Thanks! I'll pick up "Building Internet Firewalls" and hopefully I can
find a solution to my "problem." Thanks for all you help / explanations!
Rodney
Vince Hoang wrote:
On Tue, Mar 08, 2005 at 02:30:43PM -1000, [EMAIL PROTECTED] wrote:
I have tried turning off my firewall completely, and I still
cannot get out. I have found that if I turn on IP forwarding
/ masquerading, everything works just fine. However, with IP
forwarding / masquerading on, I found that one could still
access the internet if they disabled the proxy server setting
on the Windows box. If possible I would like internet access
"disabled" if someone turns off the proxy server settings on
the Windows box. If I change the gateway back to the original
settings (our main router), then everything works fine.
Your message made it sound like you could not hit tcp/25 and
tcp/110 on the Linux box. If you are trying to hit those ports on
an external server, then yes, you will need to enable NAT on the
box.
My original suggestion does not change, however. Make sure you
open up the necessary ports and leave the rest off. Web access
gets through because by default, you let everything out. Be sure
to move your router to a different physical segment.
I would recommend picking up Zwicky's _Building Internet Firewalls_.
-Vince
_______________________________________________
[email protected] mailing list
http://lists.hosef.org/cgi-bin/mailman/listinfo/luau
--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.308 / Virus Database: 266.7.0 - Release Date: 3/8/2005
