[Leaf-user] 386 support in Dachstein ?
Hey folks, I have been using one of the Eigerstein packages for at least 6 months now and everytime something isn't working, it IS NOT my 486 sx linux router. Simply amazingly great work by Charles and friends. I was wondering if there is a Dachstein version of the 2.2.19 kernel that has the 386-noFPU support? Thanks for you time. Karl
Re: [Leaf-user] E2B DMZ_SWITCH=PRIVATE
Charles Steinkuehler wrote: > > The DMZ network does NOT need to have any particular relationship to the > internal network. The fact that when you put the DMZ 'inside' your internal > network space, the DMZ is able to access the internet (and isn't able to > otherwise) indicates the outbound masquerade rules are not getting generated > for the DMZ. Hi Charles, thanks very much for your response. Assuming that I had badly misconfigured the box, I have downloaded E2B (EigerStein2BETA.exe) again and started configuration from scratch. After correcting my errors in DMZ_SERVERn entries and placing the DMZ on a network separate from the two internal interfaces, the DMZ configuration block looks like: DMZ_SWITCH=PRIVATE DMZ_IF="eth3" DMZ_NET=172.20.0.0/16 DMZ_OUTBOUND_ALL=YES DMZ_SERVER0="tcp ${EXTERN_IP} www 172.20.0.1 www" DMZ_SERVER1="udp ${EXTERN_IP} www 172.20.0.1 www" > The best place to check is the forward rules.There is normally > a single masquerade rule hooking your internal network to the > internet. With a private DMZ, you also have a rule masquerading > the DMZ network to the internet, the internal network to the > DMZ network, and several individual masquerade rules for the > port-forwarded services of the DMZ, allowing them > to be accessed via the public IP from the internal network. After rebooting the firewall and calling 'svi network ipfilter list', the forward chain looks like: Chain forward (policy DENY: 0 packets, 0 bytes): pkts bytes target prot opttosa tosx ifname mark outsize sourcedestination ports 0 0 DENY icmp l- 0xFF 0x00 * 0.0.0.0/00.0.0.0/0 5 -> * 1480 206K MASQ all -- 0xFF 0x00 eth0 192.168.0.0/16 0.0.0.0/0 n/a 0 0 DENY all -- 0xFF 0x00 * 0.0.0.0/00.0.0.0/0 n/a Chain output (policy DENY: 0 packets, 0 bytes): -- >From your description, something is clearly misconfigured as none of the rules supporting the private DMZ are evident. The behaviour is as before (no connection into DMZ from anywhere, no outgoing connections from DMZ):-( I looked carefully through ipfilter.conf and can find no mention of a setting of DMZ_SWITCH=PRIVATE to generate these rules. [matt@puff matt]$ grep -i DMZ_SWITCH ipfilter.conf if [ "$DMZ_SWITCH" = "YES" -o "$DMZ_SWITCH" = "Yes" \ -o "$DMZ_SWITCH" = "yes" ]; then if [ "$DMZ_SWITCH" = "YES" -o "$DMZ_SWITCH" = "Yes" \ -o "$DMZ_SWITCH" = "yes" ]; then if [ "$DMZ_SWITCH" = "YES" -o "$DMZ_SWITCH" = "Yes" \ -o "$DMZ_SWITCH" = "yes" ]; then if [ "$DMZ_SWITCH" = "YES" -o "$DMZ_SWITCH" = "Yes" \ -o "$DMZ_SWITCH" = "yes" ]; then [matt@puff matt]$ grep -i private ipfilter.conf [matt@puff matt]$ Maybe this is my problem? Looking in the 'Introduction for Configuring network.conf' Version 1.0 dated April 7, 2000, it suggests setting DMZ_SWITCH=PRIVATE. Have I got the wrong end of the stick here? Or maybe the wrong distribution? I looked at an earlier diskimage (EigerStein_1_img_EigerStein.exe) and the ipfilter.conf looks the same. I didn't try Dachstein rc2 floppy as I'm hoping to stay with Eigerstein for now to use Jacques existing packages for axfrdns etc. If you have any advice for something to try (or more/better info I can provide) I'd really appreciate it. Thanks, matt :-) > > If switching the DMZ on and off does not cause dramatic changes to the > forward rule chain, something basic is wrong. > > >>- and finally (and sorry for the newbie question) when accessing >>services in the DMZ from the local network(s), should the actual IP >>address of the server on the DMZ network or the external IP address of >>the LRP box be used? >> > > When everything is setup correctly, you should be able to access the > services using the public IP. > > Charles Steinkuehler > http://lrp.steinkuehler.net > http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) > > > > ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Migrating Dachstein 1.0.2-CD to harddrive?
Hi, I would like to run Dachstein on a harddrive or flashcard. With the old Eigerstein2B it wasn't too hard to do. Are there a lot of fundamental changes required to get the Dachstein image to boot off a harddrive? Thanks, Stephen ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] FTP port forwarding does not work. HELP !
