Tuesday, January 11, 2011

What does this UFW log mean?

CC-02 kernel

[  399.656733] [UFW BLOCK] IN=eth0 OUT= MAC= SRC=192.168.2.11 DST=192.168.2.22 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=14158 DF PROTO=TCP SPT=47368 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0

The output from sudo ufw status verbose

Status: active  
Logging: on (low)  
Default: deny (incoming), allow (outgoing)  
New profiles: skip  

To                         Action      From  
--                         ------      ----  
Anywhere                   ALLOW IN    192.168.2.0/24 137,138/udp (Samba)  
Anywhere                   ALLOW IN    192.168.2.0/24 139,445/tcp (Samba)  
22                         ALLOW IN    192.168.2.0/24  

I am trying to ssh to CC-02 using ssh server@CC-02 but I get "Could not resolve host name". But replacing CC-02 with the ip address works fine. I have checked /etc/hosts and /etc/hostname and I have them configured properly. I don't exactly know what the log really means. Do I need to open another port?

From ubuntu rEnr3n
  • Your rules look fine for ssh, but I think you have some name resolution problems, as proven by it working if you use the IP address. You say that your hosts file, etc is set up correctly. is that on the target machine or the source? The source machine needs to be able to get the target machines name ... a good way of doing this is by enabling DHCP on your router. If you want to verify that this is the problem, manually put an entry in your hosts file on the source machine.

    the strange part is that the log does say the port is blocked ... from what I can see (and from the output of my own UFW status) it should be fine.

    rEnr3n : I missed the part of manually putting an entry to my client's hosts file. It's now recognized.
    From Nerdfest

0 comments:

Post a Comment