Re: ipchains gets confused??? / Rule "disappearing"?

Sun, 5 Dec 1999 11:10:55 -0800 

Good evening, Carric and Bennett,
        We've been trying to track down a similar problem on a few
ipchains boxes as well.  We've been discussing it on the ipchains list.
        Have either of you found the source of your problems?
        I've put together a monitoring tool that checks every 5 minutes to
see if the number of rules has changed since the last run.  It pointed out
a time during the day when the number of rules _was_ changing on our
firewalls - I'm well on the way to finding an answer to our issue, which
appears to be related to running the firewall from cron.
        The tool can be found at
ftp://slartibartfast.pa.net/pub/fwcheck/fwcheck
        Just for reference, our boxes _do_ run a DNS server.
        Cheers,
        - Bill

On Tue, 9 Nov 1999, Carric Dooley wrote:

> Are you running DNS on this box?  I was having a similar problem until I
> shut down DNS.  The problem went away.  =)  I am ashamed to admit, I
> really never dug any deeper because I had other boxes on which to run DNS,
> and I got sidetracked by more important things... I haven't thought of it
> in while.
> 
> On Tue, 9 Nov 1999, Bennett Samowich wrote:
> 
> > This may not be the proper list, however, has anyone here running ipchains 
> > experienced this problem:
> > 
> > A machine running ipchains quits masquerading about once a week (not 
> > constant).  Internal hosts can not get out to the Internet.  Once the 
> > firewall rules script is re-run everything is fine.
> > 
> > I have checked cron for anything running weekly, checked /var/log/* and 
> > found nothing of any interest, checked /proc/sys/net/ipv4/ip_forward and it 
> > is set to '1'.
> > 
> > Any ideas?
> 
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]

---------------------------------------------------------------------------
        My desk has a security flaw.  If I bang my forehead at it for 
two days continuously I can make a hole in it.
        Wuss, bang harder.
        -- Slashdot debate on a Unix security issue
--------------------------------------------------------------------------
William Stearns ([EMAIL PROTECTED]).  Mason, Buildkernel, named2hosts, 
and ipfwadm2ipchains are at: http://www.pobox.com/~wstearns/
--------------------------------------------------------------------------

-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]

Reply via email to