Ola meus caros colegas...
eu tenho uma configuração antiga de um software aki na empresa que precisa disso pra rodar...
alguem saberia me dizer como isso ficaria no iptables?
ipfwadm -F -i accept -m -P tcp -S 10.0.0.0/8 1024:65535 -D 200.201.174.0/24) 80
se puder dar uma explicadinha eu tb
...
Acho que eh so isso...
De: Carlos Fernando Ferreira Junior [mailto:[EMAIL PROTECTED]
Enviada em: terça-feira, 30 de agosto de 2005 10:35
Para: Debian List
Assunto: Regra de ipfwadm para iptables
Ola meus caros colegas...
eu tenho uma configuração
Czegoś być może nie doczytałem, a problem wygląda tak:
jest firewall z debianem+ipfwadm (P133/16ram; kernel 2.0.36) i z
niego można ftp'ować w dowolne miejsce. Natomiast z sieci za
firewall'em ftp'owanie nie działa.
POzdrawiam
/Alt_F4
Kate
IP tables support (required for filtering/masq/NAT)
M Packet filtering
M Full NAT
M MASQUERADE target support
M Packet mangling
M ipchains (2.2-style) support
M ipfwadm (2.0-style) support
(certainly i don' t use the last two).
All other modules can be loaded
Hmmm,
gerade etwas gefunden:
ipportfw -A -t 0.0.0.0/80 -R 192.168.1.67/80
Die frage ist nur, ist die 0.0.0.0 richtig ???
Alle fünf subnetzwerke, darunter auch 192.168.1.64/27, sind IP-Maskiert,
da ich die sechste NIC gegen ein Modem (ppp0) ausgetauscht habe...
Danke für eingebungen
¿Existe alguna manera de migrar todas las reglas que tengo
en mi antiguo proxy con Ipfwadm a IPTables?
Gracias de antemano
On Wed, Feb 19, 2003 at 01:11:55PM +0100, Iñako wrote:
¿Existe alguna manera de migrar todas las reglas que tengo
en mi antiguo proxy con Ipfwadm a IPTables?
Creo que si. Mientras tanto en kernels 2.4.x puedes compilar soporte
para ipfwadm como módulo y seguir utilizando el mismo archivo de
Hej :)
Czy ktos moglby poradzic jak powinna wygladac regulka we freesco (
ipfwadm ) dotyczaca blokowania ping-ow przychodzacych? Bo od pewnego czasu
komus bardzo zalezy na przeciazeniu mojego serwerka. Wiem mozna by
sprawdzic kto ale serwer pracuje na FDD 1,44MB na ktorej aktualnie wolnego
Beto:
Disculpame, yo te dije que te fijaras en lredir y en realidad,
el paquete es redir.
Si tenes debian, podes hacer simplemente:
# apt-get install redir
En otro caso, bajate el source y compilalo, lo podes encontrar
en :
paquete!
Esto es con iptables en kernels 2.4.x con ipfwadm no se como se haria!
SALU2
Dario
-- Mensaje original --
redireccion las peticiones al puerto 80 de la maquina con ipfwadm a el 8080
de otra maquina.
con iptables se hace de esta manera
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80
Te agradezco, pero lo necesito hacer con ipfwadm, es que tengo una mini
distribucion con el kernel 2.0.*
Gracias
Hola, ya se que es algo antiguo, pero necesito redireccion las
peticiones al puerto 80 de la maquina con ipfwadm a el 8080 de otra
maquina.
Se puede hacer???
Gracias
El Jueves 22 Agosto 2002 18:40, beto escribió:
Hola, ya se que es algo antiguo, pero necesito redireccion las
peticiones al puerto 80 de la maquina con ipfwadm a el 8080 de otra
maquina.
Se puede hacer???
