeks ago, the root file system my UnixWare 7.1.1 server became corrupt so I ended up doing a full restore of the OS from tape backup.
Since then, after I get about 270 users on the system, the message "telnetd: all network ports in use" is... (1 Reply)
Hi folks. I have a quick question on using "telnetd" vs. "telnetd -a".
OS: AIX 5.x (5.1 through 5.3 ML3)
Some engineers at work want to stop using "telnetd -a" and use "telnetd".
(and of course, if I could get a cogent answer from them, I wouldn't be posting this question...) :mad:
The... (0 Replies)
Hello all,
I've got a problem on a V240 running Solaris 9, the telnet daemon won't start. The error message I get is "telnetd: stdin is not a socket file descriptor." I've never seen this message before and I'm not exactly sure what it means. I know generally what stdin, sockets, and file... (4 Replies)
Ok, here i am in 2008 trying to figure out how to edit the port of Telnetd in sco openserver 4.2.
I googled my butt off and cant seem to find any info. Does anyone have some specific howto's or good documentation on this? (2 Replies)
Hi,
When a client connected to AIX server by telnet is killed/crashes, is there a way for telnetd to recognize that and close/kill the application linked/started by that telnet session?
We have a situation where clients disconnect because of frequent network outages, this leaves the... (2 Replies)
Discussion started by: mreyaz
2 Replies
LEARN ABOUT DEBIAN
shorewall-exclusion
SHOREWALL-EXCLUSION(5) [FIXME: manual] SHOREWALL-EXCLUSION(5)NAME
exclusion - Exclude a set of hosts from a definition in a shorewall configuration file.
SYNOPSIS
!address-or-range[,address-or-range]...
!zone-name[,zone-name]...
DESCRIPTION
The first form of exclusion is used when you wish to exclude one or more addresses from a definition. An exclaimation point is followed by
a comma-separated list of addresses. The addresses may be single host addresses (e.g., 192.168.1.4) or they may be network addresses in
CIDR format (e.g., 192.168.1.0/24). If your kernel and iptables include iprange support, you may also specify ranges of ip addresses of the
form lowaddress-highaddress
No embedded whitespace is allowed.
Exclusion can appear after a list of addresses and/or address ranges. In that case, the final list of address is formed by taking the first
list and then removing the addresses defined in the exclusion.
Beginning in Shorewall 4.4.13, the second form of exclusion is allowed after all and any in the SOURCE and DEST columns of
/etc/shorewall/rules. It allows you to omit arbitrary zones from the list generated by those key words.
Warning
If you omit a sub-zone and there is an explicit or explicit CONTINUE policy, a connection to/from that zone can still be matched by the
rule generated for a parent zone.
For example:
/etc/shorewall/zones:
#ZONE TYPE
z1 ip
z2:z1 ip
...
/etc/shorewall/policy:
#SOURCE DEST POLICY
z1 net CONTINUE
z2 net REJECT
/etc/shorewall/rules:
#ACTION SOURCE DEST PROTO DEST
# PORT(S)
ACCEPT all!z2 net tcp 22
In this case, SSH connections from z2 to net will be accepted by the generated z1 to net ACCEPT rule.
In most contexts, ipset names can be used as an address-or-range. Beginning with Shorewall 4.4.14, ipset lists enclosed in +[...] may also
be included (see shorewall-ipsets[1] (5)). The semantics of these lists when used in an exclusion are as follows:
o !+[set1,set2,...setN] produces a packet match if the packet does not match at least one of the sets. In other words, it is like NOT
match set1 OR NOT match set2 ... OR NOT match setN.
o +[!set1,!set2,...!setN] produces a packet match if the packet does not match any of the sets. In other words, it is like NOT match set1
AND NOT match set2 ... AND NOT match setN.
EXAMPLES
Example 1 - All IPv4 addresses except 192.168.3.4
!192.168.3.4
Example 2 - All IPv4 addresses except the network 192.168.1.0/24 and the host 10.2.3.4
!192.168.1.0/24,10.1.3.4
Example 3 - All IPv4 addresses except the range 192.168.1.3-192.168.1.12 and the network 10.0.0.0/8
!192.168.1.3-192.168.1.12,10.0.0.0/8
Example 4 - The network 192.168.1.0/24 except hosts 192.168.1.3 and 192.168.1.9
192.168.1.0/24!192.168.1.3,192.168.1.9
Example 5 - All parent zones except loc
any!loc
FILES
/etc/shorewall/hosts
/etc/shorewall/masq
/etc/shorewall/rules
/etc/shorewall/tcrules
SEE ALSO shorewall(8), shorewall-accounting(5), shorewall-actions(5), shorewall-blacklist(5), shorewall-hosts(5), shorewall_interfaces(5),
shorewall-ipsets(5), shorewall-maclist(5), shorewall-masq(5), shorewall-nat(5), shorewall-netmap(5), shorewall-params(5),
shorewall-policy(5), shorewall-providers(5), shorewall-proxyarp(5), shorewall-rtrules(5), shorewall-routestopped(5), shorewall-rules(5),
shorewall.conf(5), shorewall-secmarks(5), shorewall-tcclasses(5), shorewall-tcdevices(5), shorewall-tcrules(5), shorewall-tos(5),
shorewall-tunnels(5), shorewall-zones(5)NOTES
1. shorewall-ipsets
http://www.shorewall.net/manpages/shorewall-ipsets.html
[FIXME: source] 06/28/2012 SHOREWALL-EXCLUSION(5)