PuTTY tells me "Software caused connection abort" if I start the DSL connection.
Hi all, I've searched the last 2 days for a solution, but found nothing. So I try it here. I've set up a "normal" HomeLAN with a Linux Gateway (SuSE 8.1) and several Windows Clients. The Linux Box has the following ethernet devices: eth0 -- 192.168.0.1/24 -- connected to LAN eth1 -- 192.168.1.100/24 -- connected to DSL Modem The sofware I use are (all shipped with SuSE): smpppd cineternet iptables SuSEfirewall2 First, the connection from the gateway and the clients (over masquerading) to the internet works fine and fast. I can dial in and out. Ok, now my problem. To dialin or out I connect to the gateway using PuTTY as ssh client. (I have configured the firewall to accept ssh --> FW_SERVICES_INT_TCP="ssh") The connect works, so I can start the dialin with #> cinternet --start Now it happens... After a few seconds my PuTTY session don't react on my input and after some more time I get a POPUP telling me: "Software caused connection abort". Then I have to wait till the dialin process has finished. Then I can start a new PuTTY session to the gateway. I think it must be the firewall who disconnects me, because if I restart the firewall without dialin in, my PuTTY session just hangs about 2 seconds. But if I am dialed in (so my ppp interface is up) and I restart the firewall, the "connection abort" error occours again. Thanks for your help. Christian
* ce-em; <ce-em@onlinehome.de> on 01 Dec, 2002 wrote:
Hi all, I think it must be the firewall who disconnects me, because if I restart the firewall without dialin in, my PuTTY session just hangs about 2 seconds. But if I am dialed in (so my ppp interface is up) and I restart the firewall, the "connection abort" error occours again.
When the firewall restarts all the rules are flushed so your ssh connection can not continue as their is no rule to allow that. If you want to manually start the dialin process ( why you want it is not clear for my understaning) you may use a serial console access which is not affected by the firewall rules -- Togan Muftuoglu Unofficial SuSE FAQ Maintainer http://dinamizm.ath.cx
Hello, so, there is no other way than a serial console? The last installation of the gateway used ipchains... there it was no problem. I want to manually start the dialin, becaus I want to have the control over it. (If I am not at my PC, there is no need for an internet connection) Thanks for your help! Christian Togan Muftuoglu wrote:
* ce-em; <ce-em@onlinehome.de> on 01 Dec, 2002 wrote:
Hi all, I think it must be the firewall who disconnects me, because if I restart the firewall without dialin in, my PuTTY session just hangs about 2 seconds. But if I am dialed in (so my ppp interface is up) and I restart the firewall, the "connection abort" error occours again.
When the firewall restarts all the rules are flushed so your ssh connection can not continue as their is no rule to allow that.
If you want to manually start the dialin process ( why you want it is not clear for my understaning) you may use a serial console access which is not affected by the firewall rules
* ce-em; <ce-em@onlinehome.de> on 01 Dec, 2002 wrote:
Hello,
so, there is no other way than a serial console? The last installation of the gateway used ipchains... there it was no problem.
I want to manually start the dialin, becaus I want to have the control over it. (If I am not at my PC, there is no need for an internet connection)
I am not sure (as I have flat rate) yet there sgould be option for dial on demand so it will start the connection when you have asked something from the internet ie mails, or surfing the web etc. Maybe this is another alternative -- Togan Muftuoglu Unofficial SuSE FAQ Maintainer http://dinamizm.ath.cx
* Togan Muftuoglu wrote on Sun, Dec 01, 2002 at 16:45 +0200:
* ce-em; <ce-em@onlinehome.de> on 01 Dec, 2002 wrote:
Hi all, I think it must be the firewall who disconnects me, because if I restart the firewall without dialin in, my PuTTY session just hangs about 2 seconds. But if I am dialed in (so my ppp interface is up) and I restart the firewall, the "connection abort" error occours again.
When the firewall restarts all the rules are flushed so your ssh connection can not continue as their is no rule to allow that.
This results in a 2 second delay, not in a connection drop. When I restart my firewall script, which also recreates all rules, the SSH don't stop, independent if I'm dialed-up or not. Ohh, and please note, it can be dangerous, when you do a restart on a shell, ssh gets closed and dropped, there is no controlling terminal and the script execution stops - at closed SSH...
If you want to manually start the dialin process ( why you want it is not clear for my understaning) you may use a serial console access which is not affected by the firewall rules
Hum, a serial line as workaround for a script bug?! Strange, I would suggest to fix the bug... Maybe the problem has to do with /etc/ppp/ip-up, which is not very easy to analyze. Read it and add some logger statements. Afterwards, check syslog to get hints. Or try to start /etc/ppp/ip-up with correct parameters from command line, maybe prefixed with a "bash -x" and see what happens. oki, Steffen -- Dieses Schreiben wurde maschinell erstellt, es trägt daher weder Unterschrift noch Siegel.
