Linux and SCO ppp, firewall issue?

Linusolaradm1 · June 9, 2019, 8:34am

I' m playng a little retrocomputing.
I have setup a virtual machine with SCO unix(3.2v4.2) on qemu
The machine start, the novell2000 card(ne2k_pci,ne2k_isa) unfortunately not,probably driver issue.
So I try the slirp with this procedure
On SCO

    netconfig
    add chain..sl ..etc

On linux

   slattach -s 19200 -d -p slip /dev/pts/2
    ifconfig sl0 192.168.7.1 dstaddr 192.168.7.2 netmask 255.255.255.252 mtu 296 up

At reboot: ping work,telnet work,but when I try a ftp transfer of a little file(7m) the transfer is blocked.
So I have tried PPP and pppd
On SCO

    netconfig
    remove chain sl0
    add chain ppp
    reboot

On linux

    pppd -detach debug local noauth passive lock 192.168.7.1:192.168.7.2 netmask 255.255.255.0 /dev/pts/2 9600 connect /usr/sbin/chat -s -v login:--login: nppp word: nppppassword

The connection is up,but telnet and ftp won't start
Seems blocking by firewall,this is my firewall config

 #!/bin/sh
    
    # We need this for redirection
    echo 1 > /proc/sys/net/ipv4/ip_forward
    
    firewall_start() {
    # Clean
    iptables -F
    iptables -X
    iptables -Z
    iptables -t nat -F
    iptables -t nat -X
    iptables -t nat -Z
    iptables -t mangle -F
    iptables -t mangle -X
    iptables -t mangle -Z
    
    # Default policy
    #iptables -P PREROUTING  ACCEPT
    #iptables -P OUTPUT  ACCEPT
    #iptables -P POSTROUTING  ACCEPT
    #iptables -P INPUT ACCEPT
    #iptables -P FORWARD ACCEPT
    
    # Firewall rules INPUT
    iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
    iptables -A INPUT -i lo -j ACCEPT
    
    # Ssh 
    iptables -A INPUT -p tcp --dport 22 -j ACCEPT
    
    # Ftp
    iptables -A INPUT -s 192.168.178.0/24 -p tcp --dport 20:21 -j ACCEPT
    
    # Rules for dnsmasq
    iptables -A INPUT -i virbr0 -p tcp --dport 67 -j ACCEPT
    iptables -A INPUT -i virbr0 -p udp --dport 67 -j ACCEPT
    iptables -A INPUT -i virbr0 -p tcp --dport 53 -j ACCEPT
    iptables -A INPUT -i virbr0 -p udp --dport 53 -j ACCEPT
    iptables -A INPUT -i virbr1 -p tcp --dport 67 -j ACCEPT
    iptables -A INPUT -i virbr1 -p udp --dport 67 -j ACCEPT
    iptables -A INPUT -i virbr1 -p tcp --dport 53 -j ACCEPT
    iptables -A INPUT -i virbr1 -p udp --dport 53 -j ACCEPT
    iptables -A INPUT -i virbr2 -p tcp --dport 67 -j ACCEPT
    iptables -A INPUT -i virbr2 -p udp --dport 67 -j ACCEPT
    iptables -A INPUT -i virbr2 -p tcp --dport 53 -j ACCEPT
    iptables -A INPUT -i virbr2 -p udp --dport 53 -j ACCEPT
    iptables -A INPUT -i virbr3 -p tcp --dport 67 -j ACCEPT
    iptables -A INPUT -i virbr3 -p udp --dport 67 -j ACCEPT
    iptables -A INPUT -i virbr3 -p tcp --dport 53 -j ACCEPT
    iptables -A INPUT -i virbr3 -p udp --dport 53 -j ACCEPT
    
    # Icmp
    iptables -A INPUT -p icmp --icmp-type 0 -j ACCEPT
    iptables -A INPUT -p icmp --icmp-type 8 -j ACCEPT
    
    # Virbr NAT
    iptables -A FORWARD -i virbr0 -o wlan0 -j ACCEPT
    iptables -A FORWARD -i wlan0 -o virbr0 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
    iptables -A FORWARD -i virbr1 -o wlan0 -j ACCEPT
    iptables -A FORWARD -i wlan0 -o virbr1 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
    iptables -A FORWARD -i virbr2 -o wlan0 -j ACCEPT
    iptables -A FORWARD -i wlan0 -o virbr2 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
    iptables -A FORWARD -i virbr2 -o tun0 -j ACCEPT
    iptables -A FORWARD -i tun0 -o virbr2 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
    iptables -A FORWARD -i virbr3 -o usb0 -j ACCEPT
    iptables -A FORWARD -i usb0 -o virbr3 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
    iptables -A FORWARD -i ppp0 -o wlan0 -j ACCEPT
    iptables -A FORWARD -i wlan0 -o ppp0 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
    iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
    iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
    iptables -t nat -A POSTROUTING -o usb0 -j MASQUERADE
    
    # Log
    #iptables -N LOGGING
    #iptables -A INPUT -j LOGGING
    #iptables -A FORWARD -j LOG
    #iptables -A LOGGING -m limit --limit 2/min -j LOG --log-prefix "IPTables-Dropped: " --log-level 4
    #iptables -A LOGGING -j DROP
    
    #Final rules
    iptables -A INPUT -j REJECT --reject-with icmp-host-prohibited
    iptables -A FORWARD -j REJECT --reject-with icmp-host-prohibited
    }
    
    firewall_stop() {
    # Clean
    iptables -F
    iptables -X
    iptables -Z
    iptables -t nat -F
    iptables -t nat -X
    iptables -t nat -Z
    iptables -t mangle -F
    iptables -t mangle -X
    iptables -t mangle -Z
    }
    
    
    firewall_restart() {
    firewall_stop
    firewall_start
    }
    
    case "$1" in
    'start')
      firewall_start
      ;;
    'stop')
      firewall_stop
      ;;
    'restart')
      firewall_restart
      ;;
    *)
      echo "usage $0 start|stop|restart"
    esac

Any suggestion?Thanks

jgt · June 9, 2019, 1:10pm

tcp is not included with SCO 3.2.4. You need to also install tcp 3.2.1 which was a separately purchased item.

You could use kermit C-Kermit Binaries to transfer the files, or uucp.
You also haven't said which direction the copy is going in, and whether you are pulling the file, or pushing it.

Linusolaradm1 · June 9, 2019, 1:52pm

tcp is installed
otherwise I cannot try the ne2k card and the ppp