ftp/rlogin + remote control issue

[araya]

Hello everyone,

I spent a few hours trying to fix my network problems, with no success... I hope i'm posting at the right place

I'm the happy "administrator" of 2 linux boxes under RHEL (both connected to a Windows network).
-distro box 1: 2.4.21-40.ELsmp
-distro box 2: 2.6.9-42.0.3.ELsmp

Issue 1: ftp and rlogin works fine from box 2 to box 1, but i can't make it work from box 1 to box 2.
error messages when trying ftp connection:
ftp: connect: Connection refused
error messages when trying rlogin:
box2: Connection refused
note: I cannot ftp/rlogin from a Windows PC to box 2 either.

Issue 2: launching remote applications. from box 2, i open a terminal window and do the following:
1/. xhost +
2/. rlogin box1
3/. export DISPLAY=box2:0
4/. i try to launch a remote application (say, nedit)
I get the following error message :
NEdit: Can't open display
note: i can use Exceed to launch remote app's from a Windows PC to box1 whithout any problem.

Please just ask if you need extra information.
Thank you in advance!
BR
/jb

[dilbert]

To me, it looks that the appropriate service on one box is disabled.

If you configure the box not to have an ftp service, you can still run an ftp client and use the ftp service of another box. But when this box in exchange runs an ftp client to connect to the first box, then there is no connection possible.

Often, you disable services like ftp for security reasons and to simply not to start useless processes that consume ressources if not needed.

Only I don't know where to enable the ftp service. If you look at the processes with "ps aux" maybe you can spot a process with a name containing ftp.

In this case, an ftp service, would be running, but firewall restrictions might inhibit the traffic.

At least, it's a configuration problem.

[araya]

To me, it looks that the appropriate service on one box is disabled.
[...] but firewall restrictions might inhibit the traffic.

I have the gssftp service running on each linux box.

Regarding the firewall, I frankly do not know if one is installed, and how to check that. I'll check on the www.

Any help is still appreciated

/jb

[dilbert]

Maybe you can try to establish an ftp connection with your loopback 127.0.0.1 device.

I cannot examine this because IT has disabled ftp on both my Linux boxes on my desk and they'll chop my head off if I try to tweak the configuration.

Maybe someone else has two Linux boxes and an ftp service running at least at one of them.

[araya]

they'll chop my head off

lol stay awy from thi IT guys

I can ftp 127.0.0.1 without any problem. Do you think the problem comes from the firewall on the 2nd linux box then? I'm trying to mess around with the IPTables.

[dilbert]

When you can ftp to loopback on both boxes, so these two ftp services themselves should be fine.

I never configured a firewall, but AFAIK you can block there ports (ftp is 21?) in the same way as IP packet headers, for example.

Maybe you could restart the ftp server process with debug (find the command for ftp in "ps aux" and look in "man ftp" if you can specify debug output on the command line, or you get already debug logged from the kernel when you type "dmesg" or there is elsewhere a log telling you about this, as all sorts of hacking attempts are generally logged somewhere) or you use ethereal to monitor the traffic.

The goal is to find out if the network stack itself receives packets to establish an ftp connection, but responds with a denial (or keeps quiet) or if the network stack for a completely different reason doesn't get any IP packets.

[araya]

The IP Tables on box 2 are totally empty... does that mean i have no firewall installed??

I try to get the ftp debug logged. I'll post relevant info ASAP.