[leaf-user] Bering Firewall guidance

Nachman Yaakov Ziskind Mon, 10 Jun 2002 19:36:25 -0700

... I need some basic pointers here. Specifically, I flushed all the rules
(iptables -F) and changed the policy of all the builtins to ACCEPT:


# iptables -nL|more
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain all2all (0 references)
target     prot opt source               destination

Chain common (0 references)
target     prot opt source               destination

Chain fw2loc (0 references)
target     prot opt source               destination

Chain fw2net (0 references)
target     prot opt source               destination

Chain icmpdef (0 references)
target     prot opt source               destination

Chain loc2fw (0 references)
target     prot opt source               destination

Chain loc2net (0 references)
target     prot opt source               destination

Chain logdrop (0 references)
target     prot opt source               destination

Chain net2all (0 references)
target     prot opt source               destination

Chain net2fw (0 references)
target     prot opt source               destination

Chain reject (0 references)
target     prot opt source               destination

Chain rfc1918 (0 references)
target     prot opt source               destination

Chain shorewall (0 references)
target     prot opt source               destination

The box should be wide open now.

So, why I can I not ping out eth0?

# ping 10.1.2.248
PING 10.1.2.248 (10.1.2.248): 56 data bytes

# tail syslog

Jun 10 22:50:03 yoreach kernel: Shorewall:rfc1918:DROP:IN=eth0 OUT=
MAC=00:10:5a:e1:e3:8b:00:20:6f:05:f9:6d:08:00 SRC=10.1.2.248 DST=10.1.2.203
LEN=44 TOS=0x00 PREC=0x00 TTL=60 ID=5663 PROTO=TCP SPT=23 DPT=1025 WINDOW=4096
RES=0x00 ACK SYN URGP=0

So, what am I missing?

# uname -a
Linux yoreach 2.4.18 #1 Sun Apr 21 12:50:34 CEST 2002 i686 unknown

-- 
_________________________________________
Nachman Yaakov Ziskind, EA, LLM         [EMAIL PROTECTED]
Attorney and Counselor-at-Law           http://yankel.com
Economic Group Pension Services         http://egps.com
Actuaries and Employee Benefit Consultants

_______________________________________________________________

Don't miss the 2002 Sprint PCS Application Developer's Conference
August 25-28 in Las Vegas - 
http://devcon.sprintpcs.com/adp/index.cfm?source=osdntextlink

------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Bering Firewall guidance

Reply via email to