Message -
> From: "Hugh Fox" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
> Sent: Thursday, November 01, 2001 4:40 PM
> Subject: Re: [e-smith-devinfo]ipchains/Local Network (was FreeS/WAN
_updown)
>
>
> > Steve,
> >
> >
ipment to test this and report back I'd be most interested in the
results ;->
Regards,
--
Darrell May
DMC Netsourced.com
http://netsourced.com
- Original Message -
From: "Hugh Fox" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent:
Steve,
I would like to test this as well,
but am nowhere near as technical as you. .. ;o(
Could you advise exactly where you are making the change. In what file, etc.
Ta,
Hugh
--
Please report bugs to [EMAIL PROTECTED]
Please mail [EMAIL PROTECTED] (only) to discuss security issues
Support
Steve Bush <[EMAIL PROTECTED]> said:
> I added an ipchains rule ie:
> ipchains -I forward -j ACCEPT -b -s -d
> and it seemed to solve my problem.
Great work Steve. Hope your keeping notes on all these changes? Once
you get everything documented we can see if we can build these into the
se
Okay...The _updown script that I have works correctly. My problem is a
feature of SME 4.1.2 and 5.0. This may need to be modified for corporate
WAN users. When you add a local network whose default route is on the local
ethernet, the connection is being masq'd for 0.0.0.0/0 only and needs to
ha
On Sat, Aug 25, 2001 at 02:57:59PM +1000, Gordon Rowell <[EMAIL PROTECTED]> wrote:
> [...]
>
> DO NOT run in server-only mode on a public network. It is designed
> for use on a local network, behind a firewall. We have reworded the
> console screen for 5.0 to make this more obvious:
>
> [...]
On Sat, Aug 25, 2001 at 03:02:11AM +0200, Brossin Pierrick <[EMAIL PROTECTED]>
wrote:
> Hey gurus !
>
> I'm trying to close the port 95 on eth1 (external network)
> so user from the internet cant get connected to it.
Ports 0..1023 are closed by default in server-gateway mode.
> Here is why I d
On Sat, 25 Aug 2001, Brossin Pierrick wrote:
> I'm trying to close the port 95 on eth1 (external network)
> so user from the internet cant get connected to it.
>
> Here is why I didnt and it actually didnt work :(
What makes you say that it doesn't work?
What makes you think that people from t
ED]>; "Nonohome" <[EMAIL PROTECTED]>;
<[EMAIL PROTECTED]>
Sent: Saturday, July 21, 2001 3:00 AM
Subject: RE: [e-smith-devinfo] ipchains
> Jelmer Kuperus, We all await your next question to the list with baited
> breath. Lets hope the responses are somewhat mor
001 12:00 AM
> To: Nonohome; [EMAIL PROTECTED]
> Subject: RE: [e-smith-devinfo] ipchains
>
>
> read a book, go to google and type in ipchains howto, buy support
>
> in what flavour would you like that answer ?
>
> NO SPOONFEEDING
>
>
>
> -Origi
> From: Darrell May [mailto:[EMAIL PROTECTED]]
> Sent: Saturday, 21 July 2001 1:06
> To: Nonohome; [EMAIL PROTECTED]
> Subject: Re: [e-smith-devinfo] ipchains
>
>
> Nonohome <[EMAIL PROTECTED]> said:
>
> > Hi,
> >
> > New in this mailing list, i
Nonohome <[EMAIL PROTECTED]> said:
> Hi,
>
> New in this mailing list, i would like my webserver to be reachable
> from the internet.
> The problem is that I own a special modem, which uses port 80, and so
> prevent my server from being reachable on this port.
>
> So i decided to change my def
ffs this must be one of the most tolerant developement mailinglist around..
-Original Message-
From: Matthieu Perreira Da Silva [mailto:[EMAIL PROTECTED]]
Sent: vrijdag 20 juli 2001 15:53
To: Nonohome
Cc: [EMAIL PROTECTED]
Subject: Re: [e-smith-devinfo] ipchains
the ipchains rules are
read a book, go to google and type in ipchains howto, buy support
in what flavour would you like that answer ?
NO SPOONFEEDING
-Original Message-
From: Nonohome [mailto:[EMAIL PROTECTED]]
Sent: vrijdag 20 juli 2001 15:46
To: [EMAIL PROTECTED]
Subject: [e-smith-devinfo] ipchain
the ipchains rules are defined in /etc/rc.d/init.d/masq
try changing all port 80 related rules to port 555
(in other words replace 80 bye 555 in all rules)
That could help I think...
- Original Message -
From: "Nonohome" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, July 20,
Rob Adams wrote:
>
> What are you trying to forward..
>
Citrix requests:
To access the Citrix server via the Internet, sitting
behind a firewall, make sure:
Port 1494 for TCP/IP is opened.
Port 1604 for UDP is open Inbound on the firewall.
Port 1023 and above are opened for TCP and UDP outb
Charlie Brady wrote:
>
> Change this rule:
>
> /sbin/ipchains --append forward --jump DENY
>
> to:
>
> /sbin/ipchains --append forward --jump DENY --log
>
Where do I find the --log to view?
Basically I am getting a 'Connection Refused' when trying
to telnet.
Here is my client set up, whi
>
> Where do I find the --log to view?
>
It logs the denys to /var/log/messages. They will look something like this:
Apr 4 20:13:27 e-smith kernel: Packet log: denylog DENY eth1 PROTO=6
4.3.82.190:4075 208.191.8.83:515 L=60 S=0x00 I=20071 F=0x4000 T=53 SYN (#1)
For an explanation of all the pa
On Thu, 5 Apr 2001, Darrell May wrote:
> Port 1023 and above are opened for TCP and UDP outbound.
There are provided without any special arrangement by the IP masquerading.
> Gordon has replied that I need ipchains forward entries as
> well so I'll try that next.
I don't think that is the cas
On Wed, Apr 04, 2001 at 11:43:35PM -0700, Darrell May <[EMAIL PROTECTED]>
wrote:
> I'm having a problem getting port forwarding to work from
> the external interface > internal IP. Is this because the
> ipchain forward policy is set to DENY?
Yes.
> [root@e-smith /root]# /sbin/ipchains -n -L fo
20 matches
Mail list logo
