[pkg-firebird-general] fb2-ss 1.5.3.4870-8: "connection rejected for" problem

Ilja Marchew brammator at gmail.com
Thu Jun 15 12:41:57 UTC 2006 

Remote machine is windows with IBexpert; but according to network
data, denial happens before any user/password checking:

11:16:54 sharea:~# ngrep -x -d eth0 '.*' port 3050
interface: eth0 (192.168.99.0/255.255.255.0)
filter: (ip or ip6) and ( port 3050 )
match: .*
####
T 192.168.99.100:1335 -> 192.168.99.16:3050 [AP]
  00 00 00 01 00 00 00 13    00 00 00 02 00 00 00 1d    ................
  00 00 00 00 00 00 00 08    00 00 00 02 01 00 00 00    ................
  00 00 00 08 00 00 00 01    00 00 00 02 00 00 00 03    ................
  00 00 00 00 00 00 00 08    00 00 00 1d 00 00 00 02    ................
  00 00 00 03 00 00 00 01    00 00 00 09 00 00 00 01    ................
  00 00 00 02 00 00 00 03    00 00 00 02 00 00 00 09    ................
  00 00 00 1d 00 00 00 02    00 00 00 03 00 00 00 03    ................
  00 00 00 0a 00 00 00 01    00 00 00 02 00 00 00 03    ................
  00 00 00 04 00 00 00 0a    00 00 00 1d 00 00 00 02    ................
  00 00 00 03 00 00 00 05    00 01 00 0a 00 00 00 01    ................
  00 00 00 02 00 00 00 03    00 00 00 06 00 01 00 0a    ................
  00 00 00 1d 00 00 00 02    00 00 00 03 00 00 00 07    ................
##
T 192.168.99.16:3050 -> 192.168.99.100:1335 [AP]
  00 00 00 04                                           ....

(that's the only packets)

..and yes, my shame: isql-fb from another linux machine connects just
fine, but first incoming packet contains hostname and username of
client machine/user, only second incoming packet contains DB
username/password pair:

16:35:43 sharea:~# ngrep -x -d eth0 '.*' port 3050
interface: eth0 (192.168.99.0/255.255.255.0)
filter: (ip or ip6) and ( port 3050 )
match: .*
####
T 192.168.99.17:34506 -> 192.168.99.16:3050 [AP]
  00 00 00 01 00 00 00 13    00 00 00 02 00 00 00 24    ...............$
  00 00 00 22 2f 76 61 72    2f 6c 69 62 2f 66 69 72    ..."/var/lib/fir
  65 62 69 72 64 32 2f 64    61 74 61 2f 69 73 39 39    ebird2/data/is99
  31 36 2e 67 64 62 00 00    00 00 00 02 00 00 00 13    16.gdb..........
  01 04 61 63 63 6f 04 09    70 74 73 69 67 6d 61 73    ..acco..ptsigmas
  6b 06 00 00 00 00 00 08    00 00 00 01 00 00 00 02    k...............
  00 00 00 03 00 00 00 02    00 00 00 0a 00 00 00 01    ................
  00 00 00 02 00 00 00 03    00 00 00 04                ............
##
T 192.168.99.16:3050 -> 192.168.99.17:34506 [AP]
  00 00 00 03 00 00 00 0a    00 00 00 01 00 00 00 03    ................
##
T 192.168.99.17:34506 -> 192.168.99.16:3050 [AP]
  00 00 00 13 00 00 00 00    00 00 00 22 2f 76 61 72    ..........."/var
  2f 6c 69 62 2f 66 69 72    65 62 69 72 64 32 2f 64    /lib/firebird2/d
  61 74 61 2f 69 73 39 39    31 36 2e 67 64 62 00 00    ata/is9916.gdb..
  00 00 00 1b 01 1c 03 69    61 6d 1e 0b 48 34 42 50    .......iam..H4BP
  52 66 61 55 56 34 51 3a    04 00 00 00 00 3e 00 00    RfaUV4Q:.....>..
#
T 192.168.99.16:3050 -> 192.168.99.17:34506 [AP]
  00 00 00 09 00 00 00 00    00 00 00 00 00 00 00 00    ................
  00 00 00 00 00 00 00 01    00 00 00 00 00 00 00 00    ................


Is there way to skip 'host/user' check?  Some of manuals says, like,
'..and see /etc/hosts.allow to connect from other hosts', but no more.


2006/6/15, Damyan Ivanov <dam at modsoftsys.com>:
> Ilja Marchew wrote:
> > ii  firebird2-server-common  1.5.3.4870-8
> > ii  firebird2-super-server   1.5.3.4870-8
> > ii  firebird2-utils-super    1.5.3.4870-8
> >
> > on my etch, and now i can't connect from other machine:
> >
> > sharea (Server) Wed Jun 14 10:21:49 2006
> >        SERVER/process_packet: connection rejected for
>
> This is the log on the server. I am particularly interested in the
> error message the client machine gives.
>
> > but can connect from local (either with localhost:/var/lib/... and
> > 192:168.99.16:/var/lib/...)
> >
> > my /etc/hosts is like
> > 127.0.0.1       sharea-local.uncnet.ru sharea-local localhost
> >
> > and /etc/hosts.equiv
> > localhost
> > localhost.localdomain
> > sharea-local
> > sharea-local.uncnet.ru
>
> Are you specifying username/password when connecting from remote
> machine? Please provide the output from
>  isql-fb 192:168.99.16:/var/lib/... -user ABC -password DEF
> when run on a remote machine.
>
>
>
>
> dam
> --
> Damyan Ivanov                           Modular Software Systems
> dam at modsoftsys.com
> phone +359(2)928-2611, 929-3993              fax +359(2)920-0994
> mobile +359(88)856-6067             dam at jabber.minus273.org/Gaim
>
>
>
> _______________________________________________
> pkg-firebird-general mailing list
> pkg-firebird-general at lists.alioth.debian.org
> http://lists.alioth.debian.org/mailman/listinfo/pkg-firebird-general
>
>
>
>

More information about the pkg-firebird-general mailing list