view Firewall (p1 of 9)
LEAF Firewall
::Packet Filter::
Shorewall-1.2.2 Chain at - Fri Jan 25 16:13:32 UTC 2002
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
0 0 rfc1918 all -- ppp0 * 0.0.0.0/0
0.0.0.0/0
0 0 ACCEPT all -- lo * 0.0.0.0/0
0.0.0.0/0
0 0 ACCEPT udp -- ppp0 * 0.0.0.0/0
0.0.0.0/0
udp dpts:67:68
0 0 ACCEPT udp -- eth0 * 0.0.0.0/0
0.0.0.0/0
udp dpts:67:68
0 0 net2fw all -- ppp0 * 0.0.0.0/0
0.0.0.0/0
0 0 loc2fw all -- eth0 * 0.0.0.0/0
0.0.0.0/0
0 0 common all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0
0.0.0.0/0
limit: avg 10/hour burst 5 LOG flags 0 level 6 prefix
`Shorewall:all2all:REJECT:'
0 0 reject all -- * * 0.0.0.0/0
0.0.0.0/0
The above partial output is from the viewfw in weblet below I will place
the output of iptables -v -L INPUT
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
1920 99542 rfc1918 all -- ppp0 any anywhere anywhere
205 14196 ACCEPT all -- lo any anywhere anywhere
0 0 ACCEPT udp -- ppp0 any anywhere
anywhere udp dpts:bootps:bootpc
0 0 ACCEPT udp -- eth0 any anywhere
anywhere udp dpts:bootps:bootpc
1920 99542 net2fw all -- ppp0 any anywhere anywhere
598 72694 loc2fw all -- eth0 any anywhere anywhere
0 0 common all -- any any anywhere anywhere
0 0 LOG all -- any any anywhere
anywhere limit: avg 10/hour burst 5 LOG level info prefix
`Shorewall:all2all:REJECT:'
0 0 reject all -- any any anywhere anywhere
I hope did not mangle anything too badly on the above iptable output.
[root@gw254 /root]# mtype a:options
# /etc/ppp/options
asyncmap 0
auth
crtscts
lock
hide-password
modem
#proxyarp
idle 600
persist
demand
#lcp-echo-interval 30
lcp-echo-interval 300
lcp-echo-failure 4
noipx
[root@gw254 /root]# mtype a:provider
# ISP pppd options file
# What follows is OK for Compuserve
#
noauth
debug # log transaction to /var/log/messages
/dev/ttyS1 # (ttyS0=com1, ttyS1=com2, ...)
115200 # baud rate
modem
crtscts # use hardware flow control
asyncmap 0
defaultroute # ppp becomes default route to the internet
noipdefault
lock # don't let other processes besides PPP use the device
connect "/usr/sbin/chat -v -f /etc/chatscripts/provider"
[root@gw254 /root]#
I have go do other things untill tonite.
Larry Platzek [EMAIL PROTECTED]
On Sat, 26 Jan 2002, Jacques Nilo wrote:
> Date: Sat, 26 Jan 2002 18:00:26 +0100
> From: Jacques Nilo <[EMAIL PROTECTED]>
> To: Larry Platzek <[EMAIL PROTECTED]>
> Cc: "Leaf-user@lists. sourceforge. net" <[EMAIL PROTECTED]>
> Subject: Re: [Leaf-user] Leaf 2.4.16 view firewall rules
>
> From: "Larry Platzek" <[EMAIL PROTECTED]>
>
> > Is it just my copy view firewall rules that only has zero for packacts
> and
> > bytes fields?
> Are you using weblet ? What command are you using ? Any output to show ?
>
> > also when using PPP to my isp and they hang up the line after 240
> minutes
> > that why does not persist does not work? I would have expected my
> system
> > to reconnect to the isp just like if I unplug the phone line and back
> in.
> Could we have a look at your provider or option file ?
>
> > I am doing demand dial by PPP and have idle and persist.
> >
> > Does anyone care to tell me what to out on the
> > "active-filter" option line so any multicast coming in on ppp0
> > not to effect the idle timer? This is using PPPd 2.4.1 include with
> > Leaf 2.4.16.
> Try one of those:
> active-filter 'ip multicast'
> or
> active-filter 'not ip multicast'
>
> Jacques
>
_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
