Hello again,
Now I found some strange things...
First of all I'm using Lan2Lan with SNF (latest 06/07)
If I enable Snort in the Alert section and reboot SNF, it stops loading
when it tries to start the bastille-firewall?
But if I don't reboot, everything works great, including Snort? Is
there a workaround for this? or is it just me having this problem :)
If I use my own internal DNS in /etc/resolv.conf and then fix the
correct settings for it in the firewall services section, everything
works great until I reboot. It then stops loading on eth0 because it
doesn't have the rights to use the internal DNS..yet :) But if I wait
for an hour or 2 it will then finally boot up (get the feeling from
another OS?). Can I do a something to fix this issue?
And the last thing wich is a little bit annoying..
If I use the internet section to forward access (port 80) to my
internal www-server, Squid stops working??
And I can't forward access on port 514 udp (syslog) from external to
internal, no errors, no nothing, it just doesn't forward the packets?
sincerely
/joffe
-----Ursprungligt meddelande-----
Fr�n: florin [mailto:[EMAIL PROTECTED]]
Skickat: den 7 juni 2001 18:44
Till: cooker-firewall
Kopia: florin
�mne: FW: Re: SV: SV: [Cooker-firewall] Found another bug in SNF
[EMAIL PROTECTED] writes:
Hello again,
> >first of all sorry for the tone of my response but i'm tired of
> so-called
> >bug-reports saying it doesn't work without providing any information.
> >Here, we're really trying to listen and improve things, but I don't
> know
> >how clear is it from the other side :) My appologies.
>
> np :)
thank you for your comprehension :)
> The problem was not in the office traffic section (they're set to
> all,all)
> The problem was in the internet traffic section.
> I authorized incoming udp ports (1024:) and didn't specify any
> desination hosts on the internal lan.
> Now UT works great!!
did i say office traffic ? (oups)
> I've found several "glitches" wich I hope will be fixed in the next
> release.
>
> Support for DMZ and proxy arp would be VERY nice :)
> Maybe ip-aliasing too...
ok, these are already on the TODO list :)
> And I saw something about dyndns support in the backup-file!?
> Are you going to add that in the admin interface as well?
yup, we've planned that too
sincerely,
--
Florin http://www.mandrakesoft.com
WINMAIL.DAT