On Wed, 5 Dec 2001, Maxim Heijndijk wrote: > * Stardate: 2001-12-04 10:37 > * Incoming subspace signal from "Jeff Newmiller <[EMAIL PROTECTED]>" : > > > On Tue, 4 Dec 2001, Maxim Heijndijk wrote: > > > I have a dachstein-rc2 firewall PPTP-ADSL setup. I cannot get port forwarding to >work. > > > My interfaces are: eth0 (10.0.0.100) which is connected to an ADSL > > > modem at 10.0.0.138. [...] > > > When I switch on SNMP_BLOCK=YES the connection > > > is refused. > > > Hm. SNMP should have nothing at all to do with it. > > Still it makes a difference whether I turn it on or not. Someone else will have to comment on that... it sounds like an odd cross-sensitivity to me. > > > The ip_masq_ftp and ip_masq_portfw are loaded at boot > > > together with all interfaces, but the ppp0 interface is started later > > > on. > > > The good news is that I think the Dachstein kernel's version of > > ip_masq_ftp has support for the "in_ports" option, which I believe assists > > in setting up passive servers (try "in_ports=21"). I haven't tried it yet > > myself. > > in_ports=21 at kernel boot you mean ? Or in /etc/modules ? /etc/modules. Kernel boot is only for drivers that are compiled-in. Look something like: ip_masq_ftp in_ports=21 --- Jeff NewmillerThe . . Go Live... DCN:<[EMAIL PROTECTED]>Basics: ##.#. ##.#. Live Go... Live: OO#.. Dead: OO#.. Playing Research Engineer (Solar/BatteriesO.O#. #.O#. with /Software/Embedded Controllers) .OO#. .OO#. rocks...2k --- ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] RE: SNMP from Wireless Hub
I can't take credit for the port 53 stuff. I was able to get that info when the archives actually worked. We really need to get them up again ( at least as of last weekend they weren't working very well). Paul > -Original Message> Oh and BTW, thanks to Paul Rimmer for his suggestion about the port 53 > stuff. ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] SNMP from Wireless Hub
Thanks, Charles, I'll give it a whirl... Richard ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] FTP port forwarding does not work. HELP !oneeyedt rousersnake
* Stardate: 2001-12-05 00:33 * Incoming subspace signal from ""Reginald R. Richardson" <[EMAIL PROTECTED]>" : > Shit, did u get Dachstein to work on ADSL via KPN's Stupid VPN system, I > tried to get it to work MONTHS ago, but never did, so I was using > Smoothwall, and adsl4linux, unitil I had to HACK my router to get it work, > with smoothwall, with out the PPTP patch.. > Please do explain to me how u got it working, via KPN's vpn...then I can use > DACHSTEIN on my ADSL connection also > thnks First, you need pppd.lrp, pptp.lrp, ifconfig.lrp. Customize pppd.lrp: My /etc/ppp/options looks like this: lock noipdefault noauth defaultroute #debug #kdebug 1 #usepeerdns persist /etc/ppp/peers (mode 600) # Secrets for authentication using PAP # client server secret IP addresses '[EMAIL PROTECTED]' * 'yourpassword' * Customize pptp.lrp: My /etc/pptp.conf: PPTP_HOST="10.0.0.138" NAME="[EMAIL PROTECTED]" #DEBUG="debug" #REMOTE_NAME="ntdialup" #LOCAL_IP="192.168.0.234" #REMOTE_IP="192.168.0.235" # When stopping do not stop ppp on these devices TTY="ttyS0 ttyS1" Enable ppp support in the kernel as module. My /etc/modules: # NIC's pcnet32 8390 ne2k-pci # PPP slhc ppp # MASQUERADING ip_masq_portfw ip_masq_ftp My kernel networking configuration: # # Networking options # CONFIG_PACKET=y CONFIG_NETLINK=y CONFIG_RTNETLINK=y CONFIG_NETLINK_DEV=y CONFIG_FIREWALL=y CONFIG_FILTER=y CONFIG_UNIX=y CONFIG_INET=y CONFIG_IP_MULTICAST=y CONFIG_IP_ADVANCED_ROUTER=y CONFIG_RTNETLINK=y CONFIG_NETLINK=y CONFIG_IP_MULTIPLE_TABLES=y CONFIG_IP_ROUTE_MULTIPATH=y CONFIG_IP_ROUTE_TOS=y CONFIG_IP_ROUTE_VERBOSE=y CONFIG_IP_ROUTE_LARGE_TABLES=y CONFIG_IP_ROUTE_NAT=y # CONFIG_IP_PNP is not set CONFIG_IP_FIREWALL=y CONFIG_IP_FIREWALL_NETLINK=y CONFIG_NETLINK_DEV=y CONFIG_IP_ROUTE_FWMARK=y CONFIG_IP_TRANSPARENT_PROXY=y CONFIG_IP_MASQUERADE=y CONFIG_IP_MASQUERADE_ICMP=y CONFIG_IP_MASQUERADE_MOD=y CONFIG_IP_MASQUERADE_IPAUTOFW=m CONFIG_IP_MASQUERADE_IPPORTFW=m CONFIG_IP_MASQUERADE_MFW=m CONFIG_IP_MASQUERADE_PPTP=m # CONFIG_IP_MASQ_DEBUG_PPTP is not set CONFIG_IP_MASQUERADE_IPSEC=m CONFIG_IP_MASQUERADE_IPSEC_EXPIRE=30 # CONFIG_IP_MASQUERADE_IPSEC_PAROK is not set # CONFIG_IP_MASQ_DEBUG_IPSEC is not set # CONFIG_IP_MASQUERADE_GENERIC is not set CONFIG_IP_ROUTER=y CONFIG_NET_IPIP=m CONFIG_NET_IPGRE=m # CONFIG_NET_IPGRE_BROADCAST is not set CONFIG_IP_MROUTE=y CONFIG_IP_PIMSM_V1=y # CONFIG_IP_PIMSM_V2 is not set CONFIG_IP_ALIAS=y # CONFIG_ARPD is not set CONFIG_SYN_COOKIES=y CONFIG_INET_RARP=m # CONFIG_SKB_LARGE is not set CONFIG_IPV6=m CONFIG_IPV6_EUI64=y CONFIG_IPV6_NO_PB=y CONFIG_IPX=m CONFIG_IPX_INTERN=y CONFIG_SPX=m CONFIG_ATALK=m CONFIG_X25=m CONFIG_LAPB=m CONFIG_BRIDGE=y CONFIG_BRIDGE_NUM_PORTS=8 # CONFIG_NET_DIVERT is not set # CONFIG_LLC is not set # CONFIG_ECONET is not set CONFIG_WAN_ROUTER=m # CONFIG_NET_FASTROUTE is not set # CONFIG_NET_HW_FLOWCONTROL is not set # CONFIG_CPU_IS_SLOW is not set # # QoS and/or fair queueing # CONFIG_NET_SCHED=y CONFIG_NETLINK=y CONFIG_RTNETLINK=y