Op Tue, 01 Mar 2005 16:25:13 -0600 schreef Mikkel L. Ellertson:
>They are probably doing something like making a new connection back to
>your box, to a specific port. The problem is knowing the port. You can
>look in the firewall logs to see what port is getting rejected, and
>forward that port
Paul wrote:
Hi all,
I am trying to send in my tax-stuff through the internet.
Unfortunately the program is for ms-windose. That is running on an old
spare machine which connects to the internet through my linux machine. I
have an iptables firewall running. Regular http-calls and so on run
through t
Hi all,
I am trying to send in my tax-stuff through the internet.
Unfortunately the program is for ms-windose. That is running on an old
spare machine which connects to the internet through my linux machine. I
have an iptables firewall running. Regular http-calls and so on run
through the firewall
Where can I input
"iptables -t nat -A PREROUTING -j
keep_state"
is it just typing in the command prompt? What if
i'm going to restart the server, do I need to retype that?
Help
rules in rc.firewall-2.4
$IPTABLES -P INPUT ACCEPT
$IPTABLES -F INPUT
$IPTABLES -P OUTPUT ACCEPT
$IPTABLES -F OUTPUT
$IPTABLES -P FORWARD DROP
$IPTABLES -F FORWARD
$IPTABLES -t nat -F
echo " FWD: Allow all connections OUT and only existing and related ones IN"
$IPTABLES
ITHIN the kernel, but at that time,
it wasn't included in the stable kernels yet.
maybe you can check with the kernel mailing lists,
or google for it.
- Original Message -
From: "rikona" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, July 08, 2003
Hello,
I've been snooping around and found that iptables can reference the
command that is requesting access, but only if this capability was
available when the kernel was compiled.
Is there a way to determine if the 9.1 kernel was compiled with this
capability?
--
Thanks,
rikona
o:[EMAIL PROTECTED] Behalf Of Todd Slater
>> Sent: Monday, March 03, 2003 8:40 AM
>> To: Mandrake Newbie
>> Subject: [newbie] IPTABLES manually
>>
>>
>> I drop Nimda and Code Red infected computers with iptables, but if I
>> have to reboot, or if I use a g
I drop Nimda and Code Red infected computers with iptables, but if I
have to reboot, or if I use a gui like Firestarter, it starts fresh and
I lose those IPs from my rules.
If you have built a firewall manually with iptables, how do you get it
back when you reboot? I figure a script would do but I
>> Firewalling/packet filtering/NAT is compiled into the Linux Kernel, it
>> is not a service. You don't start it, you just configure it for
>> operation. The iptables package that you installed is only a user-space
>> configuration utility - again not a service. I would not worry if
>> iptable
>> shorewall has taken a bashing on this list,
>> with many suggesting alternatives,
>> eg gshield, guarddog, firestarter, etc.
>>
>> i just wanna relate my own good experience.
>>
>> i was trying to configure my mdk 9.0 box to share
>> my internet connection with a small home network
>> consisting
y well written
Derek Jennings posts in Nov 2002.
- Original Message -
From: Robert Wideman
To: [EMAIL PROTECTED]
Sent: Sunday, March 02, 2003 17:59
Subject: RE: [newbie] IPTABLES rules for Direct Connect ?
Actually Stephen is correct. Of all the iptables GUI or configurator
applications Sho
. Dont use Shorewallnot linux just
shorewall.
Rob
-Original Message-From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On
Behalf Of Bela MarkusSent: Sunday, March 02, 2003 2:57
AMTo: [EMAIL PROTECTED]Subject: [newbie]
IPTABLES rules for Direct Connect ?Hi Stephen,y
Hi Stephen,
you advice is not very constructive. Sounds like: dont use LINUX, do not
use LINUX, etc.
Doesn't matter is it SHOREWALL or else, the key is the IPTABLES, oll others
just cosmetics. Now I see, original subject was misleading. The right would
be " IPTABLES rules for Direct Connect".
August 14, 2002 10:29 PM
Subject: [newbie] iptables help
> I have never used iptables that I'm aware of, and was reading about it
> today. I'm trying to add some IPs to a rule that will block nimda/code red
> infected computers. But, when I try to write the rule, I get the followi
Subject: [newbie] iptables help
I have never used iptables that I'm aware of, and was reading about it
today. I'm trying to add some IPs to a rule that will block nimda/code red
infected computers. But, when I try to write the rule, I get the following
error:
/lib/modules/2.4.18-6mdk/kerne
> Go to linuxconf/networking and look at resolution.. It should be
>
> hosts, dns
>
> If it isn't, then you will have problems
linuxconf | networking | Misc | hostname search path
shows hosts, dns
> what does
> [cat /etc/sysconfig/network | grep HOSTNAME say
> does it say hanan.homelan.com ?
On Saturday 30 March 2002 02:07 pm, Hanan Shargi wrote:
> > I added all the ### entries
>
> I'm very very thankful, you cant imagine how this problem was getting on my
> nervs !!
>
> > Be careful of the hosts file in windows.
> > 192.168.0.1 hanan.localnet.tld hanan
> > The '1' in 192 must be a
On Saturday 30 March 2002 02:07 pm, Hanan Shargi wrote:
> > Try setting IP_MASQ_NETWORK to "" first
> > If that doesn't work then try disable connection sharing
> > It may be that they are mutually exclusive.
>
> I did that and the messag disapeared, now it tells me this :
>
> [root@hanan hanan]
Hanan Shargi wrote:
>Ohh I forgot ,
>
>
>when I ran InteractiveBastille from as root, this is what I got:
>
>[root@hanan hanan]# InteractiveBastille
>Using Tk user interface module.
>Only displaying questions relevant to the current configuration.
