Very Computer

From a relative newbie...
I have an embedded box running a 2.4.23 kernel.
Its got inetd configured for telnet and ftp (both work AOK from a
local connection).
I am trying to access the box via an openvpn tunnel.
I can launch the tunnel OK (over PPP, also running OK).
When I try to telnet or FTP to the other end of the tunnel, nothing
happens.
The tunnel-provider swears the request packets are forwarded to the
embedded box...

So - where does inetd listen for requests ?
What if anything do I need to do to the route table so that inetd
listens for requests from the tunnel ?
Any tips on how to debug, including tools to log what's showing up via
the tunnel ?

Thanks in advance for any help,
Best Regards, Dave

PS: here are the default and a suggested route setting; neither
worked...
netstat -nlp|grep 21
netstat -nlp|grep 23
route

tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 96/inetd
udp 0 0 0.0.0.0:1024 0.0.0.0:* 217/openvpn
tcp 0 0 0.0.0.0:23 0.0.0.0:* LISTEN 96/inetd
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.8.2.161 10.8.2.165 255.255.255.255 UGH 0 0 0 tun0
10.0.0.1 * 255.255.255.255 UH 0 0 0 ppp0
10.8.2.165 * 255.255.255.255 UH 0 0 0 tun0
default * 0.0.0.0 U 0 0 0 ppp0

Quote:>>>> Change default route per suggestions, report again...

route del default
route add default dev tun0

netstat -nlp|grep 21
netstat -nlp|grep 23
route

tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 96/inetd
udp 0 0 0.0.0.0:1024 0.0.0.0:* 217/openvpn
tcp 0 0 0.0.0.0:23 0.0.0.0:* LISTEN 96/inetd
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.8.2.161 10.8.2.165 255.255.255.255 UGH 0 0 0 tun0
10.0.0.1 * 255.255.255.255 UH 0 0 0 ppp0
10.8.2.165 * 255.255.255.255 UH 0 0 0 tun0
default * 0.0.0.0 U 0 0 0 tun0

Have you really confirmed that PPP's working? What about the tunnel? Can
you ping the remote transport point?

If you're using PPP to connect to the embedded device, do you need
OpenVPN on the top of that?

Quote:> Any tips on how to debug, including tools to log what's showing up via
> the tunnel ?

tshark -i ppp0 -nlp     # Monitor PPP layer traffic
tshark -i tun0 -nlp     # Monitor OpenVPN layer traffic
openvpn --verbose 5     # Run OpenVPN protocol/application with logging

I would suggest you first concentrate on something like ping, and then
once you've got that running you may well find that telnet and ftp fall
into place.

Chris

Apologies, should have clarified that:
ping works from the embedded box out to the internet via PPP, and also
via the tunnel.

Thanks !
Best Regards, Dave

Sadly, no tshark in this distro.
I'll crank up the --verbose in openvpn and see it I get any helpful
info.

Thanks again,
Best Regards, Dave

Hello,

DRN a crit :

Quote:

> Sadly, no tshark in this distro.

The 2.4.23 kernel is quite old, so the distro may be old too. Tshark,
the console version of wireshark, was previously named tethereal, as the
console version of ethereal. You can try tcpdump too.

Quote:> DRN a crit :
> > Sadly, no tshark in this distro.

> The 2.4.23 kernel is quite old, so the distro may be old too. Tshark,
> the console version of wireshark, was previously named tethereal, as the
> console version of ethereal. You can try tcpdump too.

Sadly, tcpdump, ethereal, and tethereal are not present either...
Thanks though,
Best Regards, Dave

You can also grab the sources and compile them.

DRN a crit :

Quote:

> Sadly, tcpdump, ethereal, and tethereal are not present either...

If you cannot install a packet sniffer then you may use iptables rules
with the LOG target, although this is less convenient and provides less
information about logged packets.

Hi All - Thanks for the suggestions offered; let me clarify the
situation (apologies if I wasn't clear), and repeat a specific
question:

Clarifications
- I'm trying to set up a tunnel so I can remotely ftp or telnet into
the box
- The embedded box is running kernel 2.4.23
- It is an embedded machine without a full distro
- netfilter (including iptable etc) is not built into the kernel
- after launching PPPD, I can ping the internet via PPP
- after constructing an openvpn tunnel, I can ping the internet via
the tunnel
- inetd seems properly configured as I can telnet or ftp into the box
from a local connection

A specific question
- Where does inetd listen for requests ? What if anything do I need to
do to the route table so that inetd listens for requests from the
tunnel ?

Again, Thanks in advance for any help,
Best Regards, Dave

PS: Suggestions for specific tutorials that would help would also be
appreciated !

Formerly known as tcpdump. Takes the same parameters.
Chris

Chris Davies a crit :

Nope, tshark was formerly known as tethereal. Tcpdump is a different
software.

What are the endpoints? Your client PC and your embedded system? Something else?

Quote:> - after launching PPPD, I can ping the internet via PPP

PPP links what to what? The embedded box to the Internet?

Quote:> - after constructing an openvpn tunnel, I can ping the internet via
> the tunnel

Likewise. I'm not clear on what your tunnel is connecting.

Quote:> - Where does inetd listen for requests?

Usually INADDR_ANY (i.e. everwhere), so you don't need to kick it to
listen on multiple interfaces.

Chris

embedded PC <<==>> openvpn server (to which I hope to connect the PC)

Quote:> > - after launching PPPD, I can ping the internet via PPP

> PPP links what to what? The embedded box to the Internet?

Yup.

Quote:> > - after constructing an openvpn tunnel, I can ping the internet via
> > the tunnel

> Likewise. I'm not clear on what your tunnel is connecting.

Sorry, See separate post...

Quote:> > - Where does inetd listen for requests?

> Usually INADDR_ANY (i.e. everwhere), so you don't need to kick it to
> listen on multiple interfaces.

Great, that's what I was looking for, Thanks !