Okay, so I finally got the darn box up and running with a "real" (3Com)
network card.
I can ping the other machines on my internal 192.168.0.x network from the
gnatbox, and vice versa.
However, when I use the config tool to change the default route to the DNS
server on my ISPs net, I get an error message at the bottom of the screen
"Unable to save network information. File exists."
Here's the configuration data from the web interface. I'm the
quintissential "clueless newbie" when it comes to network configs, so I'm
gonna need all the help I can get.
Ignore the date on the report, it's obvious that the RTC needs work.
:-{)
GNAT Box Software Configuration Summary
GNAT Box Light Version: 3.0.1 Sun Sep 13
10:47:03 1998
BASIC CONFIGURATION
DNS
disabled
FEATURES
NETWORK INFORMATION
LOGICAL INTERFACES
Name Type IP Address Netmask NIC
------------------- --------- --------------- --------------- -----
EXTERNAL EXTERNAL 0.0.0.0 PPP
PROTECTED PROTECTED 192.168.0.2 255.255.255.0 ep0
NETWORK INTERFACE CARDS
NIC MAC Address MTU State Options
----- ----------------- ----- ----- -------
ep0 XX:XX:XX:XX:XX:XX
PPP 1500 up MANUAL
Default route (gateway): PPP
Hostname: guardian
PPP
Connection type: On-demand
Port: COM1
User name: rhurd
Password: ******
Default Negotiated
Local address: 0.0.0.0 0.0.0.0
Remote address: 198.69.204.2 198.69.204.2
Parity: none
Speed: 57600
Use cts/rts: yes
Retries: 3
Retry wait time: 10 seconds
Timeout: 600 seconds
Phone number: ZZZ-ZZZ-ZZZZ
Abort keywords: BUSY NO\sCARRIER NO\sDIALTONE
Dial chat: TIMEOUT 5 "" ATE1V1Q0 OK-AT-OK \dATDT${NUM} TIMEOUT 60
CONNECT
Login chat: TIMEOUT 5 gin:-\r-gin: ${USERNAME} word: ${PASSWORD}
Address and field: enable accept
Line quality report: disable deny
Predictor 1: enable accept
Protocol field: enable accept
Van Jacobson: enable accept
Authentication: none
Debug: none
PREFERENCES
CONTACT INFORMATION
Name:
Company:
Email Address:
Phone number:
Serial number:
Support email: [EMAIL PROTECTED]
KEYBOARD LAYOUT
United States ISO-8859-1
SCREEN SAVER
Timeout: 600 seconds
REMOTE LOGGING
Message logging facility is disabled.
Filter facility: local1
NAT facility: local0
WWW facility: local2
Open priority: notice
Close priority: notice
WWW priority: notice
AUTHORIZATION
ADMINISTRATION ACCOUNTS
Index User Permissions
----- --------------- -------------------------
1 gnatbox admin console www remote
EMAIL PROXY
disabled
REMOTE ADMINISTRATION
WWW Server: enabled
Updates: enabled
Port: 80
RMC Server: enabled
Updates: enabled
Port: 77
URL BLOCKING
disabled
MOBILE CODE BLOCKING
JAVA blocking: disabled
JAVA script blocking: disabled
ActiveX blocking: disabled
ROUTING
RIP
disabled
STATIC ROUTES
Index IP Address Netmask Gateway
----- --------------- --------------- ---------------
OBJECTS
ADDRESSES
1 ANY_IP - DEFAULT: Matches all IP addresses.
Index Beginning Ending
----- --------------- ---------------
1 0.0.0.0 255.255.255.255
FILTERS
OUTBOUND
1 #DEFAULT TRADITIONAL URL PROXY: allow access to DNS.
DISABLED - Accept "PROTECTED" UDP
from "ANY_IP"
to "ANY_IP" 53
2 #DEFAULT NO TRADITIONAL URL PROXY: Allow protected network access to
anywhere.
Accept "PROTECTED" ALL
from "ANY_IP"
to "ANY_IP"
REMOTE ACCESS
1 #DEFAULT: Allow protected network access to WWW remote admin server.
