At 06:58 PM 7/6/02 -0700, Michael McClure wrote: >Oh -- I guess I totally forgot about the custom firewalls. I am using the >native Eigerstein and will soon be porting to Dachstein. > >Help me to understand....So rule 1 says to accept port 80 tcp calls that >come in on eth1 that are going to the modem and rule 2 says to take accept >any port 80 calls tcp calls that come in on eth0 from the modem? > >I put the following in my file script: > > $IPCH -I INPUT 1 -d 192.168.100.1/32 80 -p tcp -i eth1 -j ACCEPT > $IPCH -I INPUT 1 -s 192.168.100.1/32 80 -p tcp -i eth0 -j ACCEPT > > >svi network reload wasn't happy: > >Starting Network: [IP Always Defrag: ENABLED] > IP filters: ipchains: No target by that name >ipchains: No target by that name >ipchains: No target by that name >ipchains: No target by that name >firewall [IP Forwarding: ENABLED] > >When I comment these rules out, I don't get those errors. What am I doing >wrong?
Listyening to me uncritically, apparently. The actual name of the chain is input, not INPUT. Sorry; I was doing this from memory, not in a place where I could test what I wrote. Change to input and it will (probably) work. WIth that correction, the rules operate as you understand them to. The first lets the LAN send traffic to the modem's Web server; the second lets the Web server's replies get through. -- -----------------------------------------------"Never tell me the odds!"-------------- Ray Olszewski -- Han Solo Palo Alto, California, USA [EMAIL PROTECTED] ------------------------------------------------------------------------------------------- ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Got root? We do. http://thinkgeek.com/sf ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