CONFIG_NET_SCH_CBQ=m CONFIG_NET_SCH_CSZ=m CONFIG_NET_SCH_PRIO=m CONFIG_NET_SCH_RED=m CONFIG_NET_SCH_SFQ=m CONFIG_NET_SCH_TEQL=m CONFIG_NET_SCH_TBF=m CONFIG_NET_QOS=y CONFIG_NET_ESTIMATOR=y CONFIG_NET_CLS=y CONFIG_NET_CLS_ROUTE4=m CONFIG_NET_CLS_ROUTE=y CONFIG_NET_CLS_FW=m CONFIG_NET_CLS_U32=m CONFIG_NET_CLS_RSVP=m CONFIG_NET_CLS_RSVP6=m CONFIG_NET_CLS_POLICE=y You have seen my network.conf The important thing here is to specify EXTERN_IF="ppp0" and not eth0. My syslinux.cfg: display syslinux.dpy timeout 0 default linux append=load_ramdisk=1 console=tty0 console=ttyS0,115200n8 initrd=root.lrp initrd_archive=minix ramdisk_size=6144 root=/dev/ram0 boot=/dev/fd0u1680,msdos PKGPATH=/dev/fd0u1680 LRP=etc,ifconfig,local,modules,pppd,pptp,ramlog,weblet Hope this works for you too. It's really very simple, but it took me weeks to find out :(. Some better documentation about LRP would make things easier. -- Best regards, M@X. * Climate Control Psychedelic Soundscapes - http://go.to/cchq/ * Linux Shell Scripts & RPM Software Packages - http://go.to/conmen/ ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Re: SSH with Secure iXplorer - no remote tree displayed
Charles Steinkuehler wrote: >>. how do I backup root's .profile as backing > > up neither root nor etc does it? > > It should be backed up as part of the root package. > Ah, yes, and it also helps to now list root in lrpkg.cfg on the floppy so that Dachstein knows to load root.lrp from there instead of CD now. :-) Thanks. _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] FTP port forwarding does not work. HELP !
* Stardate: 2001-12-04 10:37 * Incoming subspace signal from "Jeff Newmiller <[EMAIL PROTECTED]>" : > On Tue, 4 Dec 2001, Maxim Heijndijk wrote: > > I have a dachstein-rc2 firewall PPTP-ADSL setup. I cannot get port forwarding to >work. > > My interfaces are: eth0 (10.0.0.100) which is connected to an ADSL > > modem at 10.0.0.138. > Okay... as long as the ip addresses used by pptp are public you are > okay... > > The external if > ah, internal? Internal. > > is eth1 at 192.168.1.1 ,with a > > built in hub which connects to the internal network 192.168.1.2, > > 192.168.1.3, 192.168.1.4. The pptp connection creates a ppp0 interface > > at a semi-dynamic IP adress (when I switch off the modem, the > > ip-adress could be changed. I hardly ever switch off the modem.) The > > FTP server is at 192.168.1.4. I can connect to it locally, but when I > > try to connect to it via the ppp0 interface the connection is started > > but it hangs forever. > You need to read ftp://ftp.echogent.com/docs/FTP_and_Firewalls.pdf. I will. > This is NOT an easy thing to do ... particularly when the ip changes > around. It often involves coordinated configuration of the ftp server and > the firewall to get a constrained set of ports forwarded to your internal > server. > > When I switch on SNMP_BLOCK=YES the connection > > is refused. > Hm. SNMP should have nothing at all to do with it. Still it makes a difference whether I turn it on or not. > > The ip_masq_ftp and ip_masq_portfw are loaded at boot > > together with all interfaces, but the ppp0 interface is started later > > on. > The good news is that I think the Dachstein kernel's version of > ip_masq_ftp has support for the "in_ports" option, which I believe assists > in setting up passive servers (try "in_ports=21"). I haven't tried it yet > myself. in_ports=21 at kernel boot you mean ? Or in /etc/modules ? -- Best regards, M@X. * Climate Control Psychedelic Soundscapes - http://go.to/cchq/ * Linux Shell Scripts & RPM Software Packages - http://go.to/conmen/ ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] FTP port forwarding does not work. HELP !
* Stardate: 2001-12-04 18:59 * Incoming subspace signal from ""Reginald R. Richardson" <[EMAIL PROTECTED]>" : > Are u by chance using the PPPOE.LRP... No pppd.lrp and pptp.lrp. I have an MxStream connection which uses pptp. > I realize that u're using wanadoo.nl, coincidently I have the same provide, > and for no good reason I can get the Port Forwarding to work, I tried it for > POP3 and SMTP, but I ain't lucky as yet, I was starting to think that > wanadoo, didn't allow incoming SMTP e-mail, like Planet, for my ADSL > connection via PLANENT, I have the portforwarding working on Smooth Wall, to > my Exchange Server without any problems, only that my DYNDNS has to send the > mail to a backup mail exchange at Planet, but I like this idea, incase my > connection is down, I know that my mail won't be bounce back to the sender.. > But if u figure out how to get the portforwarding working on wanadoo.nl > please let me know.. > After testing for some 2 weeks, I gived up.. I've been working 1 week 12hrs a day on this, and I'm tired of it. It seems port forwarding is never gonna work, see the replies of others. But if I do find a solution I will post it. -- Best regards, M@X. * Climate Control Psychedelic Soundscapes - http://go.to/cchq/ * Linux Shell Scripts & RPM Software Packages - http://go.to/conmen/ ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Could not find kernel image: support.
