This was an annoying one. I use the firewall built into Windows XP to do some NAT for machines on the “inside” network. One of the things I do is SSH into the Linux machine, and tunnel things like Remote Desktop over SSH to get to my home desktop from work. So the XP box is connected to the cable modem, and forwards port 22 to the Linux box.
Today I couldn’t SSH in, the connection kept timing out. I get home, and everything seems fine. I can SSH to that box from the Windows machine. My IP address didn’t change. I still can’t SSH in from the outside. I sniff the connection, and see that the request is getting to me, so Comcast didn’t start blocking SSH or anything like that.
I check the firewall settings, and the SSH port forward is still in there and with the right settings. I check the firewall log, and, for some strange reason known only to Windows, it’s dropping the incoming SSH connections. A few of the connection attempts from work from xpfirewall.log:
2005-11-08 12:30:04 DROP TCP my.work.ip.addr my.home.ip.addr 3795 22 48 S 2952839438 0 65535 - - -
2005-11-08 12:30:07 DROP TCP my.work.ip.addr my.home.ip.addr 3795 22 48 S 2952839438 0 65535 - - -
2005-11-08 12:30:13 DROP TCP my.work.ip.addr my.home.ip.addr 3795 22 48 S 2952839438 0 65535 - - -
That’s, umm, stupid. Why drop something that I told it to allow? Gotta love the Windows.
Not wanting to do anything so drastic as a reboot, I close port 22 in the XP firewall and then re-open it. That fixes it, at least for now. Hopefully it won’t become a regular thing.