Le Mercredi 18 Avril 2001 19:44, vous avez écrit :
> I wasn't able to get it working using the method you stated but I was ble
> to make it work by adding the following ipchains rule to
> /etc/rc.d/init.d/bastille-firewall:
>
> $IPCHAINS -A input -p tcp -s 192.168.10.10/32 -d 192.168.10.1/32 8443 -j
> ACCEPT
>
> In the above line "192.168.10.10/32" refers to the external computer
> administering the Firewall. the "/32" limits it to that address only. The
> 192.168.10.1/32 8443" refers to the IP Address (192.168.10.1/32) and admin
> port (8443) on the external Network Card of the firewall.
OK, glad you were able to solve your problem. My explanations were certainly
not practical enough for your need :-)
We will certainly add this possibility (restrict external access to specific
hosts), in a configurable way, in the future (unfortunately we can't do it
now since we have frozen the development).
With your above rule, though, don't forget to close (or just not open) port
8443 in Internet Traffic (I'm sure you did; I tell this just in case other
people are interested in your solution); otherwise it will override this rule
by allowing any external host to connect on port 8443.
Regards,
Renaud