"Dr. Richard W. Tibbs" wrote: > I built a 1.680 MB boot floppy based on the latest oxygen release, and > I tried it out on a humble Packard-Bell Pentium-1 with 16MB ram. That will be rather tight for Oxygen... > Syslinux 1.62 comes up and presents several options, but then I get the > subject line message: > Could not find kernel image: support > and > Could not find kernel image: ge > repeated forever. That's not anything I've ever heard of before... is this right after syslinux comes up (with a options screen) or is it after you press enter? ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Getting Eiger Firewall Working
Are you really using Eiger? It's pretty old -- EigerStein, Oxygen, and now DachStein are the more current LEAF versions -- and that may be causing your problems. The Tulip chipset is something of a moving target, and newer "Tulip" NICs need newer versions of the tulip module. You *may* be running into that problem; newer revs (in VERY small print on the NIC somewhere) of the LNE100TX require a newer tulip.o driver. (This was a big problem about 18 months ago, back when Eiger was current.) You might check Charles' site (lrp.steinkuehler.net) and see if he still has an update for the Eiger-vintage-kernel Tulip module available. Better would be to move all the way to a current LEAF version. At 03:03 PM 12/4/01 -0700, Vince S wrote: >When I boot after saving my changes ( uncommenting the tulip driver) I get a message saying eth0 does not exist. I know the card and the slot are working. > >I am using a PII mmx 233 MHz processor 32 Meg SDRAM on a generic motherboard. Both NICs are Linksys LNE 100 tx. > >>From the instructions in the documentation it would appear that I only need to uncomment the tulip driver. Am I overlooking something in the code that I need to uncomment? [html duplicate deleted] -- "Never tell me the odds!"--- Ray Olszewski-- Han Solo Palo Alto, CA[EMAIL PROTECTED] ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Getting Eiger Firewall Working
When I boot after saving my changes ( uncommenting the tulip driver) I get a message saying eth0 does not exist. I know the card and the slot are working. I am using a PII mmx 233 MHz processor 32 Meg SDRAM on a generic motherboard. Both NICs are Linksys LNE 100 tx. From the instructions in the documentation it would appear that I only need to uncomment the tulip driver. Am I overlooking something in the code that I need to uncomment? Your help would be appreciated. Thank you. vince
Re: [Leaf-user] Dachstein-CD & Sangoma wanpipe
Michael, List, I got hold of the new version Sangoma prepared on their ftp site, since I also need it for a customer which will be Dachstein based (keep up the good work, Charles!), and tested it out as far as I could (having no leased line available...). The router/firewall I'm setting up will have 10 ethernet and 4 WAN ports. And there will be actually two of these in a fail-over configuration. Promises to be quite interesting ;-) With this version, everything seems to work well, devices show up in the "wanconfig config" and "wanconfig status" commands, as well as in the /proc/net/wanrouter path. I will know end of next week, when I install the boxes, if it really works, but now I'm rather confident it will. I will keep you posted on the results. And if needed, I can also provide the wanpipe.lrp package for Charles to include in the Dachstein series. Robert Michael D. Schleif wrote: >There have been several people on this List who have mentioned problems >with Sangoma's wanpipe since upgrading to Dachstein. > >We have worked closely with Sangoma and have a solution, which we will >be releasing early next week -- after a long weekend of testing. > >Suffice it to say, existing wanpipe.lrp, sdladrv.o, syncppp.o, wanpipe.o >and wanrouter.o files *cannot* work with kernel 2.2.19x. > >Everything appears to be OK at two of our sites. Sangoma has agreed to >host the package that we are putting together. We also hope to get user >input from others on this List. So, if you are interested, please, send >me an Email . . . > ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Could not find kernel image: support.
.. and Could not find kernel image: ge Hi. I built a 1.680 MB boot floppy based on the latest oxygen release, and I tried it out on a humble Packard-Bell Pentium-1 with 16MB ram. Systlinux 1.62 comes up and presents several options, but then I get the subject line message: Could not find kernel image: support and Could not find kernel image: ge repeated forever. A tomsrootboot disk comes up fine, (and there is win95 on the hard drive) so I know the machine is basically ok. What could be wrong here? Thanks in advance ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Alternate loging
Sergio Morilla wrote: > The obvious question is... > > Where can I get syslog-ng.lrp and some info about it?? I don't think I was successful at making a package it also requires a library called libol. I've been running syslog-ng on several full distributions here for some time. I'm not sure if it can be compiled with glibc 2.0.7 or not; this step is necessary if you are using any production LEAF system. Oxygen development versions are already using glibc 2.1.3, and there is at least one Dachstein CDROM which has been converted to glibc 2.1.3. One thing I've done is installed programs on a full distribution, taking care with library versions, then used the precompiled binaries to create the package from. You can do this by getting a Red Hat 5.2 RPM and loading it on any production RPM-based system, for example. Otherwise, if you've 5.2 in the back room, just take the tar.gz file and compile it and install it - the put the binaries into a package... ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Alternate loging
Logging is kind of all or nothing with the standard ipchains functionality, and all the log messages go to the same place. You can either process the logs periodically, or you stop logging the packets with ipchains and use an alternate facility to watch for (and log) nimbda traffic (like snort). Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) - Original Message - From: "Sergio Morilla" <[EMAIL PROTECTED]> To: "Leaf-user@lists. sourceforge. net (E-mail)" <[EMAIL PROTECTED]> Sent: Tuesday, December 04, 2001 12:05 PM Subject: [Leaf-user] Alternate loging Hi, My ISP has some sites that have different versions of nimda on their servers. I am constantly being scaned on port 80. I know there should be a way to log this on an alternate log file. A fragment of syslog.conf looks *.=info;*.=notice;*.=warn;\ auth,authpriv.none;\ cron,daemon.none;\ mail,news.none -/var/log/messages ipchains uses facility "kernel" and level "info" So I was hoping to set a rule kernel.info -/var/log/nimda but this matches "all" ipchains messages!!! Is there any way I can select only messages that have are sent to 255.255.255.255:80 and have the SYN flag diverted to /var/log/nimda?? Thanks in advance Sergio ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] FTP port forwarding does not work. HELP !