Gracias
con iptables se hace de esta manera
iptables -t nat -A PREROUTING -i eth0
: debian-user-spanish@lists.debian.org
Sent: Thursday, August 22, 2002 9:06 PM
Subject: Re: Ayuda con ipfwadm
El Jueves 22 Agosto 2002 18:40, beto escribió:
Hola, ya se que es algo antiguo, pero necesito redireccion las
peticiones al puerto 80 de la maquina con ipfwadm a el 8080 de otra
maquina
Le Mon, Feb 04, 2002 at 08:26:45PM +, François Boisson a écrit:
| ipfwadm -O -a deny -P tcp -S `arp -n | grep 00:00:B4:5B:CF:09 | awk
| '{print $1}'` -D 209.247.228.201 80 -b
|
| doit marcher non?
Il n'y a pas un probleme soit au moment ou la machine démarre soit si la
machine qui porte
Le Tue, 5 Feb 2002 10:39:19 +0100
Vincent Haverlant [EMAIL PROTECTED] a dit:
Le Mon, Feb 04, 2002 at 08:26:45PM +, François Boisson a écrit:
| ipfwadm -O -a deny -P tcp -S `arp -n | grep 00:00:B4:5B:CF:09 | awk
| '{print $1}'` -D 209.247.228.201 80 -b
|
| doit marcher non?
Il n'y
Le Sun, 3 Feb 2002 18:36:57 -0500
Yanick Lefebvre [EMAIL PROTECTED] a dit:
Salut tous le monde,
J'aimerais savoir si il y a quelqu'un qui sait si il est possible
de
données de règles de firewall avec ipfwadm et la mac address d'une carte
réseau au lieu d'un IP Address fixe.
ex
Quiero impedir lo siguiente que se pueda realizar ping a la dirección de
broadcast de nuestra red, hay que tener en cuenta que la dirección que pongo
es una pública, a lo mejor no funciona por eso. La regla que he puesto es la
siguiente, pero no funciona.
/sbin/ipfwadm -F -a deny -P icmp -S
- Original Message -
From: Dpto. de Sistemas [EMAIL PROTECTED] [EMAIL PROTECTED]
To: debian-user-spanish@lists.debian.org
Sent: Friday, October 19, 2001 8:59 AM
Subject: ipfwadm
Quiero impedir lo siguiente que se pueda realizar ping a la dirección de
broadcast de nuestra red, hay que
at
http://www2.linuxjournal.com
go to the frame on the left
click magazine
...
Also take look through the debian mailing list archives.
There seems to be lots on ip masquerading there.
At 18:34 24.5.2000 -0700, you wrote:
i am doing the following: /sbin/ipfwadm -F -p deny
/sbin/ipfwadm
hey thankx fo all the replies,
i tried the following in order
echo 1 /proc/sys/net/ipv4/ip_forward
/sbin/ipfwadm -F -p deny
i get the following error:
ipfwadm: setsockopt failed: Protocol not available.
just so you have some background, i am running debian 2.1 w/ 2.0.38 kernel,
never
i am doing the following:
/sbin/ipfwadm -F -p deny/sbin/ipfwadm -F -a m
-S 192.168.1.0/24 -D 0.0.0.0/0
and get the following error:
ipfwadm: setsockopt failed: protocol not
available
doi need to compile my kernel?
thankx
Can anyone revert this from ipchains to ipfwadm ? :
ipmasqadm autofw -A -u -r udp 51200 51201 -c 7175
ipmasqadm autofw -A -u -r tcp 51210 51210 -c 7175
Thanks
Hi
i am trying to open up the firewall to allow ftp for a particular server...
if not all servers/pc's.
currently i am typing in the ipfwadm commands on the command line but i am
unsure whether it becomes active straight away... should i put the test
rules in the ipfw file that is loaded via
]
To: debian-user@lists.debian.org
Subject: IPFWADM Problems
Hello all,
I have a Debian system running kernel 2.0.38 that is supposed to be
acting as a router between two networks. For the past many months,
we've had our nameserver doing the routing because it was far less
flaky. We've
Hello all,
I have a Debian system running kernel 2.0.38 that is supposed to be
acting as a router between two networks. For the past many months,
we've had our nameserver doing the routing because it was far less
flaky. We've fixed the problems in the hardware, finally, and would
like to go
Base address:0xfcc0
I assumed from the following that the masquerading rule needs to be applied
to eth0. But i was wrong, it needed to be
applied to eth1.
