Marc Cassuto
Mon, 8 Feb 1999 05:41:46 -0500
Hi, I 've just configured an Internet Access with the fallowing : - linux 2.0.34 box (Slackware 3.5) - valid Ip adress from my ISP on eth0 - network 192.168.0.x on eth1 - all network matters well configured - no problems meet with simple forwarding - BUT .... If I try to build a strong firewall, I can't use all the port limitation that should be used with ipfwadm. Have a look at my masquerading configurating file: #!/bin/sh # # /etc/rc.d/rc.masq: Ip masquerading initialization script. # # first deny all acces /sbin/ipfwadm -F -p deny # # Then flush all the rules /sbin/ipfwadm -A -f /sbin/ipfwadm -F -f /sbin/ipfwadm -I -f /sbin/ipfwadm -O -f # # We need particular acces # First the Web /sbin/ipfwadm -F -a m -S 192.168.0.7/32 -D 0.0.0.0/0 ###### THIS WORK FINE BUT ALLOWS ALL ACCESS FOR THIS IP #/sbin/ipfwadm -F -a accept -b -P tcp -S 192.168.0.7/32 80 -D 0.0.0.0/0 1024:65535 ###### BUT THIS DOESN'T WORK !!! ###### AND THIS EXACTLY THE LINE I FOUND IN THE HOWTO !!! In fact as soon as I try to limit access, all the connexion for the specified Ip is blocked !!! And that is the same for any port. I can't even use the -P flag. Is someone who know the answer ??? Sincerely yours, Marc Cassuto. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] For daily digest info, email [EMAIL PROTECTED]