Thanks a lot Charles, I fixed and it worked right away. I must also add that
I really appreciate your wonderful scripts.
----- Original Message -----
From: "Charles Steinkuehler" <[EMAIL PROTECTED]>
To: "Binh Do" <[EMAIL PROTECTED]>
Sent: Monday, September 17, 2001 10:23 AM
Subject: Re: [Leaf-user] Cannot access private DMZ server from outside
> > I tried to set up a private Web DMZ server using Charles' script. The
> server
> > resides on segment 192.168.2.x and my internal is on another segment
> > 192.168.1.x.
> >
> > Everything seems fine when I access it from within my internal segment
> both
> > using the 192.168.2.x IP and the public IP. But from outside I cannot
> access
> > it and I got the following error logging:
> >
> > ...: Packet log: input DENY eth0 PROTO=6 24.76.65.188:2678
209.121.65.3:80
> > L=48 S=0x00 I=35451 F=0x4000 T=118 SYN (#44)
> >
> > What can be the cause in my firewall script?
>
> You have to allow the external requests through the firewall, which by
> default blocks inbound TCP start of connection requests. Assuming you're
> using the port-forwarding DMZ, you need to add the web port (80) to your
> allowed inbound TCP connections:
>
> EXTERN_TCP_PORTS="0/0_www"
>
> This allows anyone on the internet (0/0) to access the web service. Note:
> The www port is defined in /etc/services. You must use a name that
appears
> in /etc/services, or the specific port number (80 in this case).
>
> Charles Steinkuehler
> http://lrp.steinkuehler.net
> http://c0wz.steinkuehler.net (lrp.c0wz.com mirror)
>
>
>
_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
