>> I installed IPCHAIN and PMfirewall on a raq3i and everything was working >> fine until several customers all-using MAC systems complained about that >> they where unable to contact siteadmin pages anymore. The customers have >> different versions of MAC OS and are on different networks, but all of them >> are denied to login to siteadmin.
>> Cheeking the log this is what I can find: >> Apr 29 18:33:58 www kernel: Packet log: input DENY eth0 PROTO=6 >> 152.93.xx.xx:49163 65.194.xx.xx:81 L=48 S=0x00 I=27950 F=0x4000 T=235 SYN >> (#47) <snip> If this is a DEFAULT installation of pmfirewall then you need to allow access to port 81 - not generally allowed by the pmfirewall script - all ports below 1024 are closed unless otherwise opened. You will probably find that you cannot also get to the raq /admin either. vim /usr/local/pmfirewall/pmfirewall.rules.local (or wherever you installed pmfirewall) and look for the lines:- #HTTPD $IPCHAINS -A input -p tcp -s $REMOTENET -d $OUTERNET 80 -j ACCEPT After this add the line $IPCHAINS -A input -p tcp -s $REMOTENET -d $OUTERNET 81 -j ACCEPT save, exit and do /usr/local/pmfirewall/pmfirewall restart this should then allow you access. Rob _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
