Nemeth Gyorgy a écrit :
Yes, it can work as a short go-nogo test. But the suggestion was not
mentioned it, that it is only for that. And it is very likely that when
the OP tries this and it 'works' (I mean the Windows machine behind the
Linux works well), then the rules will remain.
I wrote
On Sun, Aug 10, 2014 at 4:30 PM, Joe j...@jretrading.com wrote:
On Sun, 10 Aug 2014 16:07:01 -0400
Tom H tomh0...@gmail.com wrote:
On Sun, Aug 10, 2014 at 2:24 PM, Nemeth Gyorgy fri...@freemail.hu
wrote:
2014-08-10 11:33 keltezéssel, Pascal Hambourg írta:
sysctl -w net.ipv4.ip_forward=1
On Tue, 12 Aug 2014 04:53:51 -0400
Tom H tomh0...@gmail.com wrote:
And you've proven my point...
Agreed, I just can't see why there is any controversy.
--
Joe
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
On Tue, Aug 12, 2014 at 5:19 AM, Joe j...@jretrading.com wrote:
On Tue, 12 Aug 2014 04:53:51 -0400
Tom H tomh0...@gmail.com wrote:
And you've proven my point...
Agreed, I just can't see why there is any controversy.
You misunderstand. The fact that you can't accept that there may be
others
2014-08-10 22:30 keltezéssel, Joe írta:
Why is it unresolvable? A DROP/REJECT policy is fail-safe, ACCEPT
isn't. If the rest of the rules are correct, (and more importantly,
guaranteed always to stay that way in the face of editing, sometimes
rushed) an ACCEPT policy is redundant, and if
I adopted Mr. Gyorgy's suggested iptables rules with only a
couple of additions based on nmap's report that port 411 was open
because it passed with flying colors nmaps tcp and udp scan of the
first 1056 ports, grc.com tests and pcflank.com tests.
For a single user system running no
On 10/08/2014 10:06 AM, Mike McClain wrote:
Please describe your network topology. Where's the Win2k box ?
__
| Debian| LAN| Windows 2000 |
Inet|Linux
On Mon, 11 Aug 2014 17:44:52 +1000
Andrew McGlashan andrew.mcglas...@affinityvision.com.au wrote:
I give another vote for IPCop btw that or pfsense, but IPCop is
simpler.
Yes, but it's a distribution in itself, which means you need to
dedicate an entire computer to it. (No, I don't
Mike McClain a écrit :
Clearly DNS lookup is working and I have a problem with the
configuration of IE.
Check in its network settings whether a proxy is defined, and remove it.
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble?
On Mon, Aug 11, 2014 at 02:06:28PM +0200, Pascal Hambourg wrote:
Mike McClain a ?crit :
Clearly DNS lookup is working and I have a problem with the
configuration of IE.
Check in its network settings whether a proxy is defined, and remove it.
Hi Pascal,
Nope, no proxy.
Though
Bob Proulx a écrit :
Mike McClain wrote:
__
| Debian| LAN| Windows 2000 |
Inet|Linux|-| S40 |
(ppp) | 192.168.1.2 |
Mike McClain a écrit :
On Fri, Aug 08, 2014 at 09:13:23PM +0200, Pascal Hambourg wrote:
Same as Nemeth Gyorgy : restart without any filtering, just the IP
forwarding and masquerading. If it does not work, it's not due to
filtering. Then when everything works add the filtering.
All
Mike McClain a écrit :
from a zsh prompt:
Mike zsh:~ nslookup
Default Server: resolver1.opendns.com
Address: 208.67.222.222
Didn't return.
Of course not. If you don't provide a domain name to query in the
command line, nslookup just sits there and waits for a command or a name
to query.
On Sat, Aug 09, 2014 at 10:30:53PM -0600, Bob Proulx wrote:
Mike McClain wrote:
Pascal Hambourg wrote:
Please describe your network topology. Where's the Win2k box ?
__
| Debian| LAN
On Sun, Aug 10, 2014 at 11:33:27AM +0200, Pascal Hambourg wrote:
Nemeth Gyorgy's ruleset is too complicated. Use the bare minimum :
sysctl -w net.ipv4.ip_forward=1
iptables -t nat -P ACCEPT
iptables -t filter -P ACCEPT
iptables -t mangle -P ACCEPT
iptables -t nat -F
iptables -t filter -F
2014-08-10 01:49 keltezéssel, Mike McClain írta:
It's a rather complicated, sometimes overcomplicated script. But some
rules are missing and/or not in the correct order.
