Changing default ports for smoothwall

lhiggins · 04-09-2003, 06:15 AM

Hey guys,

I have smoothwall version 1.0.

Basically with my ISP (optusnet) I have major troubles accessing my server for ports 1024 and below. I tried to change the default ssh port (222) by editing the file:
/usr/local/etc/sshd_config. After I changed the default port and restarted the daemon I lost the service completly!

I also tried sshd -p xxxx
This didnt work either. Can someone please give me some info on how to change the port?

Thanks in advance!

JamesF1 · 04-09-2003, 06:54 AM

The default port for ssh is 22 - not 222. I suspect Smoothwall is will allow you to use port 22 for access the machine with ssh so try again with that. You'll probably have to restart the sshd server again if you've changed the port for the sshd server to listen on.

If check also that you have the correct ssh protocol (either 1 or 2).

lhiggins · 04-09-2003, 07:10 AM

By default smoothwall blocks port 22 and uses 222 for ssh. The ssh protocol is correct also. I have always locally been able to ssh into port 222 but now I would like to change it to something higher than 1024.

JamesF1 · 04-09-2003, 07:38 AM

Okay if that's that port you sshd server is listening on then okay. Your correct that Smoothwall will block 22 by default - so too for port 222 - but that depends on your firewall configuration. What you need to do is look in the firewall configuration and simply change the 222 port for the one that you want to change it to. Save your changes and restart the firewall. You could also try forwarding requests to port 222 to the new port number. Check out the documentation on it.
http://us0.download.smoothwall.org/d...fig.screen.pdf

lhiggins · 04-09-2003, 07:47 AM

Yeah I have read that PDF file. My firewall rules are correct. My ISP is actually filtering some ports below 1024 like ftp and www so i cant host. I need

JamesF1 · 04-09-2003, 08:02 AM

I can understand their motives but I would imagine that if they are doing it for ports below 1024 then they also do if for those above as well. By the way are you trying to access the machine remotely or locally. If it's locally and you can't access it by using the public ip of the machine, try doing it with 127.0.0.1 instead. That way you can be sure that the problem isn't with the sshd server.

lhiggins · 04-09-2003, 09:56 PM

my admin page has been configured on a higher port than 1024. Now I can access it through the interent (red). Where as before when it was port 445 i couldnt. I definitly know this cause I asked my ISP. Therefore the ssh listening port must be above 1024. I can easily contact the default port through localhost and my green network. All I need to do is change the default port for sshd to something above 1024 like 2222.

I think I must have to edit more files than my sshd_config.

JamesF1 · 04-10-2003, 04:46 AM

You should only have to edit your firewall for the ports (and IPs if necessary) and any configuration files for the services you want to access from the outside the firewall. I can't think of anything else that would have any effect (unless you have a router with access control lists defined to block ports).
It seems very strange that your provider would leave the higher port numbers open and just the lower ones. They might be using a proxy and that might be where the problem lies.

lhiggins · 04-10-2003, 09:34 AM

Yes they have a transparent proxy. Yes its the sshd listening port. Believe me this time. I used to have SME server and Gateway which was configured on port 2222 which worked. The default web admin page runs on port 445 which didnt work until I put it on a port higher than 1024.

zeroX · 04-24-2003, 12:12 PM

a simple solution could be forwarding port 2222 on the red to 222 on your green ip... i guess didn't test it