On Mon, 02 Dec 2002, Steffen Dettmer wrote:
* Togan Muftuoglu wrote on Sun, Dec 01, 2002 at 16:45 +0200:
* ce-em; <ce-em@onlinehome.de> on 01 Dec, 2002 wrote:
Hi all, I think it must be the firewall who disconnects me, because if I restart the firewall without dialin in, my PuTTY session just hangs about 2 seconds. But if I am dialed in (so my ppp interface is up) and I restart the firewall, the "connection abort" error occours again.
When the firewall restarts all the rules are flushed so your ssh connection can not continue as their is no rule to allow that.
This results in a 2 second delay, not in a connection drop. When I restart my firewall script, which also recreates all rules, the SSH don't stop, independent if I'm dialed-up or not. Ohh, and please note, it can be dangerous, when you do a restart on a shell, ssh gets closed and dropped, there is no controlling terminal and the script execution stops - at closed SSH...
If you want to manually start the dialin process ( why you want it is not clear for my understaning) you may use a serial console access which is not affected by the firewall rules
Sorry for late follow-up to this thread. I did not see the version that ce-em is using. However I successfully remote control my SuSE Linux 7.3 gateway with wvdial in a bash ssh session. I just tried with the script /usr/sbin/cinternet --start that also works ok without interrupting putty. My gateway runs SuSE Linux 7.3 and has used 33.6 and 56k dial-up modems (dial out only.) (ssh remote control by PuTTY release 0.52 on W2K SP2 and SP3 , but I also do this same task from OpenSSH (ssh) on a SuSE 7.3 laptop with dhclient -- gateway runs dhcpd.) I have done this with either personal-firewall or SuSEfirewall2 running on the gateway. SSH session from local LAN (eth0) is never dropped. I can't troubleshoot your situation - sorry - but just for information that it can work in case you to choose to persist and find the bug. It just seemed easy enough to me that I did not experiment with dial-on-demand yet. Maybe ce-em's situation is exposing an obscure bug in one of the dial-out scripts that mine does not. ??? dproc
Hi all, ok... the topic is a little bit old... but my problem has gone since I installed the SuSEfirewall2 patch: SuSEfirewall2-3.1-26.noarch.patch.rpm This makes me very happy ;-) - Now my ssh session is not dropped, and the dialin process is now faster than before. (Witchout patch ~1min from "cinternet -start" to "getting data from a website") Is it possible to get info about what the patch is changing? Than maybe I could get an idea of the failure source.. (Hmm, seems to be bad english... sorry) Thanks for your help... Christian dproc@dol.net wrote:
On Mon, 02 Dec 2002, Steffen Dettmer wrote:
* Togan Muftuoglu wrote on Sun, Dec 01, 2002 at 16:45 +0200:
* ce-em; <ce-em@onlinehome.de> on 01 Dec, 2002 wrote:
Hi all, I think it must be the firewall who disconnects me, because if I restart the firewall without dialin in, my PuTTY session just hangs about 2 seconds. But if I am dialed in (so my ppp interface is up) and I restart the firewall, the "connection abort" error occours again.
When the firewall restarts all the rules are flushed so your ssh connection can not continue as their is no rule to allow that.
This results in a 2 second delay, not in a connection drop. When I restart my firewall script, which also recreates all rules, the SSH don't stop, independent if I'm dialed-up or not. Ohh, and please note, it can be dangerous, when you do a restart on a shell, ssh gets closed and dropped, there is no controlling terminal and the script execution stops - at closed SSH...
If you want to manually start the dialin process ( why you want it is not clear for my understaning) you may use a serial console access which is not affected by the firewall rules
Sorry for late follow-up to this thread.
I did not see the version that ce-em is using. However I successfully remote control my SuSE Linux 7.3 gateway with wvdial in a bash ssh session.
I just tried with the script /usr/sbin/cinternet --start that also works ok without interrupting putty.
My gateway runs SuSE Linux 7.3 and has used 33.6 and 56k dial-up modems (dial out only.)
(ssh remote control by PuTTY release 0.52 on W2K SP2 and SP3 , but I also do this same task from OpenSSH (ssh) on a SuSE 7.3 laptop with dhclient -- gateway runs dhcpd.)
I have done this with either personal-firewall or SuSEfirewall2 running on the gateway. SSH session from local LAN (eth0) is never dropped.
I can't troubleshoot your situation - sorry - but just for information that it can work in case you to choose to persist and find the bug. It just seemed easy enough to me that I did not experiment with dial-on-demand yet.
Maybe ce-em's situation is exposing an obscure bug in one of the dial-out scripts that mine does not. ???
dproc
participants (4)
-
ce-em -
dproc@dol.net -
Steffen Dettmer -
Togan Muftuoglu