> I have a dachstein-rc2 firewall PPTP-ADSL setup. I cannot get port forwarding to work. > My interfaces are: eth0 (10.0.0.100) which is connected to an ADSL modem at 10.0.0.138. The external if is eth1 at 192.168.1.1 ,with a built in hub which connects to the internal network 192.168.1.2, 192.168.1.3, 192.168.1.4. The pptp connection creates a ppp0 interface at a semi-dynamic IP adress (when I switch off the modem, the ip-adress could be changed. I hardly ever switch off the modem.) The FTP server is at 192.168.1.4. I can connect to it locally, but when I try to connect to it via the ppp0 interface the connection is started but it hangs forever. When I switch on SNMP_BLOCK=YES the connection is refused. The ip_masq_ftp and ip_masq_portfw are loaded at boot together with all interfaces, but the ppp0 interface is started later on. If your public interface is 10.0.0.100, you're sitting in private IP space, and probably can't port-forward anything from the internet without getting your ISP to port-forward packets to your firewall first :( Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] FTP port forwarding does not work. HELP !
On Tue, 4 Dec 2001, Maxim Heijndijk wrote: > I have a dachstein-rc2 firewall PPTP-ADSL setup. I cannot get port forwarding to >work. > My interfaces are: eth0 (10.0.0.100) which is connected to an ADSL > modem at 10.0.0.138. Okay... as long as the ip addresses used by pptp are public you are okay... > The external if ah, internal? > is eth1 at 192.168.1.1 ,with a > built in hub which connects to the internal network 192.168.1.2, > 192.168.1.3, 192.168.1.4. The pptp connection creates a ppp0 interface > at a semi-dynamic IP adress (when I switch off the modem, the > ip-adress could be changed. I hardly ever switch off the modem.) The > FTP server is at 192.168.1.4. I can connect to it locally, but when I > try to connect to it via the ppp0 interface the connection is started > but it hangs forever. You need to read ftp://ftp.echogent.com/docs/FTP_and_Firewalls.pdf. This is NOT an easy thing to do ... particularly when the ip changes around. It often involves coordinated configuration of the ftp server and the firewall to get a constrained set of ports forwarded to your internal server. > When I switch on SNMP_BLOCK=YES the connection > is refused. Hm. SNMP should have nothing at all to do with it. > The ip_masq_ftp and ip_masq_portfw are loaded at boot > together with all interfaces, but the ppp0 interface is started later > on. The good news is that I think the Dachstein kernel's version of ip_masq_ftp has support for the "in_ports" option, which I believe assists in setting up passive servers (try "in_ports=21"). I haven't tried it yet myself. --- Jeff NewmillerThe . . Go Live... DCN:<[EMAIL PROTECTED]>Basics: ##.#. ##.#. Live Go... Live: OO#.. Dead: OO#.. Playing Research Engineer (Solar/BatteriesO.O#. #.O#. with /Software/Embedded Controllers) .OO#. .OO#. rocks...2k --- ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] Alternate loging
The obvious question is... Where can I get syslog-ng.lrp and some info about it?? -Mensaje original- De: David Douthitt [mailto:[EMAIL PROTECTED]] Enviado el: Tuesday, December 04, 2001 15:25 Para: LEAF Users List Asunto: Re: [Leaf-user] Alternate loging Sergio Morilla wrote: > My ISP has some sites that have different versions of nimda on their > servers. > I am constantly being scaned on port 80. I know there should be a way to > log this on an alternate log file. > ipchains uses facility "kernel" and level "info" > So I was hoping to set a rule > > kernel.info -/var/log/nimda > > but this matches "all" ipchains messages!!! > Is there any way I can select only messages that have > are sent to 255.255.255.255:80 and have the SYN flag diverted to > /var/log/nimda?? syslog-ng could do this, but I don't think syslogd can; syslog-ng is bigger but appropriately MUCH more powerful. You can split up logs in almost any way you can think of... ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Re:
> Did you see my post about net-snmp? This package requires libdb.so.2 which > is not part of the libraries on the Dachstein CD. I found the file on the > Debian web site in the libdb++ package. Did you include it in either of > your net-snmp packages? If not, what do you think about making libdb++ an > LRP package? I just grabbed David's libdb package and added it to the CD. Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Alternate loging
Sergio Morilla wrote: > My ISP has some sites that have different versions of nimda on their > servers. > I am constantly being scaned on port 80. I know there should be a way to > log this on an alternate log file. > ipchains uses facility "kernel" and level "info" > So I was hoping to set a rule > > kernel.info -/var/log/nimda > > but this matches "all" ipchains messages!!! > Is there any way I can select only messages that have > are sent to 255.255.255.255:80 and have the SYN flag diverted to > /var/log/nimda?? syslog-ng could do this, but I don't think syslogd can; syslog-ng is bigger but appropriately MUCH more powerful. You can split up logs in almost any way you can think of... ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Alternate loging
Hi, My ISP has some sites that have different versions of nimda on their servers. I am constantly being scaned on port 80. I know there should be a way to log this on an alternate log file. A fragment of syslog.conf looks *.=info;*.=notice;*.=warn;\ auth,authpriv.none;\ cron,daemon.none;\ mail,news.none -/var/log/messages ipchains uses facility "kernel" and level "info" So I was hoping to set a rule kernel.info -/var/log/nimda but this matches "all" ipchains messages!!! Is there any way I can select only messages that have are sent to 255.255.255.255:80 and have the SYN flag diverted to /var/log/nimda?? Thanks in advance Sergio Sergio D. Morilla Sistemas Tipoiti SATIC San Martín 647 Piso 2 Tel. : +54 11 4314-4482 C1004AAM - Buenos Aires Fax : +54 11 4508-6425 Argentina e-mail [EMAIL PROTECTED] ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] FTP port forwarding does not work. HELP !
