On Thu, Jul 10, 2008 at 6:08 PM, MHR mhullrich@gmail.com wrote:
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:login ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:shell
It seems right to me...
Try using "iptables -vL", it will show you how many packets have matched that rule. Then try to rsh or rlogin and see if the numbers change. That should give you a clue to whether it's working or not.
HTH, Filipe
P.S.: Once again: although it's great that you are digging into the problem, using iptables, and learning a lot on the process, you should *REALLY* consider ditching rsh/rlogin and sticking to SSH. I would consider using rsh/rlogin instead of SSH today about the same as using gopher instead of the WWW these days (for those of you who still remember it).