Thank you so much, Derek. Your suggestion worked wonderfully. Ideally, what I wanted to accomplish is to grant port access to the local LAN side and keep everything blocked on the "Internet" side.
-Chris --- Derek Jennings <[EMAIL PROTECTED]> wrote: > On Monday 02 Jun 2003 4:05 pm, Chris Parman wrote: > > Hello, > > > > I just installed Mandrake 9.0 and setup my > ADSL > > modem. I have two NIC's and setup internet sharing > > with respect to several machines behind my Linux > box > > (Mandrake 9.0). The problem is when the "firewall" > is > > on (With no services to the Outside) and the > Security > > set to "Standard", I cannot use Exceed (On my > Windows > > box) to login to my Linux box (Mandrake 9.0). If I > > turn off the Firewall, then Exceed works fine. My > > question is: How can I have both "Firewall on" and > the > > ability to use Exceed on the Windows box ? Thank > you > > in advance for your help. > > > > Best Regards, > > > > Chris Parman > > > By default the shorewall firewall will block traffic > from the Internet (net) > to the firewall (fw), and also from the local > network (masq) to the firewall. > > You could easily open up the specific port needed by > Exceed (23), or else you > can open up all services to the local network. > > To open all services to the local net edit the file > /etc/shorewall/policy It > is well documented and you will easily understand > it. > Add the line > masq fw ACCEPT > > There should also be a > fw masq ACCEPT > > > > To selectively open individual ports edit > /etc/shorewall/rules and add the > lines, (or add the port name/number to an existing > line) > ACCEPT masq fw tcp ssh > ACCEPT masq fw udp ssh > > If you want applications on the firewall to access > services on the local net > you will need corresponding lines for > ACCEPT fw masq tcp and so on > > For detailed documentation on shorewall see > www.shorewall.net > > After making any changes enter > shorewall restart > in a root terminal. > > After making edits to the shorewall files do not use > the Mandrake GUI again. > It will likely overwrite your changes. > If you prefer using a GUI there is one in the webmin > package for shorewall > (to use webmin 'urpmi webmin' in a root terminal, > then https:localhost:10000 > in a browser) > > HTH > > derek > > -- > ---------------------------------- > www.jennings.homelinux.net > > > > Want to buy your Pack or Services from MandrakeSoft? > > Go to http://www.mandrakestore.com > __________________________________ Do you Yahoo!? Yahoo! Calendar - Free online calendar with sync to Outlook(TM). http://calendar.yahoo.com
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
