Yes, IPFWADM, not IPchains or whatever is newer! I'm still running an IP Masq box here with a 2.0.36 kernel. I'm trying to add some ipfwadm rules to punch a hole so sendmail can work thru the "firewall" with my ISP. (I've been using uucp for years, now I'm switching to a fixed IP address and ETRN.)
So I dig up the firewall-HOWTO and read the section on IPFWADM and see there are two examples there for doing what I think is what I want to do. Here's what the HOWTO shows: #allow incoming email /sbin/ipfwadm -F -a accept -b -P tcp -S 0.0.0.0/0 1024:65535 -D 192.1.2.10 25 #allow email connections to outside email servers /sbin/ipfwadm -F -a accept -b -P tcp -S 192.1.2.10 25 -D 0.0.0.0/0 1024:65535 I've modified that slightly by putting: 1) the address of the smtp server at my ISP where these two rules have "0.0.0.0" and the internal-to-my-LAN address of the machine where sendmail actually runs (it's not running on the ip masq box itself as a security measure) where the example shows 192.1.2.10. When I submit those two rules to ipfwadm I get back an error message (sorry I don't have the exact wording) about "multiple commands" (or "too many commands", and I get it once for each of these rules. I don't have a clue about what it's complaining about. Each option I'm using is listed in the ipfwadm man page. The only thing that looks perhaps weird to me is that for the -b option, the man page says: -b Bidirectional mode. The rule will match with IP packets in both directions. This option is only valid in combination with the append, insert, or delete commands. I'm not entirely certain I follow this. Is there someone here who understands IPFWADM (rather than doing a cookbook thing like I'm forced to do in lieu of knowing what I'm doing) who can help enlighten me as to 1) what's the problem here, and 2) how to really do what I want to do? Thanks! Fred -- ---- Fred Smith -- [EMAIL PROTECTED] ----------------------------- "For him who is able to keep you from falling and to present you before his glorious presence without fault and with great joy--to the only God our Savior be glory, majesty, power and authority, through Jesus Christ our Lord, before all ages, now and forevermore! Amen." ----------------------------- Jude 1:24,25 (niv) ----------------------------- _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list