Re[2]: [Security Firewall] MNF: LAN->WAN FTP acces problem

Justin Grote Wed, 28 Jul 2004 17:07:35 -0700

You can also:

# tail -f /var/log/messages


Which will display new log messages in real time. Run this in a separate console and 
connect to see exactly what is being blocked when.

______________________________
Justin Grote
Network Architect, CCNA
JWG Networks
Email: [EMAIL PROTECTED] (remove nospam-)
SMS:   [EMAIL PROTECTED] (remove nospam-)
Phone: (208) 631-5440

------------------------------
Original Message Follows
------------------------------
PU> Hi Hernan,
PU> Please check /var/log/messages for dropped packets. I usually try the action
PU> (connect ftp) on the client then check the log right after (tail command).

PU> # cd /var/log
PU> # tail messages | grep (IP of client)

PU> You can also use a - with a number to see a specified number of lines with
PU> tail.
PU> i.e.
PU> # tail -200 messages | grep (IP of client)
PU> will show you the last 200 lines of that file.

PU> The log will help to determine if the MNF is receiving/dropping the FTP/DNS
PU> requests.
PU> If you do not get results with the command above please try it without the
PU> grep part.

PU> Best regards,
PU> Patrick

PU> -----Original Message-----
PU> From: [EMAIL PROTECTED]
PU> [mailto:[EMAIL PROTECTED] Behalf Of Hernan
PU> Castaneda
PU> Sent: Wednesday, July 28, 2004 4:14 PM
PU> To: [EMAIL PROTECTED]
PU> Subject: RE: [Security Firewall] MNF: LAN->WAN FTP acces problem


PU> Hi Patrick,

PU> It doesn't work with IP either. The DNS is provided by
PU> the ISP

PU> Regards,
PU> Hernan
PU> --- Patrick Usher <[EMAIL PROTECTED]> wrote:

>> Hi Hernan,
>> Does FTP work if they use the IP instead of the
>> FQDN? Also where are the
>> clients looking for name resolution (where is their
>> DNS box)?
>>
>> Best regards,
>> Patrick
>>
>> -----Original Message-----
>> From: [EMAIL PROTECTED]
>>
PU> [mailto:[EMAIL PROTECTED]
>> Behalf Of Hernan
>> Castaneda
>> Sent: Wednesday, July 28, 2004 3:06 PM
>> To: [EMAIL PROTECTED]
>> Subject: [Security Firewall] MNF: LAN->WAN FTP acces
>> problem
>>
>>
>> Hi all,
>>
>> I've installed a box with MNF to serve as
>> firewall/proxy to a Windows XP/2000 hosts lan. The
>> box
>> has two NICs eth0 is connected to the lan
>> 192.168.4.0/24 and eth1 has a public IP address
>> assigned to it, the hosts can connect to Internet
>> without problems (http, https) but FTP can only be
>> accessed through the browsers (IE6 SP1 and Mozilla
>> 1.7), even with IE when connects to the ftp server a
>> message box appears saying that the access in read
>> only because the proxy isn't configured correctly.
>> If
>> they try to make an FTP connection using a client
>> (WS
>> FTP 9) or even "DOS" console an error appears saying
>> that the connection couldn't establish because the
>> name cannot be resolved (DNS Problem); Squid is in
>> transparent mode.  Can anybody please help me.
>>
>> Regards,
>> Hernan Castaqeda
>>
>> I atach firewall configuration.
>> Default policies:
>> 1    lan     all     REJECT  info
>> 2    fw      all     ACCEPT  info
>> 3    wan     all     DROP    info
>> 4    all     all     REJECT  info
>> Rules:
>> 1   ACCEPT   fw      wan     tcp+udp 53
>> 2   ACCEPT   lan     wan     udp     53
>> 3   REJECT   wan     fw      tcp     113
>> 4   ACCEPT   lan     fw      tcp     22
>> 5   ACCEPT   lan     fw      tcp     8443
>> 6   ACCEPT   fw      lan     icmp    8
>> 7   ACCEPT   lan     fw      icmp    8
>> 8   ACCEPT   lan     wan     tcp     pop3
>> 9   ACCEPT   lan     wan     tcp     smtp
>> 10  ACCEPT   lan     wan     tcp     http
>> 11  ACCEPT   lan     wan     tcp     https
>> 12  ACCEPT   lan     wan     tcp     ssh
>> 13  ACCEPT   lan     wan     tcp     ftp
>> 14  ACCEPT   lan     wan     tcp     nntp
>> 15  ACCEPT   fw      wan     udp     ntp
>> 16  ACCEPT   lan     wan     tcp     imap
>> 17  ACCEPT   fw      wan:20022 tcp   ftp
>> 20  ACCEPT   lan     fw      tcp     https
>> 23  ACCEPT   fw:3328 wan     tcp     https
>> 24  ACCEPT   lan     fw::3328 tcp    www     all
>> 25  ACCEPT   fw      wan     tcp     www
>>
>> P.D.: Sorry if the mail is to long I tried to be as
>> much specific as I could
>>
>>
>>
>>
>> __________________________________
>> Do you Yahoo!?
>> Yahoo! Mail - You care about security. So do we.
>> http://promotions.yahoo.com/new_mail
>>
>>
>>
>> >
PU> ____________________________________________________
>> Want to buy your Pack or Services from MandrakeSoft?
>>
>> Go to http://www.mandrakestore.com
>> Join the Club : http://www.mandrakeclub.com
>> ____________________________________________________
>>




PU> __________________________________
PU> Do you Yahoo!?
PU> Yahoo! Mail Address AutoComplete - You start. We finish.
PU> http://promotions.yahoo.com/new_mail

smime.p7s
Description: S/MIME Cryptographic Signature

Re[2]: [Security Firewall] MNF: LAN->WAN FTP acces problem

Reply via email to