Are u by chance using the PPPOE.LRP... I realize that u're using wanadoo.nl, coincidently I have the same provide, and for no good reason I can get the Port Forwarding to work, I tried it for POP3 and SMTP, but I ain't lucky as yet, I was starting to think that wanadoo, didn't allow incoming SMTP e-mail, like Planet, for my ADSL connection via PLANENT, I have the portforwarding working on Smooth Wall, to my Exchange Server without any problems, only that my DYNDNS has to send the mail to a backup mail exchange at Planet, but I like this idea, incase my connection is down, I know that my mail won't be bounce back to the sender.. But if u figure out how to get the portforwarding working on wanadoo.nl please let me know.. After testing for some 2 weeks, I gived up.. -Original Message- From: Maxim Heijndijk [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 04, 2001 18:39 To: Leaf-user Mailing List Subject: [Leaf-user] FTP port forwarding does not work. HELP ! I have a dachstein-rc2 firewall PPTP-ADSL setup. I cannot get port forwarding to work. My interfaces are: eth0 (10.0.0.100) which is connected to an ADSL modem at 10.0.0.138. The external if is eth1 at 192.168.1.1 ,with a built in hub which connects to the internal network 192.168.1.2, 192.168.1.3, 192.168.1.4. The pptp connection creates a ppp0 interface at a semi-dynamic IP adress (when I switch off the modem, the ip-adress could be changed. I hardly ever switch off the modem.) The FTP server is at 192.168.1.4. I can connect to it locally, but when I try to connect to it via the ppp0 interface the connection is started but it hangs forever. When I switch on SNMP_BLOCK=YES the connection is refused. The ip_masq_ftp and ip_masq_portfw are loaded at boot together with all interfaces, but the ppp0 interface is started later on. Some of my network.conf settings: ### VERBOSE=YES MAX_LOOP=10 IPFWDING_KERNEL=YES IPALWAYSDEFRAG_KERNEL=YES CONFIG_HOSTNAME=YES CONFIG_HOSTSFILE=YES CONFIG_DNS=YES IF_AUTO="eth0 eth1" IF_LIST="$IF_AUTO" ALLIF_ACCEPT_REDIRECTS=NO DEF_IP_SPOOF=YES DEF_IP_KRNL_LOGMARTIANS=YES BRG_SWITCH=NO BRG_EXEMPT_PROTOS="" eth0_IPADDR=10.0.0.100 eth0_MASKLEN=8 eth0_BROADCAST=10.0.0.255 eth0_IP_SPOOF=YES eth0_IP_KRNL_LOGMARTIANS=YES #GATEWAY is added by pppd #eth0_DEFAULT_GW=0.0.0.0 eth1_IPADDR=192.168.1.1 eth1_MASKLEN=24 eth1_BROADCAST=192.168.1.255 eth1_IP_SPOOF=YES eth1_IP_KRNL_LOGMARTIANS=YES IPFILTER_SWITCH=firewall # I DON'T KNOW WHAT TO DO WITH THIS: SNMP_BLOCK=NO SNMP_MANAGER_IPS="192.168.1.4" MRK_CRIT=1 MRK_IA=2 EXTERN_IF="ppp0" EXTERN_DHCP=YES IF_DHCP=$EXTERN_IF EXTERN_DYNADDR=NO EXTERN_UDP_PORTS="0/0_domain 0/0_bootpc" #If i set EXTERN_DHCP to NO, ipchains complains about host/port not found. EXTERN_TCP_PORTS="0/0_ftp" INTERN_IF="eth1" INTERN_NET="192.168.1.0/24 10.0.0.0/8" INTERN_IP=192.168.1.1 MASQ_SWITCH=YES INTERN_FTP_SERVER=192.168.1.4 HOSTNAME=deflector.positronic.net HOSTS1="# External network (eth0)" HOSTS2="10.0.0.100 defiant.outbound.net defiant" HOSTS3="10.0.0.138 modem.outbound.netmodem" HOSTS4="#" HOSTS5="# Internal network (eth1)" HOSTS6="192.168.1.1 deflector.positronic.net deflector" HOSTS7="192.168.1.2 holodeck.positronic.net holodeck" HOSTS8="192.168.1.3 shuttlebay.positronic.net shuttlebay" HOSTS9="192.168.1.4 warpcore.positronic.net warpcore" HOSTS10="# Local network (lo)" DOMAINS="wanadoo.nl" DNS0=194.134.5.5 DNS1=194.134.0.97 ## This is some output of nmap on ppp0: ### Adding TCP port 80 (state open). Adding TCP port 1023 (state open). For OSScan assuming that port 80 is open and port 1 is closed and neither are firewalled Interesting ports on x.adsl.wanadoo.nl (xx): (The 1539 ports scanned but not shown below are in state: closed) Port State Service 21/tcp filteredftp 80/tcp openhttp 1023/tcp openunknown Remote operating system guess: Linux 2.1.122 - 2.2.16 Uptime 0.040 days (since Tue Dec 4 17:27:12 2001) TCP Sequence Prediction: Class=random positive increments Difficulty=1616821 (Good luck!) IPID Sequence Generation: Incremental ## Weblet shows this: prot localaddrrediraddr lportrport TCP 192.168.254.254 192.168.1.421 21 and: pkts bytes target prot opttosa tosx ifname mark 0 0 DENY icmp l- 0xFF 0x00 * 0 0 DENY icmp l- 0xFF 0x00 * 0 0 DENY icmp l- 0xFF 0x00 * 0 0 DENY all l- 0xFF 0x00 ppp0 0 0 DENY all l- 0xFF 0x00 ppp0 0 0 DENY all l- 0xFF 0x00 ppp0 0 0 DEN
[Leaf-user] Re: [uml-user] Using/Devping LEAF in a virtual machine
[EMAIL PROTECTED] said: > Here is my piece for my fellow LEAF/LRP developpers ands users: http:// > leaf.sourceforge.net/devel/jnilo/uml.html Some comments: "Developping and using LEAF in a virtual environnemnt" should read "Developing and using LEAF in a virtual environment" The *.gif links are all broken. uml02.html - The utilities instructions are wrong. It should refer to uml_mconsole, not uml_console. Also, you can just run make in the top-level directory now. Plus, you should just encourage people to install the RPM or deb, rather than building the utilities tarball. uml03.html - The net route command is unecessary. If you look at the routing table after ifconfig-ing the device, you'll see that route is already there. uml05.html - Stripping linux isn't necessary. uml06.html - You might want to mention that it is possible to build an fs without being root. You create the root_fs file on the host as you describe, boot UML with that as ubd1, the source of data as ubd2, and inside UML, mkfs it, mount it, and populate it. Jeff ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] SNMP from Wireless Hub