ie.
ipfwadm -F -a masquerade -W eth0 -S 192.168.20.0/24 -D 0.0.0.0/0
needed to be changed to:
ipfwadm -F -a masquerade -W eth1 -S 192.168.20.0
hi all,
quick ipfwadm question.
ethernet cards are as so:
eth0 Link encap:Ethernet HWaddr 00:00:E8:74:32:FD
inet addr:192.168.20.254 Bcast:192.168.20.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3042 errors:0 dropped
Just a thought. Do you other machines have 192.168.20.254
shown as your gateway?
Marc-Adrian Napoli [EMAIL PROTECTED] wrote:
: hi all,
: quick ipfwadm question.
: ethernet cards are as so:
: eth0 Link encap:Ethernet HWaddr 00:00:E8:74:32:FD
: inet addr:192.168.20.254 Bcast
.. with ipfwadm setup .. simple enough setup,
linux box in 10.1.1.1 with win box on 10.1.1.2 .. linux acting
as gateway with static IP, and masq'ing for the win box.
[EMAIL PROTECTED]:/local/etc/init.d# cat network
#! /bin/sh
ifconfig lo 127.0.0.1
route add -net 127.0.0.0
IPADDR=10.1.1.1
NETMASK
non
- Original Message -
From: George Bonser [EMAIL PROTECTED]
To: didier ayllon [EMAIL PROTECTED]
Cc: Debian-User debian-user@lists.debian.org
Sent: Sunday, January 16, 2000 10:31 PM
Subject: Re: ipfwadm
On Sun, 16 Jan 2000, didier ayllon wrote:
when i try to do :
ipfwadm
when i try to do :
ipfwadm -A -f
The answer is :
ipfwadm : setsockopt failed:
Protocol not available
Does anyone can help me ?
Thank didier
on
internal eth card, and winbox has 10.1.1.2.
I set up ipfwadm -F with these options.. hopefully to forward connection to
port 27910 to my winbox.
ipfwadm -F -a accept -b -P tcp -S 0/0 1024:65535 -D 10.1.1.2/32 27910
ipfwadm -F -a accept -b -P udp -S 0/0 1024:65535 -D 10.1.1.2/32 27910
So q2,uses
debian-user@lists.debian.org
Sent: Thursday, November 25, 1999 8:02 PM
Subject: ipfwadm
Hi. I have a linux box connected to internet thru ethernet..and my winbox
connected thru that to internet using ipmasq. Now ive been trying to run a
quake2 server..or any games server for that matter
Hi,
There is a modular firewall shell-script called gmmf that should do what
you are after. It's pretty simple to set up, and denies all ports by
default, and requires you to open any specific ports you want to use.
Have a search on http://freshmeat.net for gmmf to find it.
Cheers,
damon
On
anybody know the right ipfwadm rule for what I want and even
if this setup is possible?
TIA!
-- p.
set your default policies to DENY (instead of ACCEPT) and try again
..everything will be blocked except what you specifically state should be
allowed in (dont try this from remote! you may lose access to the machine)
(use ipfwadm -p DENY)
nate
[mailto
Hi!
set your default policies to DENY (instead of ACCEPT) and try again
..everything will be blocked except what you specifically state should be
allowed in (dont try this from remote! you may lose access to the machine)
I've already tried that way, but it doesn't work out the way I
Hi!
Finally I got the question from my previous message working. I
had to deny only the packets with the SYN set.
-- p.
mi duda es la siguiente
tengo un linux con
1 interfaz de red
1 modem con linea dedicada
1 modem con diald para llamar a internet /c enmascaramiento
no se como tengo que definir las reglas para que solo enmascare lo que
sale a internet, ya que entre la tarjeta de red y el modem dedicado deseo
que
Be aware all ppl on this list, One of the emails
from Robert Boyd in the emails from the last 24 hrs, contained the Happy99
virus.
And with regards to Ipfwadm and dcc send on the
slave machine, I find it works perfectly now if i connect to port 6667 of the
irc server, and no other.
