Folks:
As I mentioned in my last post, I have not had luck with the following command:
INTERN_SERVERS="tcp_${EXTERN_IP}_domain_192.168.x.y_domain udp_${EXTERN_IP}_domain_192.168.x.y_domain"
I get no port forwarding for ports 53. I do get several messages complaining about "invalid protocol"
just before the firewall login prompt.
Is the above a space-separated list like all the others?
What is wrong with it?
It looks OK by itself, but I do see a problem below ... you open 53/tcp but not 53/udp ... and most DNS traffic is udp, with tcp used only rarely. Try uncommenting this line from network.conf and see if it helps ...
#EXTERN_UDP_PORT0="0/0 domain"
If that doesn't do the job ... next time, you should include technical information. What are you basing "I get no port forwarding for ports 53" on? Lack of DNS resolution in practice? Inspection of the ipchains ruleset? Something else? Please include the output of "ipchains -nvL" next time.
Unfortunately, the "invalid protocol" message ipchains spits out is quite uninformative, particularly when it is a response to auto-generated ipchains commands that are not available for inspection on the command line. This always was a weakness of the "ipchains" command. So trying to guess what they indicate is tough even when you actually see them, and impossible from the vague description you offer.
TIA, Rick.
The rest of my config in network.conf is: CONFIGDNS=YES eth0_IPADDR = <static ip> eth0_MASKLEN=26 EXTERN_DHCP=NO EXTERN_TCP_PORT0 "0/0 www" EXTERN_TCP_PORT1 "0/0 smtp" EXTERN_TCP_PORT2 "0/0 imap" EXTERN_TCP_PORT3 "0/0 domain"
INTERNAL_WWW_SERVER=192.168.x.y INTERNAL_SMTP_SERVER=192.168.x.y INTERNAL_IMAP_SERVER=192.168.x.y
and I do get port forwarding for web, smtp and imap.
I also tried one single INTERN_SERVERS stmt replacing the INTERN_<blah>_SERVER stmts above.
Same result: a lot of invalid protocol messages, inviting me to type ipchains -help.
------------------------------------------------------- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
