Re: [cobalt-security] pmfirewall , IPCHAINS, CDONTS and mail forwarding

[Gerald Waugh]

On Tuesday 23 April 2002 06:01 pm, Sean Ward wrote:
> Actually, it says:
>
>      ## Set default policy
>      $IPCHAINS -A output -j ACCEPT
>      $IPCHAINS -A input -j DENY -l
>      echo "             Done!"
>      echo ""
>      echo "External: $OUTERIF   $OUTERNET"
>      echo "" ;;
>
> Should it read (assuming 7 IPs):
>
>      ## Set default policy
>      $IPCHAINS -A output -j ACCEPT
>      $IPCHAINS -A input -j DENY -l
>      echo "             Done!"
>      echo ""
>      echo "External: $OUTERIF   $OUTERNET1"
>      echo "External: $OUTERIF:0 $OUTERNET2"
>      echo "External: $OUTERIF:1 $OUTERNET3"
>      echo "External: $OUTERIF:2 $OUTERNET4"
>      echo "External: $OUTERIF:3 $OUTERNET5"
>      echo "External: $OUTERIF:4 $OUTERNET6"
>      echo "External: $OUTERIF:5 $OUTERNET7"
>      echo "" ;;
>
> ???

well, even if it did, you have to define those other interfaces....
and it would not be $OUTERIF:0  it may be OUTERIF0 derived from eth0:0
What does it print out just after DONE?
Probably not your DNS ip address?
look at  /usr/local/pmfirewall/pmfirewall.conf

OUTERIF=eth0
REMOTENET=0/0
OUTERIP=`ifconfig $OUTERIF | grep inet | cut -d : -f 2 | cut -d \  -f 1`
OUTERMASK=`ifconfig $OUTERIF | grep Mas | cut -d : -f 4`
OUTERNET=$OUTERIP/$OUTERMASK

run the above and see what you get?
ifconfig $OUTERIF | grep inet | cut -d : -f 2 | cut -d \  -f 1
ifconfig $OUTERIF | grep Mas | cut -d : -f 4

I assume all your IP addresses are in a class 'c' or smaller subnet.
so it may be you need a mask to define all teh ipaddresses.


-- 
Gerald Waugh : Registered Linux user # 255245
http://www.frontstreetnetworks.com
Front Street Networks LLC - ph. 203.785.0699
229 Front Street, Ste. #C, New Haven, CT, United States of America
10:53pm up 33 days, 6:20, 3 users, load average: 1.11, 1.57, 1.69
_______________________________________________
cobalt-security mailing list
[EMAIL PROTECTED]
http://list.cobalt.com/mailman/listinfo/cobalt-security