I
Be aware all ppl on this list, One of the emails
from Robert Boyd in the emails from the last 24 hrs, contained the Happy99
virus.
And with regards to Ipfwadm and dcc send on the
slave machine, I find it works perfectly now if i connect to port 6667 of the
irc server, and no other.
I
Hi, I have a 2 computer setup, runnin Debian
2.0.36 as the server,
I am having a problem with dcc send on the
windows computer, receive works fine.
I feel it must be in the ipfwadm somewhere but i
can't find where.
I have the ip_masq_irc module loaded
btw,
Thanks in advance.
, and probably will not install it,
lack of room. I was wondering if anyone out there has seen and/or developed
either a shell or java driven script that will allow a normal user to
easily add or remove IPFWADM rules via a web interface.
Thank you for your time,
Anthony
Anthony Landreneau
DoD
:
ipfwadm -F -a m -S 192.168.2.0/24 -D 0.0.0.0/0
Podrías reemplazar ipfwadm por 'ipfwadm-wrapper' y dejarlo tal cual. El se
encarga de convertirlo todo a un formato que ipchains maneje.
--
Ugo Enrico Albarello López de Mesa| POWERED BY | www.debian.org
[EMAIL PROTECTED] | DEBIAN GNU
:
ipfwadm -F -a m -S 192.168.2.0/24 -D 0.0.0.0/0
podria alguien ayudarme?
La solución más fácil es la siguiente:
ipfwadm-wrapper -F -a m -S 192.168.2.0/24 -D 0.0.0.0/0
Si sólo vas a hacer uso del firewall para enmascarar ip's, creo que puedes
ahorrarte la lectura del ipchains-HOWTO-spanish
On Thu, 24 Jun 1999, Ugo Enrico Albarello wrote:
ipfwadm -F -a m -S 192.168.2.0/24 -D 0.0.0.0/0
Podrías reemplazar ipfwadm por 'ipfwadm-wrapper' y dejarlo tal cual. El se
encarga de convertirlo todo a un formato que ipchains maneje.
No lo recomiendo, yo confie en ipfwadm-wrapper
On Wed, 23 Jun 1999, Ely J. Alvarado wrote:
ipchains para habilitar ip masquerade, la instruccion anterior decia:
ipfwadm -F -a m -S 192.168.2.0/24 -D 0.0.0.0/0
ipchains -I forward -j MASQ -s 192.168.1.0/24 -d 0.0.0.0/0
Paco Brufal [EMAIL
Acabo de hacer un upgrade a mi kernel de 2.0.34 a 2.2.39, pero todavia
tengo que bootear usando mi viejo kernel, debido a que no se como usar
ipchains para habilitar ip masquerade, la instruccion anterior decia:
ipfwadm -F -a m -S 192.168.2.0/24 -D 0.0.0.0/0
podria alguien ayudarme
Does SLink use ipfwadm or ipchains for firewalling and NAT?
Thanks,
Wayne
On Wed, Mar 17, 1999 at 11:50:06AM -0500, Wayne Cuddy wrote:
Does SLink use ipfwadm or ipchains for firewalling and NAT?
It's enabled for both. If you run a 2.0.x kernel (the default on slink)
then you will need to use ipfwadm. If you upgrade to a 2.2.x kernel, then
you will need to use ipchains
Subject: where is the ipfwadm stuff by default?
Date: Fri, Feb 19, 1999 at 11:26:07PM -
In reply to:Pollywog
Quoting Pollywog([EMAIL PROTECTED]):
I have a couple of ipfwadm rules in effect that I did not add. That means
that the default installation has rules someplace
Subject: Re: where is the ipfwadm stuff by default?
Date: Sat, Feb 20, 1999 at 10:53:30AM +
In reply to:[EMAIL PROTECTED]
Quoting [EMAIL PROTECTED]([EMAIL PROTECTED]):
Subject: where is the ipfwadm stuff by default?