> Dec 3 22:55:57 oldbox kernel: Packet log: input REJECT eth1 PROTO=17 > 192.168.77.250:1717 255.255.255.255:162 L=96 S=0x00 I=43029 F=0x > T=31 (#65) > > where 192.168.77.250 is the IP address of my wireless hub. I don't think > I can turn off the behavior in the hub, and I'd rather that the REJECTS > not fill the logs (I get 6-7 entries per hour). > > I'm running the tried and true EigersteinBETA2, and yes, eth1 is the > internal adapter. What's the best approach to take with this stuff? > permit internally? Turn off logging? make a special rule in > ipfilter.conf? You don't have support for the SILENT_DENY varaible without upgrading your scripts, I don't think you should turn off logging, and there's no reason to allow the packets, so you need a special rule in ipfilter.conf. Add the following to the ipfilter_firewall_cfg () procedure in ipfilter.conf, somewhere after where the rules get flushed. At the end of the file, just before the closing } is a handy location that's easy to find later. $IPCH -A input -j DENY -p 17 -s 192.168.77.250 -d 0/0 162 And the packets will be denied without being logged. Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Why can't I see my DNS on the public interface?
> I am using the EigerStein2Beta image on my router/firewall, with > a two-floppy setup. I am also running the dnscache, tinydns, and > axfrdns packages. I would like my router to be the authoritative > nameserver for my domain. I have set the tinydns package to serve > DNS for both private and public clients. On the private side, > everything works fine. On the public side, it is not so fine. You need to verify the listen IP's of both dnscache and tinydns. If tinydns is not listening on your external IP, it will be invisible to the outside world. Also, verify you have tinydns configured to answer queries from the whole of the internet...if it's like dnscache, it's pretty paranoid and you'll need to specify which IP's are allowed to make queries of the DNS server...all other IP's will simply be ignored. Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Re: SSH with Secure iXplorer - no remote tree displayed
> Commenting out > /usr/sbin/lrcfg > > at the end of /root/.profile and retrying the connection proves successful. > > so, uh (sheepishly) . how do I backup root's .profile as backing > up neither root nor etc does it? It should be backed up as part of the root package. Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] E2B DMZ_SWITCH=PRIVATE
> - could you please confirm that the DMZ network must be part of the > defined 'internal' network. The DMZ network does NOT need to have any particular relationship to the internal network. The fact that when you put the DMZ 'inside' your internal network space, the DMZ is able to access the internet (and isn't able to otherwise) indicates the outbound masquerade rules are not getting generated for the DMZ. This is either a result of a mis-configured setting in network.conf, or a very large bug in the scripts. > - in a DMZ_SERVERn entry, should the extended port forward definition be > in double quotes? Or is this irrelevant? > > DMZ_SERVER0=tcp_150.101.234.2_www_192.168.2.10_www > DMZ_SERVER1="udp_150.101.234.2_www_192.168.2.10_www" Actually, both of the above are equivalent, and both are wrong. The underscores should be spaces, and since the spaces are part of the variable setting, you need double quotes: DMZ_SERVER0="tcp 150.101.234.2 www 192.168.2.10 www" DMZ_SERVER1="udp 150.101.234.2 www 192.168.2.10 www" > - if the DMZ is working, there should be some extra rules in the > ipchains list. Could one of you please provide one example rule that is > private-DMZ specific so that I can check that this is working. To date, > switching on (or off) the DMZ and then /etc/init.d/network restart seems > to have no effect on ipchains definitions (as reported in an email > yesterday). The best place to check is the forward rules. There is normally a single masquerade rule hooking your internal network to the internet. With a private DMZ, you also have a rule masquerading the DMZ network to the internet, the internal network to the DMZ network, and several individual masquerade rules for the port-forwarded services of the DMZ, allowing them to be accessed via the public IP from the internal network. If switching the DMZ on and off does not cause dramatic changes to the forward rule chain, something basic is wrong. > - and finally (and sorry for the newbie question) when accessing > services in the DMZ from the local network(s), should the actual IP > address of the server on the DMZ network or the external IP address of > the LRP box be used? When everything is setup correctly, you should be able to access the services using the public IP. Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Re: [Leaf-user] Dachstein + port-forwarded DMZ
>5. Dachstein + port-forwarded DMZ (SH) > > Message: 5 > From: "SH" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Date: Tue, 4 Dec 2001 00:00:33 +0100 > Subject: [Leaf-user] Dachstein + port-forwarded DMZ > > Hi guys, > > The recent months I have been running E2B, then Dachstein RC2, without > any problems whatsoever. My setup is what I would guess pretty > conventional; A P100 with 2 NICs on a static DSL line. > > Yesterday I decided to add a another NIC to set up a port-forwarded > DMZ. When doing that, I rearranged the NICs so that eth0 is a 10Mbit > 3Com card, and the two internal interfaces uses a couple of Realtek > 8139c 100Mbit cards. I continued to load the appropriate drivers for > each NIC, and all of them now show up during the boot process. My > problem is that DHCP no longer works (message: "No subnet declaration > for eth1 > (0.0.0.0)"), pinging to the outside world does not work, and none of > the machines on the subnets can ping the firewall. In other words, > nothing works.. :-) > > I guess something is wrong in my network.conf. What settings should be > changed to allow such a configuration? Is there a HOWTO/FAQ on this > topic? > > > Svein H. > you did not say which NIC you added, but i am going to guess it was one of the realteks. I had a problem with them when i moved to dachstien 1.0.1 look at the module config file and check the NE.o module line it should have an Io address for both cards "0x300,0x240" with mine the second one was wrong Wayne ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] E2B DMZ_SWITCH=PRIVATE
