Bug 41854 - rsh client hangs/poll: protocol failure in circuit setup
Summary: rsh client hangs/poll: protocol failure in circuit setup
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: rsh
Version: 7.1
Hardware: i686
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Phil Knirsch
QA Contact: David Lawrence
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2001-05-22 16:12 UTC by Dave Cordner
Modified: 2015-03-05 01:09 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2001-05-23 15:12:39 UTC
Embargoed:

Attachments (Terms of Use)

Description Dave Cordner 2001-05-22 16:12:20 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux 2.4.2-2smp i686; en-US; rv:0.9+)
Gecko/20010520

Description of problem:
This system was installed with workstation configuration and medium security.

When using rsh as a CLIENT from this system I get different failures from
different brands of servers:

- AIX 3.4:  The client hangs.  (I set up an input rule in ipchains to watch
and accept packets from this particular server machine.)  The server sends
3 TCP packets and hangs.  After a control-C, a final 4th packet is sent.

- Solaris 2.7: "poll: protocol failure in circuit setup" is recieved and
I'm kicked back to the prompt.  4 tcp packets received from this server.

How reproducible:
Always

Steps to Reproduce:
1./usr/bin/rsh machine command
2.
3.
	

Actual Results:  AIX: hang
Solaris: "poll: protocol failure in circuit setup"

Expected Results:  Expected results of "command"

Additional info:
Comment 1 Phil Knirsch 2001-05-23 12:48:07 UTC 
Interessting problem, i suspect it has something to do with the ipchains rules...

As we don't have any Solaris or AIX machines around here it would be a big help
if you could reproduce this problem in a Linux-only environment so that i can
reproduce it locally here.

If this is not an option it would help a lot if you could send me the ipchains
rules of the client machine and maybe the tcpdump output when you run rsh.

Thanks in advance for all additional info,

Read ya, Phil
Comment 2 Dave Cordner 2001-05-23 15:12:35 UTC 
You were right.  I didn't have my rules for my servers high enough on the chain.
 The packets I was getting were icmp, the general rule to reject innitiation of
tcp <1024 refused the tcp connections.  When I placed my rules higher in the
chain, the tcp packets got through.

rcp worked just fine because it does all of its work over one tcp connection
which is innitiated from my workstation.

rsh on the other hand requires two connections... one for data and one for
control.  The first connection for the rsh client is set up by my workstation. 
The SERVER then tries to innitiate the second connection to send the data, but
is promptly rejected by the medium security firewall rules.

This is certainly not an rsh bug.

The rsh client (not the server) might be something that is added to the optional
services that are allowed when setting up the medium security.  The RedHat
installation procedure already has options for exceptions like ssh, X, http, etc.

Im not sure if rsh is the only command that uses 1022 though so it might not be
a good idea.

Sorry to bother you.

Dave
Comment 3 Phil Knirsch 2001-06-26 14:29:34 UTC 
Hi Dave!

I'm closing this as NOTABUG then as this has been more of a setup problem, ok?

Thanks for reporting,

Read ya, Phil
Note You need to log in before you can comment on or make changes to this bug.