>Can't locate Bastille_Tk.pm in @INC (@INC contai
> I added all the ### entries
I'm very very thankful, you cant imagine how this problem was getting on my
nervs !!
> Be careful of the hosts file in windows.
> 192.168.0.1 hanan.localnet.tld hanan
> The '1' in 192 must be at the absolute begining of the line
> no spaces, no tabs
I checked t
Hanan Shargi wrote:
>I just did that..added:
>
>TRUSTED_IFACES="lo eth2"
>
>noting changed.
>
>and yes I restarted the network on both machines.
>
>But thanks, I lost hope that someone would ever reply to my question :)
>
>Any other suggestions ?
>
>-
>Hanan AL-Shargi
>
>
>
>-
On Saturday 30 March 2002 01:07 pm, Hanan Shargi wrote:
> Ohh I forgot ,
>
>
> when I ran InteractiveBastille from as root, this is what I got:
>
> [root@hanan hanan]# InteractiveBastille
> Using Tk user interface module.
> Only displaying questions relevant to the current configuration.
> Can't l
On Saturday 30 March 2002 01:04 pm, Hanan Shargi wrote:
> Hello again,
>
> There seemed to be a missing post somewhere ..as I found some suggestions
> in Gerald's reply whcih I never seen before !?@
I added all the ### entries
>
> Anyway, I tried configuring the bastille-firewall.cfg with the no
Ohh I forgot ,
when I ran InteractiveBastille from as root, this is what I got:
[root@hanan hanan]# InteractiveBastille
Using Tk user interface module.
Only displaying questions relevant to the current configuration.
Can't locate Bastille_Tk.pm in @INC (@INC contains: /usr/lib
/usr/lib/perl5/5
Hello again,
There seemed to be a missing post somewhere ..as I found some suggestions in
Gerald's reply whcih I never seen before !?@
Anyway, I tried configuring the bastille-firewall.cfg with the notes in this
post, and I finally was able to ping the linux box from the w2k machine
:
have you tried to run the command InteractiveBastille from a Terminal as root?
--
Gerald Waugh : Registered Linux user # 255245
http://www.frontstreetnetworks.com
New Haven, CT, United States of America
12:09pm up 8 days, 20:34, 2 users, load average: 0.98, 1.01, 1.00
Want to buy your Pack o
On Saturday 30 March 2002 01:24 am, Brian Parish wrote:
> Hanan,
>
> I think you should have the NIC whose address is 192.168.0.1 listed in
> your trusted interfaces in
>
> /etc/Bastille/bastille-firewall.cfg
>
> HTH
> Brian
>
> On Fri, 2002-03-29 at 02:24, Hanan Shargi wrote:
> > Hi every one,
>
I just did that..added:
TRUSTED_IFACES="lo eth2"
noting changed.
and yes I restarted the network on both machines.
But thanks, I lost hope that someone would ever reply to my question :)
Any other suggestions ?
-
Hanan AL-Shargi
Want to buy your Pack or Services from
Hanan,
I think you should have the NIC whose address is 192.168.0.1 listed in
your trusted interfaces in
/etc/Bastille/bastille-firewall.cfg
HTH
Brian
On Fri, 2002-03-29 at 02:24, Hanan Shargi wrote:
> Hi every one,
>
> I spent the past 2 days ( almost ) read
Hi every one,
I spent the past 2 days ( almost ) reading about how to set ip masquerading ,
iptables, ipchains, setting NFS etc. just to be able to put my hands on
the problem why cant my w2k machine ping the linux machine ( both on a lan
where linux machine has 2 eth cards, one IP for ext
Based on rusty russels document I worked out the following rules.
Could someone tell me if they look safe ?
Topology :
internet
FW - intranet (192.168.1.xxx)
(eth0) (eth1)gtw : 192.168.1.1
Aim :
1°. Any outb
I'm a bit confused with the iptables installation in the MDK 8.1...
There is in the /etc/sysconfig/ a rather cryptic iptables file called in the
start up process.
When trying to by-pass the call to the file for a self made file the call to
iptabes commands.
The commands give error codes requesti
On Monday 01 October 2001 06:53, Admin wrote:
> Hello:
>
> Toda my linux box would act as the internet gateway to the lan. In the
> process, I found out mandrake also installed iptables. I now understand a
> firewall must be installed for masquerading, don't know why, but it has to.
> Now, I hav
Hello:
Toda my linux box would act as the internet gateway to the lan. In the
process, I found out mandrake also installed iptables. I now understand a
firewall must be installed for masquerading, don't know why, but it has to.
Now, I have been trying to figure out how to use iptables and I
On Tue, 19 Jun 2001, Jeffrey M. Reed wrote:
> On Tuesday 19 June 2001 21:10, Ross Slade wrote:
> >
> > Is there an iptables (newbie) mail list? If not I'll
> > start bugging you guys... 8-)
>
> real men use ipchains.
>
> LOL
>
I'd rather do that, everything worked fine on 7.2 with ipchains. Ip
On Tuesday 19 June 2001 21:10, Ross Slade wrote:
> It appears all my masquerading problems revolve around
> the Bastille firewall. I have some things working now but
> many issues remain...
>
> Is there an iptables (newbie) mail list? If not I'll
> start bugging you guys... 8-)
>
> -Ross
real m
Right now I have my
internet connection up and running (adsl using rp-pppoe 3).
I would like to set
up a simple internal firewall for my laptop.
I've used Bastille
before (1.2) but always come up against the same problem. (BTW I do need
to install iptables before installing Bastille, correc
How do I set up iptables on LM8.0?
I want to allow my main box to share an internet connection with a second
machine. I thought ipmasquerading was the way to go.
I was following these instructions:
modprobe ip_tables
iptables -F
iptables -t nat -F
iptables -t nat -A POSTROUTING -s 192.168.1.11
39 matches
Mail list logo