[Cooker-firewall] question concerning http-naat authentication
hello florin, i've got a question concerning the authentication mechanism for http-naat that maybe you could answer for me. when i try to log in with the admin account and the password that i created via /usr/share/naat/scripts/change-password.pl i get a message back that says "No session found: Cookies not found". it knows that it's a valid account because when i give incorrect login info it comes back and tells me "Wrong Login/Password". now some information that may be able to help you point me in the right direction: it's the 8.2-10mdk version of snf installed over a base install of mandrake 8.2. i also have installed an application that i want to run alongside snf and it has an ssl login screen as well, only it answers on port 443 instead of 8443. i realize that it's something in this other application that's causing the issue because when i install it with only mandrake installed it runs fine. what i'm wanting to know are what i should look for that would cause the error mentioned previously or possibly some information on how the authentication mechanism works so that i can troubleshoot further myself. thanks in advance, -Z
Re: [Cooker-firewall] Re: SNF 8.2 with Pentium II
i'm currently running my snf 8.2 (8.2-7) on a dell dimension xps 133c (specs here http://docs.us.dell.com/docs/dta/XPSPCMT/0001.htm , it's a p54c pentium chip) with 64 megs of ram and it runs fine. the only problems i've had for it is that it still has a problem with the caching nameserver not actually starting and it also doesn't appear to add the package needed for adsl (pppoe) to work. after i added it myself she runs like a charm. -Z
Re: [Cooker-firewall] Cookfire homepage
Actually I got the 3 isos of Drake 8.2 beta 4 and the snf packages as well as the naat packages (httpd-naat, naat-backend, etc) are not on the cd's. You have to do a minimal cooker install, then download the packages needed for snf and install them separately. -Z - Original Message - From: "Florin" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Tuesday, March 12, 2002 8:21 AM Subject: Re: [Cooker-firewall] Cookfire homepage > "Alex Bennee" <[EMAIL PROTECTED]> writes: > > > > ... and welcome to this mailing list :o) > > > > > > but let's get back to those sheep ... > > > > > > - cookfire is the iso (branch) of the old snf firewall based on 7.2. - > > > the new firewall is not an iso anymore but a bunch rpm packages within > > > cooker, the snf- packages to be more accurate. > > > > So if I want to re-build my Mandrake Firewall router should I do a minimal > > install of Cooker and then add the snf- packages? > > you've got it > > > Are there any iso's of the beta firewall available? > > no and there are no plans for that :o) (we say: no more forked isos) > The firewall isos are the cooker ones. > > > > > And finally are you intending to support the speedtouch "frog" with the > > latest version of the firewall (whenever that may be). > > yes, it's on our TODO list ... > > cheers, > -- > Florin http://www.mandrakesoft.com >
Re: [Cooker-firewall] Feedback on the latest SNF
> By the way, it appears as if the /var/lib/naat.configuration.reset script > has some issues. Some of the variable definitions are without quotes and > that's causing the script to fail. I did it again! That should be the /var/lib/naat/configuration.reset, that's the one that's broken. It doesn't like the variable definitions with spaces, quotes will do the trick. -Z
Re: [Cooker-firewall] Feedback on the latest SNF
> > 9. Under the main Tools section there's a sentence: > > "This section provide tools to do maintenace tasks" would be better phrased "This section provides tools for maintenace tasks. > > you mean maintanance not maintenace, right ? Ooops! Yes, I meant "maintenance". I suppose if I'm commenting on such things I should get my own spelling correct. ;) By the way, it appears as if the /var/lib/naat.configuration.reset script has some issues. Some of the variable definitions are without quotes and that's causing the script to fail. -Z
