>>> I have most services turned off but can activate them ,
>> remotely, from
>>> webmin if I need ssh or ftp.
>>
>> Well, I guess you first need to allow connections to webmin
>> (from INSIDE
>> - even if you are absolutely certain no one can guess your
>> password) unless you are only going to d
> -Original Message-
> From: centos-boun...@centos.org
> [mailto:centos-boun...@centos.org] On Behalf Of Christopher Chan
> Sent: Tuesday, July 06, 2010 10:31 PM
> To: centos@centos.org
> Subject: Re: [CentOS] DNS or firewall problem
>
>
> >> Hmm...yo
>> Hmm...you do not appear to have a blanket accept for your
>> internal interface. What services are supposed to be open to
>> the internal lan?
>
> Really just intersted in web, ftp and maybe samba
Well, the rules do accept connections for them three so no problem here.
>
> Not really relying
> -Original Message-
> From: centos-boun...@centos.org
> [mailto:centos-boun...@centos.org] On Behalf Of Christopher Chan
> Sent: Tuesday, July 06, 2010 9:13 PM
> To: centos@centos.org
> Subject: Re: [CentOS] DNS or firewall problem
>
>
> > # Firewall c
> # Firewall configuration written by system-config-securitylevel
> # Manual customization of this file is not recommended.
ugh...fwbuilder crap...oh well.
> *filter
> :INPUT ACCEPT [0:0]
> :FORWARD ACCEPT [0:0]
> :OUTPUT ACCEPT [0:0]
> :RH-Firewall-1-INPUT - [0:0]
> -A INPUT -j RH-Firewall-1-I
Dominik Zyla wrote:
>> Are you saying you must have the setting you mention in /etc/sysctl.conf
>> ? That cannot be true, as I can access my server and I don't have your
>> entry.
> Check your iptables rules. Maybe there are no INPUT rules to access your
> gateway via internal nic.
I don't see t
> -Original Message-
> From: centos-boun...@centos.org
> [mailto:centos-boun...@centos.org] On Behalf Of Chan Chung
> Hang Christopher
> Sent: Tuesday, July 06, 2010 9:28 AM
> To: centos@centos.org
> Subject: Re: [CentOS] DNS or firewall problem
>
>
>
On Tue, Jul 06, 2010 at 09:19:41PM +0100, Timothy Murphy wrote:
> cliff here wrote:
>
> > Well if you want the kernel to route IPV4 traffic, then yes it has to be 1
>
> net.ipv4.conf.ip_forward = 0 ??
>
> change to = 1 ??
> >>
> >>> yea that needs to be a 1
> >>
> >> That cannot b
cliff here wrote:
> Well if you want the kernel to route IPV4 traffic, then yes it has to be 1
net.ipv4.conf.ip_forward = 0 ??
change to = 1 ??
>>
>>> yea that needs to be a 1
>>
>> That cannot be mandatory,
>> as I have a 0 there and do not have the OP's problem.
You've changed
enable ipv4_forwarding in /etc/sysctl.conf
# service iptables start
# iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
eth0 is the interface connected to modem.
On 6 July 2010 04:30, Thomas Dukes wrote:
> Been working this for over a month now and I'm stumped.
>
> Everything was working
echo 1 > /proc/sys/net/ipv4/ip_forward
On 6 July 2010 21:17, Basil Kurian wrote:
> enable ipv4_forwarding in /etc/sysctl.conf
>
>
> # service iptables start
>
> # iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
>
> eth0 is the interface connected to modem.
>
>
> On 6 July 2010 04:30, Thomas
Well if you want the kernel to route IPV4 traffic, then yes it has to be 1
On 7/6/10, Timothy Murphy wrote:
> cliff here wrote:
>
>>> net.ipv4.conf.ip_forward = 0 ??
>>>
>>> change to = 1 ??
>
>> yea that needs to be a 1
>
> That cannot be mandatory,
> as I have a 0 there and do not have the OP'
>> Are you running a proxy for http? It would be rather
>> surprising that internal machines can access the Internet
>> without forwarding turned on otherwise. When you say internal
>> machines cannot access your server, are they connecting to it
>> via the local interface's ip or the Internet
cliff here wrote:
>> net.ipv4.conf.ip_forward = 0 ??
>>
>> change to = 1 ??
> yea that needs to be a 1
That cannot be mandatory,
as I have a 0 there and do not have the OP's problem.
As I mentioned, the default in shorewall is that
loc to $FW, ie connection from machines on the local LAN to se
_
From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf
Of cliff here
Sent: Monday, July 05, 2010 10:56 PM
To: CentOS mailing list
Subject: Re: [CentOS] DNS or firewall problem
yea that needs to be a 1
Thanks,
I'll give that
CentOS mailing list
> > Subject: Re: [CentOS] DNS or firewall problem
> >
> > Do u have ipv4 forwarding on in your /etc/syscttl
> >
> > Sent from my iPhone
>
> Uhhh, in /etc/sysctl.conf,
>
> net.ipv4.conf.ip_forward = 0 ??
>
> change to = 1 ??
>
> -
> -Original Message-
> From: centos-boun...@centos.org
> [mailto:centos-boun...@centos.org] On Behalf Of Timothy Murphy
> Sent: Monday, July 05, 2010 10:11 PM
> To: centos@centos.org
> Subject: Re: [CentOS] DNS or firewall problem
>
> Thomas Dukes wrote
> -Original Message-
> From: centos-boun...@centos.org
> [mailto:centos-boun...@centos.org] On Behalf Of Christopher Chan
> Sent: Monday, July 05, 2010 8:42 PM
> To: centos@centos.org
> Subject: Re: [CentOS] DNS or firewall problem
>
> On Tuesday, July 06, 201
Thomas Dukes wrote:
>> Do u have ipv4 forwarding on in your /etc/syscttl
>
> Uhhh, in /etc/sysctl.conf,
>
> net.ipv4.conf.ip_forward = 0 ??
>
> change to = 1 ??
I have more or less the same setup as you,
and I have
net.ipv4.conf.ip_forward = 0
in /etc/sysctl like you,
but I have no pr
On Tuesday, July 06, 2010 08:12 AM, Thomas Dukes wrote:
>
>
>> -Original Message-
>> From: centos-boun...@centos.org
>> [mailto:centos-boun...@centos.org] On Behalf Of Cliff
>> Sent: Monday, July 05, 2010 8:05 PM
>> To: CentOS mailing list
>> Sub
> -Original Message-
> From: centos-boun...@centos.org
> [mailto:centos-boun...@centos.org] On Behalf Of Cliff
> Sent: Monday, July 05, 2010 8:05 PM
> To: CentOS mailing list
> Subject: Re: [CentOS] DNS or firewall problem
>
> Do u have ipv4 forwarding
Do u have ipv4 forwarding on in your /etc/syscttl
Sent from my iPhone
On Jul 5, 2010, at 7:00 PM, "Thomas Dukes" wrote:
> Been working this for over a month now and I'm stumped.
>
> Everything was working until the 'crash'. Backup was no good so I
> did a
> fresh install of centos 5.5. Trying
Been working this for over a month now and I'm stumped.
Everything was working until the 'crash'. Backup was no good so I did a
fresh install of centos 5.5. Trying to get things back like they were but
its been a really long time since I had to set things up from scratch,
Redhat 2.0.
My centos se
23 matches
Mail list logo