Date: Fri, Feb 19, 1999 at 11:26:07PM
On 20-Feb-99 [EMAIL PROTECTED] wrote:
Woops, I was on slackware when I did that, sorry
rgrep ipfwadm /etc/*
oic Thanks.
--
Andrew
On 20-Feb-99 [EMAIL PROTECTED] wrote:
Subject: where is the ipfwadm stuff by default?
Date: Fri, Feb 19, 1999 at 11:26:07PM -
In reply to:Pollywog
Quoting Pollywog([EMAIL PROTECTED]):
I have a couple of ipfwadm rules in effect that I did not add. That means
Subject: Re: where is the ipfwadm stuff by default?
Date: Sat, Feb 20, 1999 at 05:44:56PM -
In reply to:Pollywog
Quoting Pollywog([EMAIL PROTECTED]):
On 20-Feb-99 [EMAIL PROTECTED] wrote:
Subject: where is the ipfwadm stuff by default?
Date: Fri, Feb
192.168.100.108 is the local machine - 192.168.100.* is outside.
I can telnet and ping outside - no problem. But I can't ssh to
192.168.100.102,
telnet on 192.168.100.108 doesn't work either and somehow printer jobs
aren't send until I disable the firewall
:-/
FW=/sbin/ipchains
case $1 in
I have a couple of ipfwadm rules in effect that I did not add. That means
that the default installation has rules someplace. Does anyone know where I
can find them? Perhaps I should put all my rules in the same place.
thanks
--
Andrew
Hi,
I'm in the way of doing a upgrade to the 2.1.125 kernel.
I noticed that the ipfirewall/ipmasquerade options are quite
different from 2.0.3x.
Is there some handy howto/recipe to migrate from ipfwadm to
ipchains rules?
I compiled the kernel with the following
Hello.
Sorry for a rather vague subject, but it's pretty tough
to describe the problem in just a couple of words...
Anyway, I have the Linux box doing the IP Masquerading,
using ipfwadm. It works. Whenever a Windows 98 machine
tries to connect to the net, without using a proxy server
( i.e
Take a look at http://www.xos.nl/linux/ipfwadm/paper/
Subject: re: ipfwadm
Date: Mon, Dec 21, 1998 at 09:17:15AM +1100
In reply to:Michael Fox
Quoting Michael Fox([EMAIL PROTECTED]):
Anyone care to show me a quick and dirty ipfwadm script to allow
ftp/http/irc/mail/dns
I am still getting use to this ipfwadm.. guess it is a better time then any
to learn some more... Anyway already have a real to block icmp pings.. I
want my machine to not reply to these.. so anyone willing to paste me a
example.
Basically I don't my machine to ping reply.. I think it uses icmp
Hi. I have a nicely functioning masquerading
Debian 2.0 (2.0.34) box with the following
exception: when the win95 machines (connected
to a winnt4.0sp3 network) get their ip's by
way of the nt dhcp service, ip_masquerading
doesn't work. When I assign the ip to their
respective machines the
Ok cool.. The script I got works ok.. few problems.. one of which I want to
solve ASAP is that snmpd doesn't work.. I run mrtg on the linux machine that
the packet filtering runs on.. I tried several commands that deal with ports
161, 162. But still not managed to get snmpd to work. Anyone care
Ideally.. I'd like to allow snmpd to work on my whole 203.41.122.128/26
subnet.. so that I can monitor a few other pcs...
Thanks
Michael
Ok cool.. The script I got works ok.. few problems.. one of which I want to
solve ASAP is that snmpd doesn't work.. I run mrtg on the linux machine
that
the
Anyone care to show me a quick and dirty ipfwadm script to allow
ftp/http/irc/mail/dns in/out from linux machine..
I'd like to enable ipfw filters.. but stuck on the writing of the ipfw.sh
script I would run.. examples would be great..
-- Michael
Administrator
maf networking services
[EMAIL
On Mon, 21 Dec 1998, Michael Fox wrote:
Anyone care to show me a quick and dirty ipfwadm script to allow
ftp/http/irc/mail/dns in/out from linux machine..
I'd like to enable ipfw filters.. but stuck on the writing of the ipfw.sh
script I would run.. examples would be great..
