RE: [leaf-user] Why do we need iptables.lrp?

2004-09-14 Thread Tibbs, Richard 
Sorry getting back to list so late,
Thanks to all for the explanation. 
Rick.

-Original Message-
From: Erich Titl [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, September 08, 2004 6:15 PM
To: Tibbs, Richard; [EMAIL PROTECTED]
Subject: Re: [leaf-user] Why do we need iptables.lrp?

Rick

At 16:55 08.09.2004 -0400, you wrote:

Dear list: question about a Bering 1.2 environment:

I noticed that an lsmod reveals no iptables module.
But there is an iptables executable and so libs.

I suggest you look at the iptables.lrp file using tar, it is a bit long to 
list here. It holds the iptables executable and the necessary libraries.


How does shorewall use iptables, if at all?

It calls it according to the shorewall set up.


If one wanted to include custom iptables rules, say to not NAT any ipsec
traffic, is there a file in which you can put these rules?

With Shorewall I believe extension scripts 
http://www.shorewall.net/1.4/shorewall_extension_scripts.htm could be used 
for custom iptables set up.
Read the caution paragraph though Most things you will ever need can be 
done within the standard shorewall system.
Tom might have more aces up his sleeves though.

cheers
Erich

THINK
Püntenstrasse 39
8143 Stallikon
mailto:[EMAIL PROTECTED]
PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16





---
This SF.Net email is sponsored by: thawte's Crypto Challenge Vl
Crack the code and win a Sony DCRHC40 MiniDV Digital Handycam
Camcorder. More prizes in the weekly Lunch Hour Challenge.
Sign up NOW http://ad.doubleclick.net/clk;10740251;10262165;m

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Why do we need iptables.lrp?

2004-09-08 Thread K.-P. Kirchdörfer 
Dear Rick;

Am Mittwoch, 8. September 2004 22:55 schrieb Tibbs, Richard:
 Dear list: question about a Bering 1.2 environment:

 I noticed that an lsmod reveals no iptables module.

The modules are compiled into the kernel.

 But there is an iptables executable and so libs.

 How does shorewall use iptables, if at all?

It relies on iptables and is just a very well done abstraction to iptables, to 
easy usage and configuration.

 If one wanted to include custom iptables rules, say to not NAT any ipsec
 traffic, is there a file in which you can put these rules?

Pls read the shorewall doc at www.shorewall.net. Almost everything is 
possible.

kp


---
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=5047alloc_id=10808op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Why do we need iptables.lrp?

2004-09-08 Thread Tom Eastep 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Tibbs, Richard wrote:
| Dear list: question about a Bering 1.2 environment:
|
| I noticed that an lsmod reveals no iptables module.
| But there is an iptables executable and so libs.
|
| How does shorewall use iptables, if at all?
|
Shorewall is basically a frontend for iptables -- see
http://shorewall.net/Introduction.html.
The iptables, iptables-save and iptables-restore programs are the only
public interfaces to Netfilter (there is no public programmatic
interface) and Shorewall uses all three of them.
- -Tom
- --
Tom Eastep\ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA  \ [EMAIL PROTECTED]
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFBP3pTO/MAbZfjDLIRAn0pAKC2BfX5+ZlEUCK0eJ/2emK1eLP4QQCfcyYe
VXQ0rnQGRGl9m2aVawqnfEw=
=SHiz
-END PGP SIGNATURE-
---
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=5047alloc_id=10808op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Why do we need iptables.lrp?

2004-09-08 Thread Erich Titl 
Rick
At 16:55 08.09.2004 -0400, you wrote:
Dear list: question about a Bering 1.2 environment:
I noticed that an lsmod reveals no iptables module.
But there is an iptables executable and so libs.
I suggest you look at the iptables.lrp file using tar, it is a bit long to 
list here. It holds the iptables executable and the necessary libraries.


How does shorewall use iptables, if at all?
It calls it according to the shorewall set up.

If one wanted to include custom iptables rules, say to not NAT any ipsec
traffic, is there a file in which you can put these rules?
With Shorewall I believe extension scripts 
http://www.shorewall.net/1.4/shorewall_extension_scripts.htm could be used 
for custom iptables set up.
Read the caution paragraph though Most things you will ever need can be 
done within the standard shorewall system.
Tom might have more aces up his sleeves though.

cheers
Erich
THINK
Püntenstrasse 39
8143 Stallikon
mailto:[EMAIL PROTECTED]
PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16

---
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_idP47alloc_id808op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html