Sorry to spam the list with repeated questions but I am still having no luck with E2B and a private DMZ network. I guess this functionality is just supposed to work out of the box and I must have misconfigured something. I have tried the same setup on two different firewalls with pretty much the same results: services advertised in the DMZ are not accessible from the local or external networks. Could someone please just have a quick look at the following questions? - could you please confirm that the DMZ network must be part of the defined 'internal' network. - in a DMZ_SERVERn entry, should the extended port forward definition be in double quotes? Or is this irrelevant? DMZ_SERVER0=tcp_150.101.234.2_www_192.168.2.10_www DMZ_SERVER1="udp_150.101.234.2_www_192.168.2.10_www" - if the DMZ is working, there should be some extra rules in the ipchains list. Could one of you please provide one example rule that is private-DMZ specific so that I can check that this is working. To date, switching on (or off) the DMZ and then /etc/init.d/network restart seems to have no effect on ipchains definitions (as reported in an email yesterday). - and finally (and sorry for the newbie question) when accessing services in the DMZ from the local network(s), should the actual IP address of the server on the DMZ network or the external IP address of the LRP box be used? Thanks for your patience. :-) matt ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] DMZ considerations ???
> To us, being in control and truly managing our domain necessitates doing > so from within our DNS configuration. We find that we can do our job > most reliably if we only require the ISP to forward to our domain from > within their upstream DNS. Although, many ISP's are eminently > competent, it is becoming all too common for us to bump into > incompetently setup DNS - especially those run from wintel ;< Understood...that's exactly why I run my own mail & DNS servers. I just use the ISP for connectivity, and find I have far fewer problems that way. I've actually switched ISP's three times, with only minor outages to steinkuehler.net, and even those were avoidable if I'd botherd to take the time to do things properly... > wan1_IP_EXTRA_ADDRS="x.y.z.65" > > and, without any DMZ, we get what we want. Actually, going to the > Internet from the internal, private network, we appear to the Internet > as a.b.c.157, which does not appear to be any conceivable issue. > > Most importantly, when we do http://x.y.z.65/ from a remote Internet > site, we can get to our port-forwarded internal server !!! > > This is what our customer wants, so we are pleased. Excellent! > The confusion stems from doing this: > > wan1_IP_EXTRA_ADDRS="x.y.z.64/26" > > Although this is accepted by ipchains, only x.y.z.64 is pingable from > the Internet; but, as the network itself, we couldn't get to anything, > port-forwarding or not. > > What do you think? This makes perfect sense. IPChains sees x.y.z.64/26 as a network specification, and builds rules applicable for the entire network. Passing the same x.y.z.64/26 to "ip addr add" to assign IP's does *NOT* attatch all addresses to the interface, just the single specified address, with an attached CIDR subnet length of /26 (for the route that gets automatically generated). If you want multiple external addresses, you'll have to specify each of them seperately in _IP_EXTRA_ADDRS. I'm glad one of the easy solutions worked for you...I haven't played enough with linux directly connected to a T1 to know how it would behave... Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Small Linux to the xbox rescue and ports used
Here's an interesting site http://www.xboxgw.com/index.html. They have used a bootdisk to enable xbox devices to play network games over the internet. So if Santa brings an xbox there is hope to network the thing before billg does sometime in 2002. The most important thing to know for this list is what ports to open up on a lrp/leaf firewall. Greg http://www.xboxgw.com/xboxgw_faq-v101.html Q: Does it work behind NAT? A: Yes. Even with NAT on both the client and server sides. Q: What ports do I need to configure for NAT/FIREWALL? A: Inbound: TCP port 7601 (Only required for server mode) A: Inbound: UDP port 7602 (Required for client and server) A: Outbound: TCP port 7601 (Only required for client mode) A: Outbound: UDP port 7602 (Required for client and sever) ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] SNMP from Wireless Hub
I get a lot of these: Dec 3 22:55:57 oldbox kernel: Packet log: input REJECT eth1 PROTO=17 192.168.77.250:1717 255.255.255.255:162 L=96 S=0x00 I=43029 F=0x T=31 (#65) where 192.168.77.250 is the IP address of my wireless hub. I don't think I can turn off the behavior in the hub, and I'd rather that the REJECTS not fill the logs (I get 6-7 entries per hour). I'm running the tried and true EigersteinBETA2, and yes, eth1 is the internal adapter. What's the best approach to take with this stuff? permit internally? Turn off logging? make a special rule in ipfilter.conf? I'm open to suggestions. Richard Minutillo [EMAIL PROTECTED] Oh and BTW, thanks to Paul Rimmer for his suggestion about the port 53 stuff. ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user