I'm using
On Tue, 15 Dec 1998, Robert Claeson wrote:
Some time ago, I happened to find a web-based admin utility for ipfwadm
and ipchains. Now that I need it, I can't seem to find it anymore.
Perhaps somebody out there can help me out?
You can check it on their official site:
http://www.xos.nl
Nuno Carvalho wrote:
Some time ago, I happened to find a web-based admin utility for ipfwadm
and ipchains. Now that I need it, I can't seem to find it anymore.
Perhaps somebody out there can help me out?
You can check it on their official site:
http://www.xos.nl/linux/ipfwadm/paper
I have my linux machine routing my packets from my lans 64 ip subnet..
Anyone tell me if I can compile kernel with ipfw support and setup some ip
firewall rules using ipfwadm.. and do some packet filtering..
the machine with the link does.. www/mail/ftp/http/dns/irc so the firewall
should allow
Some time ago, I happened to find a web-based admin utility for ipfwadm
and ipchains. Now that I need it, I can't seem to find it anymore.
Perhaps somebody out there can help me out?
Thank's,
Robert
Damon Muller [EMAIL PROTECTED] writes:
What I want to do is use ipfwadm to block a single port - namely 31337
(UDP). For anyone who has had their head in the sand for the last few
months, that's the port that Back Orrifice listens on by default.
ipfwadm -I -a reject -P udp -D 192.168.20.0/24
Hi Folks,
Not sure if this has been covered before, and it isn't 100%
debian-specific, but I thought some ipfwadm guru out there might be able
to help a poor clueless idiot such as myself.
What I want to do is use ipfwadm to block a single port - namely 31337
(UDP). For anyone who has had
Michael Laing napisal(a):
[...]
: It's not totally clear to me how to use ipfwadm to do this...
:
: Also, I am considering moving to slink and kernel 2.1.125 and using
: ipchains instead. It looks simpler and I would like to learn just one
: tool, if possible.
Use ipfwadm-wrapper, not ipfwadm
not totally clear to me how to use ipfwadm to do this...
Also, I am considering moving to slink and kernel 2.1.125 and using
ipchains instead. It looks simpler and I would like to learn just one
tool, if possible.
Anyone have any comments/help?
Thanks,
ml
-BEGIN PGP SIGNATURE-
Version
Hi,
What I want !? Mainly it's: have incoming telnet session and since
someone it's on my machine could not make outgoing telnet sessions ...
As i'm using kernel 2.0.35, I think, I must be using ipfwadm instead of
ipchains (for 2.1.xx series kernel).
1. It's out there any good ipfwadm
NC == Nuno Carvalho [EMAIL PROTECTED] writes:
NC 2. When I've IP Firewall, IP Masquerable, IP Forwarding, etc I can't get
NC my ISDN connection ! ;(
NC - cut here --
NC Nov 8 12:08:08 cavern kernel: isdn_net: ippp0: dial suppressed: isdn
stopped
NC Nov 8 12:08:08 cavern kernel:
on ipfwadm
Hi,
What I want !? Mainly it's: have incoming telnet session and since
someone it's on my machine could not make outgoing telnet sessions ...
As i'm using kernel 2.0.35, I think, I must be using ipfwadm instead of
ipchains (for 2.1.xx series kernel).
1. It's out there any good ipfwadm
When I boot my system it says
ipfwadm: setsockopt error protocol not available
or something like that. What is the problem?
cc replies to [EMAIL PROTECTED] please
Hi,
Collin == Collin Rose [EMAIL PROTECTED] writes:
Collin When I boot my system it says
Collin ipfwadm: setsockopt error protocol not available
Collin or something like that. What is the problem?
Chances are, you moved to a 2.1.1XX kernel. The never kernels
reuire ipchains
}'| sed
-es/addr\://`
echo $ISP_IP
FIREWALL_SERVER=192.168.1.1
NETWORK=192.168.1.0/24
ALLIP=0.0.0.0/0
HIPORTS=1024:65535
#Flush out any existing rules
ipfwadm -I -f
ipfwadm -O -f
ipfwadm -F -f
#Start by denying everything
ipfwadm -I -p deny
ipfwadm -O -p deny
ipfwadm -F -p deny
#Deny Spoofed packets
Whenever I type an ipportfw command, I always get an error back:
ipfwadm: setsockopt failed: Protocol not available.
