Is it possible to find whether the firewall (iptables) or tcpwrapper is blocking a connection without accessing the remote server? (Maybe with tcpdump?)
Asked
Active
Viewed 670 times
2
-
A firewall on your side, or on the remote side? I.e., can you log into the firewall? – derobert Apr 20 '15 at 20:29
-
Remote side. The scenario is like I am not able to log into the remote server anyway. (Not a real scenario, I am trying to learn). – prado Apr 20 '15 at 21:04
1 Answers
1
The IP network layer doesn't know if a tcpwrapper is blocking the connection. Even when tcpwrapper blocks, the network port will appear as "open". Example with sshd being blocked via hosts_access:
$ nc -w1 -v -z host.example.org 1234 nc: host.example.org (192.168.0.130) 1234 [1234] open $ ssh -p 1234 host.example.org ssh_exchange_identification: read: Connection reset by peer
A IP based firewall on the other hand would (in most cases) block the connection on the network level and the port would appear as "closed".
