Hm... it seems to be working now. I had them not-in-sequence (i.e. 0,3,4,&5 were rules, but 1&2 forwarded other things... I put the rules in sequential order and it seemed to work. Odd. Well, thanks for the help :] -david
-----Original Message----- From: Charles Steinkuehler [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 29, 2002 7:04 PM To: david goodrich; [EMAIL PROTECTED] Subject: Re: [Leaf-user] ip filtering > This is something of an odd request, but here goes... I'm a college > student, and use my dachstein 1.0.2 floppy firewall to keep my servers > away from all the hacktivity on the local net... I forward the necessary > services to my servers, easy enough. But here's the deal: my floor > wants to put on a game tournament to raise money, and we want to make > sure that nobody else gets to the game server except ip's that have paid > the entry fee. I tried using > > [from /etc/network.conf] > EXTERN_TCP_PORT4="[ip of paid-for user]/32 27015" > EXTERN_TCP_PORT5="[another paid-for ip]/32 27015" > [and so on and so forth] > > and then pointed to the port 27015 server with > > [from /etc/network.conf] > INTERN_SERVERS="... tcp_${EXTERN_IP}_27015_192.168.1.11_27015 > ..." > > but that only works for the EXTERN_TCP_PORTx ip with the highest x-value > (only the last referenced ip address can get in, none of the others)... > i'd like to allow only the ip addresses in the list to access port > 27015, and it's not just a subnet.. it will be a list of (essentially) > random ip addresses. I think maybe ipchains can do it, but I'm > extremely new to this whole lrp game. Thanks for your help. You're on the right track...what you list above ought to work (assuming your EXTERN_TCP_PORTx settings start with x=zero and increment with no missing numbers). Can you provide the output of "net ipfilter list"? Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
