Folks, Here is what finally worked: ... EXTERN_UDP_PORT0 "0/0 domain" ... EXTERN_TCP_PORT0 "0/0 www" EXTERN_TCP_PORT1 "0/0 smtp" EXTERN_TCP_PORT2 "0/0 imap" EXTERN_TCP_PORT3 "0/0 domain" ...
INTERN_SERVERS="tcp_216.12.w.z_domain_192.168.x.y_domain udp_216.12.w.z_domain_192.168.x.y_domain tcp_216.12.w.z_www_192.168.x.y_www tcp_216.12.w.z_smtp_192.168.x.y_smtp tcp_216.12.w.z_imap_192.168.x.y_imap"
and recall this is ~2 year old Dachstein. Apparently the {$EXTERN_IP} phrase caused the problem. I recall another post to the list that mentioned this. WHen I substituted the actual external IP, the Port-FW section of the firewall rules weblet page has the correct indications. Someone might want to verify the latest version of Dachstien doesn't have the same problem.
Also, the use of "all" in place of tcp or udp did not work (?).
This is not the end of the story, since I need to establish that my Win2003 DNS server actually resolves from the outside and get networksolutions to forward to the external IP.
Thanks to everyone for their help so far. Rick.
+++++++++++++++ Lynn Avants wrote: ++++++++++++++++++
On Tuesday 09 December 2003 08:47 pm, Dr. Richard W. Tibbs wrote:
> Folks:
> As I mentioned in my last post, I have not had luck with the following
> command: INTERN_SERVERS="tcp_${EXTERN_IP}_domain_192.168.x.y_domain
> udp_${EXTERN_IP}_domain_192.168.x.y_domain"
>
> I get no port forwarding for ports 53. I do get several messages
> complaining about "invalid protocol" just before the firewall login prompt.
> Is the above a space-separated list like all the others?
> What is wrong with it?
> TIA, Rick.IIRC, it is supposed to be space-seperated. An alternate version:
INTERN_SERVERS="all_${EXTERN_IP}_53_192.168.x.y_53"While it might not be exactly what your looking for, it simplifies the possibility of error. The improper protocol message tends to indicate that something other than a standard protocol name number was used (ie... tcp, udp, gre/47, imcp, etc...) or a syntax error in the variable. Unfortunately, tonight nothing obvious stands out. -- ~Lynn Avants Linux Embedded Appliance Firewall Developer http://leaf.sourceforge.net http://guitarlynn.homelinux.org:81
------------------------------------------------------- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
