Ok, I have read your post, I will see what I can find out..
you didn't run msec at any stage and increase the security level did you? if you did, that would explain alot.. try lowering it to 3 and see what happens.. that has fixed things for me before.. it may also explain why your sockets not working any more.. msec does some weird shit, like changing heaps of permissions (file and directory), deleting files, closing access to nearly everything via tcpwrappers and some other stuff I haven't figured out yet. I don't use msec anymore, close everything myself, it has caused to much hassle and is too poorly documented to be of any use I think. If anything is in need of a mandrake forum or user write up, then msec is definatly it. (there may be one, but I have not found it.) rgds Frank -----Original Message----- From: Ben Nicolas [mailto:[EMAIL PROTECTED]] Sent: Friday, 9 November 2001 5:44 PM To: [EMAIL PROTECTED] Subject: RE: [expert] Network problems caused by 'Tiny Firewall' GUI in MDK Hey buddy, Thanks for e-mailing. I'm kinda new to these lists. I'm e-mailing you indivuidually and not back to the list because you're answer impressed me. It was nice to read because you're the first guy that seems like he might have an inkling of what my problem may be. Don't have an /etc/sysconfig/iptables file (don't know if that's cuz i'm running LM 8.0). I flushed the iptables anyway using >iptables -F , anyway. I posting a copy of my original post for you at www.dailystaple.com/mdk. If u could take a look at it and tell me if you think of anything, you'd be the man!.... > I have the 8.1 powerpack here, and it comes with a install and user > manual and a reference manual.. > > I will have a look in there for the tiny firewall details.. > > I haven't looked back see your initial question, but you might try > looking in /etc/sysconfig/iptables > > I think that may be where tiny firewall keeps its rules and stuff. > > I know one thing, for simple readability, ipchains beats the hell out > of iptables.. > > I have still not found a simple script platform like pmfirewall that > asks a bunch of questions in a console at install > then writes a nice easy to read list of rules, one per line with nice > comments on them, closes all the obvious gaps, and is really easy to > modify and add to... I have a massive list of rules in my 7.2 box in > ipchains and ipmasqadm, and I had the firewall setup to allow different > ports open on 7 of my domains being hosted on that box.. > > Its tough to figure out how I am going to do it easily in iptables. I > have a basic script, but nothing that does all that I want yet.. wish > someone had written an online ipchains -> iptables script with > Javascript or something, that would be very handy. I only just figured > out how to do port forwarding with iptables last night.. > > > rgds > > Frank > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of J. Craig Woods > Sent: Friday, 9 November 2001 1:54 PM > To: [EMAIL PROTECTED]; [EMAIL PROTECTED] > Subject: Re: [expert] Network problems caused by 'Tiny Firewall' GUI in > MDK > > > Ben Nicolas wrote: >> >> You were right in assuming my basic topology consisted of 1 LM 8.0 >> server (acting as a gateway/router) with 2 nic's. Besides that all I >> have is one client machine running Win2K. >> >> Now that you mention it you're also right about not needing to have >> port 139 open externally to use samba betw. my server and client. >> Prior to this debacle I had never done any firewalling or used >> iptables/ipchains so my comment about needing 139 open earlier was due >> to lack of knowledge. Once I figure out what's preventing my client >> from accessing the internet and DBI from making to a connection to >> MySQL I will use iptables to secure up my network now that I >> understand how to create rules. For now I'm primarily concerned with >> figuring out why my server won't forward requests made to servers >> outside my internal micro-lan. >> > > I wish I could help you out with that Tiny crap stuff. I am just not > sure what it has left behind, in view of the fact that you have cleaned > it out from the usual directories. All I can say is dust off the old > 'grep', and start a fine tooth search for any kind of "Tiny" or > "firewall" string in any file located in all of the usual directories. > BTW what does a "netstat -rn" output look like on your two machines? > > If you need some assistance with the gateway/router set up, you are > welcome to call on me. I have set up this kind of thing before with > Samba and name server running on a LAN with W2K. Do let me know what > the resolution is to the Tiny (big) headache.... > > -- > J. Craig Woods > UNIX/NT SA > > -Art is the illusion of spontaneity-
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