[Cooker-firewall] Feedback on the latest SNF
timeout may not be a bad idea. 12. If you select to turn on the caching nameserver, it does create a named.conf file correctly but there is no port 53 listener to pick up requests directed at the firewall. It appears that bind is not listed as a snf dependency, although it probably should be so that if anyone chooses to run this caching nameserver option it will function the way it appears it should instead of having to install bind and then rely on snf to configure it. That's pretty much it. Aside from that it all looks great. Cheers all! -Z
Re: [Cooker-firewall] Official Mirror List
i just did a new install today of snf-en-8.2-3mdk.noarch.rpm and the official mirror list is populated. it doesn't appear to be broken. -Z - Original Message - From: "David Relson" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, February 26, 2002 4:34 PM Subject: Re: [Cooker-firewall] Official Mirror List > At 09:06 AM 2/26/02, you wrote: > >David Relson <[EMAIL PROTECTED]> writes: > > > > > At 07:32 AM 2/25/02, you wrote: > > > >David Relson <[EMAIL PROTECTED]> writes: > > > > > > > > > > On top of a Mandrake 8.1 installation, I installed > > > > > snf-en-8.1-2mdk.noarch.rpm and the rpms on which it depends. > > > > > > > >you should try the latest packages from cooker: > > > >snf-en-8.2-3mdk.noarch.rpm > > > > > > Florin, > > > > > > I've just installed snf-en-8.2-3mdk.noarch.rpm, > > > shorewall-1.2.6-2mdk.noarch.rpm, and fwlogwatch-0.5.2-1mdk.i586.rpm from > > > rpmfind.net. The Official Mirror List is still empty. > > > >well, it worked here two days ago ... I'll check again :) > > Florin, > > What's the underlying mechanism for the list? Is it simply a URL known to > SNF or is it a file containing the list? If I knew what file to look for, > I'd be able to determine if it's missing, empty, corrupt, ... > > David > >
[Cooker-firewall] caching dns
i think that bind needs to be added as a dependency to snf due to the new caching dns feature. if you enable this function it does creat/update the /etc/named.conf file but there is no named deamon listening to field the requests to the firewall. granted, some may not want to run a caching dns server on the firewall so it should default to not start up in rc3.d but for those that do want it, it should probably be there 'natively' after an snf install. any thoughts? -Z
Re: [Cooker-firewall] Typos
perhaps "Desactivate" should be "Deactivate" ... -Z - Original Message - From: "David Relson" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, February 25, 2002 12:57 PM Subject: [Cooker-firewall] Typos > I've noticed several minor typos in snf-en-8.2. Here they are: > > "wich" should be spelled as "which" > ./admin/syslog/index.php: > > "Incomming" should be spelled as "Incoming" > ./admin/g_restrict/index.php > ./admin/inputrules/PublicTrafficFirewallingRules-custom.php > > "Desactivate" should be spelled as "Disactivate" > ./admin/g_restrict/index.php > ./admin/proxy/index.php > ./admin/syslog/index.php > >
Re: [Cooker-firewall] CONFIRM 5aa6320a545a4c2d6455943ea194c696
Oooops! :oÞ - Original Message - From: z To: [EMAIL PROTECTED] Sent: Monday, January 14, 2002 1:41 PM Subject: [Cooker-firewall] CONFIRM 5aa6320a545a4c2d6455943ea194c696 CONFIRM 5aa6320a545a4c2d6455943ea194c696
[Cooker-firewall] CONFIRM 5aa6320a545a4c2d6455943ea194c696
CONFIRM 5aa6320a545a4c2d6455943ea194c696
[Cooker-firewall] bastille fails to start
Alright guys, tell me what Im missing. I just did a base install of cooker, then did a urpmi install of the snf package. I ran the /usr/share/naat/scripts/change-password.pl script to set the admin password and then rebooted. On boot Im getting a failure of bastille-firewall. The exact messages are as follows: ./bastille-firewall: line 60: unexpected EOF while looking for matching ` ./bastille-firewall: line 66: syntax error: unexpected end of file I opened up the S05bastille-firewall script in /etc/rc3.d and it looks fine, actually its identical to the script that starts bastille on my snf thats running on drake 8.1 so Any ideas? Thanks in advance ...