Hello Everyone,
Jeez, in an effort to add IP Spoofing rules to my "very simple"
MASQ rules I seem to nearly have broken everything. It's all back
now but my existing MASQ rule for my dynamic ISP is:
/sbin/ipfwadm -F -f
/sbin/ipfwadm -F -a accept -m -S 192.168.7.0/24 -D 0.0.0.0/0
and that has worked for ALL four boxes on my Red Hat 5.1, 2.0.34
machines with a win95'er in there for 6 months.
I tried to add the IP Spoofing rules I read in "Linux Network
Toolkit" which is:
/sbin/ipfwadm -I -a deny -V 192.168.7.1 -S 192.168.7.0/24 -D
0.0.0.0/0
/sbin/ipfwadm -I -a deny -V 192.168.7.1 -S 192.168.7.1 -D 0.0.0.0/0
My MASQ machine being 192.168.7.1
I think as I read this I may have an error in the bottom line. Maybe
I don't need the bottom line?
I think now that I'm kinda lucky for I've never gotten the same IP
address from my ISP in the last 6 months having a dynamic IP, I
check it and log it daily, I think I'd be in real security trouble
if I had a static IP with my lack of knowledge.
--
"If your life was nothing but sunshine, you'd just be a desert."
______________ Linux/Unix "Future Guru" Anthem ________________
Bill Schoolcraft
http://home.att.net/~wiliweld
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]