I've little doubt you are correct, admittedly I'm flailing a bit.
Trying this and that with little luck.
I'd appreciate
2014-08-10 11:33 keltezéssel, Pascal Hambourg írta:
Nemeth Gyorgy's ruleset is too complicated. Use the bare minimum :
sysctl -w net.ipv4.ip_forward=1
iptables -t nat -P ACCEPT
iptables -t filter -P ACCEPT
This is really a big sechole.
iptables -t mangle -P ACCEPT
iptables -t nat -F
On Sun, Aug 10, 2014 at 2:24 PM, Nemeth Gyorgy fri...@freemail.hu wrote:
2014-08-10 11:33 keltezéssel, Pascal Hambourg írta:
Nemeth Gyorgy's ruleset is too complicated. Use the bare minimum :
sysctl -w net.ipv4.ip_forward=1
iptables -t nat -P ACCEPT
iptables -t filter -P ACCEPT
This is
On Sun, 10 Aug 2014 16:07:01 -0400
Tom H tomh0...@gmail.com wrote:
On Sun, Aug 10, 2014 at 2:24 PM, Nemeth Gyorgy fri...@freemail.hu
wrote:
2014-08-10 11:33 keltezéssel, Pascal Hambourg írta:
Nemeth Gyorgy's ruleset is too complicated. Use the bare minimum :
sysctl -w
On Fri, Aug 08, 2014 at 07:05:28PM -0700, David Christensen wrote:
On 08/08/2014 12:04 AM, Mike McClain wrote:
I've been trying to get my hand rolled iptables firewall to
masquerade traffic on the LAN to/from a Win2K box.
I used to write my own firewall/ router rules, but then discovered
On Fri, Aug 08, 2014 at 09:16:05PM -0700, Matt Ventura wrote:
On 8/8/2014 12:04 AM, Mike McClain wrote:
I've been trying to get my hand rolled iptables firewall to
masquerade traffic on the LAN to/from a Win2K box. I've gotten it to
the point that I can ping from the boxes both ways,
On Fri, Aug 08, 2014 at 08:24:11PM +0200, Nemeth Gyorgy wrote:
2014-08-08 09:04 keltez?ssel, Mike McClain ?rta:
I've been trying to get my hand rolled iptables firewall to
masquerade traffic on the LAN to/from a Win2K box. I've gotten it to
the point that I can ping from the boxes both
On Fri, Aug 08, 2014 at 09:13:23PM +0200, Pascal Hambourg wrote:
Hello,
Mike McClain a ?crit :
I've been trying to get my hand rolled iptables firewall to
masquerade traffic on the LAN to/from a Win2K box.
Please describe your network topology. Where's the Win2k box ?
Mike McClain wrote:
Pascal Hambourg wrote:
Please describe your network topology. Where's the Win2k box ?
__
| Debian| LAN| Windows 2000 |
Inet|Linux
I've been trying to get my hand rolled iptables firewall to
masquerade traffic on the LAN to/from a Win2K box. I've gotten it to
the point that I can ping from the boxes both ways, smbclient can move
files both ways and the Win2K box can ping Google's IP address but DNS
lookup fails even
2014-08-08 09:04 keltezéssel, Mike McClain írta:
I've been trying to get my hand rolled iptables firewall to
masquerade traffic on the LAN to/from a Win2K box. I've gotten it to
the point that I can ping from the boxes both ways, smbclient can move
files both ways and the Win2K box can
Hello,
Mike McClain a écrit :
I've been trying to get my hand rolled iptables firewall to
masquerade traffic on the LAN to/from a Win2K box.
Please describe your network topology. Where's the Win2k box ?
What's S40 ?
I've gotten it to
the point that I can ping from the boxes both ways,
On 08/08/2014 12:04 AM, Mike McClain wrote:
I've been trying to get my hand rolled iptables firewall to
masquerade traffic on the LAN to/from a Win2K box.
I used to write my own firewall/ router rules, but then discovered
purpose-built firewall/ router FOSS distributions. I used IPCop
On 8/8/2014 12:04 AM, Mike McClain wrote:
I've been trying to get my hand rolled iptables firewall to
masquerade traffic on the LAN to/from a Win2K box. I've gotten it to
the point that I can ping from the boxes both ways, smbclient can move
files both ways and the Win2K box can ping
29 matches
Mail list logo