Accept "PROTECTED" TCP
from 192.168.0.0/255.255.255.0
to 192.168.0.2/255.255.255.255 80
2 #DEFAULT: Allow protected network access to RMC remote admin server.
Accept "PROTECTED" TCP
from 192.168.0.0/255.255.255.0
to 192.168.0.2/255.255.255.255 77
3 #DEFAULT TRADITIONAL URL PROXY: Allow connections to URL proxy.
DISABLED - Accept "PROTECTED" TCP
from "ANY_IP"
to 0.0.0.0/0.0.0.0 2784
4 #DEFAULT EMAIL PROXY: Allow connections to email proxy.
DISABLED - Accept "EXTERNAL" TCP
from "ANY_IP"
to "ANY_IP" 25
5 #DEFAULT: Block/nolog discard bootp, netbios, snmp, and rwho.
Deny ANY UDP nolog
from "ANY_IP"
to "ANY_IP" 9 67 68 137 138 161 513
6 #DEFAULT NO RIP: Block/nolog rip.
Deny ANY UDP nolog
from "ANY_IP"
to "ANY_IP" 520
7 #DEFAULT RIP: Accept UDP rip.
DISABLED - Accept ANY UDP
from "ANY_IP"
to "ANY_IP" 520
8 #DEFAULT RIP: Accept IGMP multicast for router addresses.
DISABLED - Accept ANY 2
from "ANY_IP"
to 224.0.0.0/255.255.255.0
9 #DEFAULT RIP: Accept router solicititations and advertisements
DISABLED - Accept ANY ICMP
from "ANY_IP"
to 224.0.0.0/255.255.255.0 9 10
10 #DEFAULT STEALTH: Block with alarm any other access to external
interface.
DISABLED - Deny "EXTERNAL" ALL alarm
from "ANY_IP"
to "ANY_IP"
11 #DEFAULT: Accept/nolog authentication (ident).
Accept ANY TCP nolog
from "ANY_IP"
to "ANY_IP" 113
12 #DEFAULT: Allow pings and ICMP traceroutes to GNAT Box.
Accept ANY ICMP
from "ANY_IP" 8
to "ANY_IP" 8
13 #DEFAULT: Allow UDP traceroutes to GNAT Box.
Deny ANY UDP nolog genICMP
from "ANY_IP"
to "ANY_IP" 32767:65535
14 #DEFAULT: Block/nolog stale WWW accesses.
Deny ANY TCP nolog
from "ANY_IP" 80
to "ANY_IP" 1024:65535
15 #DEFAULT: Block with alarm any other access to all interfaces.
Deny ANY ALL alarm
from "ANY_IP"
to "ANY_IP"
TIME GROUPS
None
PROTOCOLS
Index Name Number
----- ---------- ------
1 IGMP 2
PREFERENCES
DEFAULT LOGGING
Log ALL packets rejected.
ALARMS
Send email for alarms when 10 seen within 120 seconds.
Send a maximum of 500 alarms per email.
Do not attempt to log host names using reverse DNS.
GENERAL
Stealth mode: disabled
Doorknob twists generate: alarm logMessage
Address spoofs generate: alarm logMessage
EMAIL SERVER
disabled
SNMP TRAPS
disabled
PAGER
disabled
IP PASS THROUGH
HOSTS/NETWORKS
Index Object or Address Range Interface Options
----- -------------------------------- ------------------ ---------
FILTERS
none
NAT
INBOUND TUNNELS
Index Protocol From IP Address Port To IP Address Port Options
----- -------- --------------- ----- --------------- ----- --------
---
TIMEOUTS
ICMP: 15 seconds
TCP wait for ACK: 30 seconds
TCP: 600 seconds
TCP keep alive enabled: yes
UDP: 600 seconds
Wait after close: 20 seconds
---
#The US Government says this is a munition. www.cypherspace.org/~adam/rsa/
#!/bin/perl -sp0777i<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]dsj
$/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1
lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((..)*)$/)
