On Tue, 20 Feb 2001 06:06, Franki wrote:
> Hi all,
>
> I installed PMfirewall yesterday and it went flawlessly, just answered the
> questions and off it went,, they have done great in that respect...
>
> however, upon setting up the server, I noticed a heap of ipchains errors,
> like this:
> Feb 19 09:50:31 gshop1 pmfirewall: Try `/sbin/ipchains -h' or
<SNIP>
>
> As you can see, at the end it says it suceeded.. so I don't know what that
> is all about,
>
> It is set to autodetect the IP address, and at the time it starts ppp0
> isn't up,, could that be the problem?
Sounds Likely, and if your starting it at boot then most of the IP based
stuff on the ppp0 interface won't be right when you start your dialup.
It depends what your interested in firewalling. if it's just ppp0 that your
concerned about, I'd be inclined to move the PMFirewall startup from rc.local
to /etc/ppp/ip-up.local that way it starts right after the ppp interface
comes up.
If your interested in covering your ppp and eth interfaces from boot. What I
did was get PM firewall started (with the ppp0 interface up), write down the
ipchains rules and amend them to use the ppp0 interface rather than it's ip
address (soembody probably has a better answer) and run an ipchains script
(getting rid of PMFirewall)
Andrew
