David Murko wrote:
> i have a linux firewall with ipchains ( it works now ) but i think it must
> be a mistake in the configuration, because when i look at the logfile of my
> web/ftp server in the dmz i always see as incomming ip "222.22.222.89".
You configured IP masquerading (or IP hiding) for nearly all addresses. Because
of this all you see is the firewall's IP address in your logs. The solution to
your problem is to switch off masquerading for the "bad2dmz-incoming" www rule.
But then be sure to have a default route to the firewall set on the webserver.
I guess the configuration then should read somewhere like this - there are some
typos in your configuration btw. (multiple --j instead of -j):
> # "bad" to "dmz" :
>
> ipchains -A bad-dmz -p tcp -d 222.22.222.90 www -j ACCEPT
> ipchains -A bad-dmz -p tcp -d 222.22.222.90 20:21 -j ACCEPT
> ipchains -A bad-dmz -j DENY
Bye
Volker
PS: shortcut to ipchains reference:
http://www.linuxdoc.org/HOWTO/IPCHAINS-HOWTO.html
--
Volker Tanger <[EMAIL PROTECTED]>
--------------------------------------------
Sr. Security Engineer Tel. +49-69-92901-570
--------------------------------------------
Global One
Global Security
Global Service Engineering
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
