Erich Titl wrote: > Hi > > At 22:36 16.01.2002 -0800, you wrote: > >Erich Titl wrote: > > > > > Now I am faced with the problem of remote set up and configuration. > > > > > > 1) I would like to access the weblet engine on the primary link. I added a > > > new rule to the input chain which should allow access to port 80 on the > > > external interface but to no avail. I get an ACCEPT on the input chain and > > > I see traffic between the boxes but I will not get any sensible output. > > > > > > 2) Has anyone ever tried a telnetd on this set up. > > > > > > Thanks > > > > > > Erich Titl > > > >You will probably have to add something in /etc/hosts.allow: > >sh-httpd: ip.add.re.ss/255.255.255.0 > > > >In /etc/network.conf > >EXTERN_TCP_PORTS="address/mask_www" > >
that is the source address - not the external address 0/0 means the whole internet has access. You might want to limit access to the network you are on when you access weblet > Do you have a good idea how to do that on a dynamic address. The entire > firewall set up os a bit cryptic in that aspect. One could of course add a > bit logic to the dhclient-exit-hooks to accomplish this but it might be > tricky to change a firewall rule which you don't know exactly how it was built. > > >Look in /etc/sh-httpd.conf to add the address range you are trying to access > >from > ># Who can access the server? > >CLIENT_ADDRS="123.345.456." > > I will look into this asap, but i believe this is commented out. > > >Why not use sshd and some encrypted client instead of telnet. I use > >TeraTermPro which is a free download. > > I believe the ssh libraries/executables will be a lot bigger than the > simple telnet stuff. I am using ssh on a regular basis with SuSe based > firewall, but this one has disks. > I am looking for something which will still fit on the one floppy version > of Dachstein. > There was a post here recently from someone who got libz.lrp and sshd.lrp to fit on a single floppy. He stripped the pretty version of weblet and used one without graphics if I remember correctly. Unfortunately the search feature does not appear to work on the list so I can't find the message. You could also use the old version of sshd which is vulnerable to "man in the middle" but takes a lot less floppy space. The second thing you can do is to add a second floppy to the router. Now with fd0 and fd1 you have at least 2.88 megs depending on the format you use. Dachstein supports two floppies with only minor configuration changes to tell it look on both diskettes when loading the lrps at boot. I would not recommend teleneting into your router. Anyone along the path can sniff anything you say including the password. > > Thanks > > Erich _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
