Today at 09:54, Derek Jennings wrote:
> Yes shorewall will by default block pings from both the Internet and
> the local network. It will also block ALL traffic from the local
> network to the firewall. So if you want to run as a firewall AND as a
> server you must open up traffic to the local network.
> SHorewall is actually pretty easy to configure once you understand it.
> There are a number of text config files. /etc/shorewall/zones defines
> the zones to protect. net- is the internet, fw- is the firewall
> itself, loc- is the local network
> /etc/shorewall/interfaces defines which interface is in which zone.
> /etc/shorewall/policy defines the general firewall policy
> /etc/shorewall/masq defines masquerading (Network address translation)
> /etc/shorewall/rules defines exceptoins to the policy (ports you want
> to open)
> The text is self explanatory
> to allow ping from local net in 'rules'
> ACCEPT loc fw icmp 8
> to open up all services from local net to firewall in 'policy' change
> loc fw ACCEPT
> Then 'shorewall restart' in a root terminal
> see www.shorewall.net for documentation.
Allright, I did all that just now, and after the restart trried to ping
the 2 hosts from the server - no joy. Nothing's changed. I still can't
ping them..
--
Mit freundlichen Grüßen,
Russ.
Sick of democrat and republican lies?
http://badnarik.org/whybadnarik.php
What is freedom, really? See this great flash presentation:
http://www.isil.org/resources/introduction.swf
----------------
Adams signed the Treaty of Tripoli (June 7, 1797). Article 11 states:
The government of the United States is not in any sense founded on the
Christian religion.''
--John Adams (the second President of the United States)
----------------
A ship under sail and a big-bellied woman, are the handsomest two things
that can be seen common.
---Benjamin Franklin
----------------
http://www.TruthAboutWar.org
Visit my nursery:
http://www.angelfire.com/linux/behnesnursery/
The Behne Family Genealogy Project:
http://www.usgenealogy.net/members/rwbehne/
____________________________________________________
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
Join the Club : http://www.mandrakeclub.com
____________________________________________________
