On Friday 14 February 2003 07:22 am, Charles Steinkuehler wrote:
> Lynn Avants wrote:
> > Open the protocols (50 & 51):
> > EXTERN_PORTS="50_0.0.0.0 51_0.0.0.0"
>
> Note that this should be EXTERN_PROTOS, not EXTERN_PORTS.
I have used the line I posted, which is EXTERN_PORTS on the stock
image. It appears to open the designated proto's as well.
>From my /etc/network.conf
# Generic Services open to outside world
# Space seperated list: protocol_srcip/mask_dstport
EXTERN_PORTS="50_0.0.0.0 51_0.0.0.0"
# -or-
# Indexed list: "Protocol SrcAddr/Mask [ DestAddr[/DestMask] ]"
#EXTERN_PROTO0="50 5.6.7.8/32"
#EXTERN_PROTO1="51 5.6.7.8/32"
>From /etc/ipfilter.conf
# Open specified services to the world
for SERVICE in $EXTERN_PORTS; do
$IPCH -A input -j ACCEPT \
-p `echoProto $SERVICE` \
-s `echoIp $SERVICE` \
-d $EX_IP `echoPort $SERVICE` -i $EXTERN_IF
done; unset SERVICE
I don't believe the EXTERN_PROTOx is required.
--
~Lynn Avants
Linux Embedded Appliance Firewall developer
http://leaf.sourceforge.net
-------------------------------------------------------
This SF.NET email is sponsored by: FREE SSL Guide from Thawte
are you planning your Web Server Security? Click here to get a FREE
Thawte SSL guide and find the answers to all your SSL security issues.
http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0026en
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
