hi john,
John Burke a �crit :
>
> Hi:
>
> I'm using cookfire RC1 and have been playing with port forwarding to my
> internal web server. I have noticed that forwarding works fine if I open all
> protocols on the "Users Traffic Filter" page on the web configuration tool.
> However, if I restrict ports it doesn't port forward properly anymore. I'm
> leaving www port open on tcp (as well as smtp,pop,imap,https) and all ports
> on udp. Why is this? I don't really know what ports I should leave open to
> allow port forwarding to work, since it's not obvious to me (a relative
> dummy) why this is happening in the first place. I wonder if anyone else can
> reproduce this and whether this is a "bug" or whether I'm doing something
> wrong. If I wanted to leave all the ports open I could just use a dumb NAT
> router like coyote or freesco or edge, so I would appreciate any input.
If you want to open port forwarding from outside into an internal web
server, you should:
open the www port and forward to your internal ip adresse ( exactly waht
you have done)
But you must also add high_ports ( ex: "1024:" ) in the office traffic
menu.
In this case, your port forwarding will work.
>
> In addition, I've always felt that one of the advantages to the single disk
> floppy router-firewall was robustness following power failures. I have a UPS
floppy disk solution was considered at the beginning of the project,
but du to Main Linux-Mandrake
compatibility , it was not possible.
but you can easily make your own distro based on rescue disk, or
see this project:
http://www.linuxembedded.org/lem.php3
> on my firewall computer but I'm afraid a long outage might result in corrupt
> filesystems, as opposed to a floppy router running from a ramdisk. Can
> cookfire run from reiserfs to minimize the chance of unrecoverable
> filesystem damage?
You can make an install of cookfire with reiserfs support.
On install boot, press F1, and type expert,
you will enter in the expert mode, which contain an advanced
partitionning menu.
>I suppose I could set up a UPS shutdown daemon if I could
> find the right serial cable for my UPS, which might not be a bad idea in any
> case.
Another good features.
>
> Thanks to all,
>
> John
thanks.
--
Philippe Libat <[EMAIL PROTECTED]>
Linux-Mandrake http://www.linux-mandrake.com
_____________________________________________
Think Different, Think Linux
