I just set up a linux box to do Masquerading. But I think it's somehow masquerading
packets from outside the local network!
I have been getting a message in the log (and on the local console):
kernel: ip_masq_new(proto=UDP): no free ports.
And I just got an email from someone claiming that my box is port-scanning their
machine.
Putting these two together, I think I've got something bozo'd in the masquerading
rules.
I originally had:
ipfwadm -F -p deny
ipfwadm -F -a m -S 192.168.1.0/24 -D 0.0.0.0/0
I've since added the the following in an attempt to prevent spoofing of the local
network
address (where aaa.bbb.ccc.ddd is the "public" ip address of this linux box):
ipfwadm -I -a deny aaa.bbb.ccc.ddd -S 192.168.1.0/24 -D 0.0.0.0/0
ipfwadm -I -a deny aaa.bbb.ccc.ddd -s aaa.bbb.ccc.ddd -D 0.0.0.0/0
Am I close? What should I have for my firewall rules? This box has 2 network cards,
one
connected to a T1 router, the other one connected to a local ethernet network. I want
to
do normal masquerading of the local network, and nothing else should get passed by the
firewall.
--
Chuck Gadd
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
