Re: [Shorewall-users] Access to Server frm authorized range of IPs only

Tue, 16 Jun 2009 21:30:56 -0700 


> > for record purposes; i did what tom recommended as shown below;
> > 
> > in 'params' file
> > 
> > AUTH_IP=60.48.0.0-60.54.255.255,
> >         202.75.4.0-202.75.7.255,
> >         202.186.0.0-202.187.255.255,
> >         203.82.64.0-203.82.95.255
> > 
> > in 'rules' file
> 
> That exact statement would have resulted in a syntax error. To put the
> ranges on separate lines, you would rather need:
> 
> AUTH_IP=60.48.0.0-60.54.255.255,\
> 202.75.4.0-202.75.7.255,\
> 202.186.0.0-202.187.255.255,\
> 203.82.64.0-203.82.95.255
> 
> Furthermore, I would have written the last three differently:
> 
> AUTH_IP=60.48.0.0-60.54.255.255,\
> 202.75.4.0/22,\
> 202.186.0.0/15,\
> 203.82.64.0/19
> 
> That form results in slightly faster comparison. The'shorewall iprange'
> command is your friend, provided that you are running Shorewall 4.2.9
> where the command was corrected or that you are running 4.0 (before the
> command was broken).


Tom , its a centos 5.3 box with shorewall versions;

shorewall-common-4.0.15-1.el5
shorewall-perl-4.0.15-1.el5


U were right, i had just looked at the very last line of the output of 
'shorewall -v restart which showed;

Processing /etc/shorewall/start ...
Processing /etc/shorewall/started ...
done.

earlier it could not compile. Now that it could i assumed it was all ok. And as 
i tested frm the ip range that was right on the first line ( access ok)  and 
got a friend to test from outside the ranges ( no access), i concluded it was 
all o. 

After reading yr email , i reran the command and saw these messages ( u were 
right of course ) on top;

/etc/shorewall/params: line 31: 202.75.4.0-202.75.7.255,: command not found
/etc/shorewall/params: line 32: 202.186.0.0-202.187.255.255,: command not found
/etc/shorewall/params: line 33: 202.190.0.0-202.190.255.255,: command not found
/etc/shorewall/params: line 34: 203.82.64.0-203.82.95.255,: command not found
/etc/shorewall/params: line 35: 203.153.80.0-203.153.87.255: command not found
Compiling...
Processing /etc/shorewall/params ...
/etc/shorewall/params: line 31: 202.75.4.0-202.75.7.255,: command not found
/etc/shorewall/params: line 32: 202.186.0.0-202.187.255.255,: command not found
/etc/shorewall/params: line 33: 202.190.0.0-202.190.255.255,: command not found
/etc/shorewall/params: line 34: 203.82.64.0-203.82.95.255,: command not found
/etc/shorewall/params: line 35: 203.153.80.0-203.153.87.255: command not found

oops ...  :)

i redid the entries the way u showed and it looks all ok now. Thanx Tom.



      

------------------------------------------------------------------------------
Crystal Reports - New Free Runtime and 30 Day Trial
Check out the new simplified licensing option that enables unlimited
royalty-free distribution of the report engine for externally facing 
server and web deployment.
http://p.sf.net/sfu/businessobjects
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users






















					Reply via email to