What does this mean? And how do I resolve this? I have the current
kernal, installed IPchains successfully, but need to get this piece of the
puzzle going :)
2.1 kernel
Whenever I type an ipportfw command, I always get an error back:
ipfwadm: setsockopt failed: Protocol not available.
What does this mean? And how do I resolve this? I have the current
kernal, installed IPchains successfully, but need to get this piece of the
puzzle going :)
Thanks in advance
Hi,
I just upgraded to hamm and now need to setup my two privates
networks again. Can I use the old ipfwadm? How to setup masquerade in
hamm? The ipmasq(8) program doesn't have man page.
Please I need urgent help, since my division is off.
Thanks,
[]s,
Mario O.de Menezes
i'm running Debian 1.3. i have 2 Windowz95 machines connecting to my
Debian
box across a LAN then out on the net using ipfwadm. IRC (except for DCC
chat send) and web browsing works ok but usenet ,cuseeme, ICQ, real
audio
don't want to function at all. I've also got Squid running as a proxy
Debian 1.3. i have 2 Windowz95 machines connecting to my
Debian
box across a LAN then out on the net using ipfwadm. IRC (except for DCC
chat send) and web browsing works ok but usenet ,cuseeme, ICQ, real
audio
don't want to function at all. I've also got Squid running as a proxy
server. It's got
I am wondering, is the default kernel from 386-binary(bo) compiled with
Masquerading?
I do not know if that is my problem, but whenever I try to use the
ipfwadm command (with [hopefully] valid switches) I always get a
message ipfwadm: setsockopt failed: Protocol not available
Thanks, Milan
Mark Stone [EMAIL PROTECTED] writes:
In order to use the ipfwadm command set, what options and modules need to
be selected in configuring the kernel?
Under Networking options, I think you need to have IP: firewalling
selected. You'll also need to select Network firewalls to be able
to choose
In order to use the ipfwadm command set, what options and modules need to
be selected in configuring the kernel? I thought I had done this
correctly, but keep getting an error message when I try to use ipfwadm.
The error message is something like SOCKOPT error: protocol not
available.
Mark
Lawrence [EMAIL PROTECTED] writes:
[snip]
xosview stalls once I execute either one of the above commands, it seems
that xosview expects a non-anywhere source/destination.
I expect this would be because it wants to track both incoming and
outgoing packets separately. It shouldn't lock up
Carey Evans wrote:
Apart from looking at ip-up, I'd suggest you also think about other
ways of doing this, like:
# ipfwadm -A -a
if you only have the dialup interface, or
# ipfwadm -A -a -W ppp0
if you just want to do accounting on your PPP connections.
xosview stalls once I
Elie Rosenblum wrote:
$IPADDR=`ifconfig ppp0|perl -ne 'print $1 if (/inet addr:(\S+)\s/);'`
ipfwadm -A -a -P $IPADDR -D 0/0
It is what I want, thanks, though I found that I don't need '$' for the
first line.
Lawrence
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe
Lawrence [EMAIL PROTECTED] writes:
I am using dialup PPP and need to run ipfwadm everytime I connect to my
ISP. I know that I can put ipfwadm into /etc/rc file. What is the
best/easy way to get the IP address other than using ifconfig or route
(they are not good because the output is more
I am using dialup PPP and need to run ipfwadm everytime I connect to my
ISP. I know that I can put ipfwadm into /etc/rc file. What is the
best/easy way to get the IP address other than using ifconfig or route
(they are not good because the output is more than one line)?
ipfwadm -A -a -P My
In article [EMAIL PROTECTED] Lawrence wrote:
: I am using dialup PPP and need to run ipfwadm everytime I connect to my
: ISP. I know that I can put ipfwadm into /etc/rc file. What is the
: best/easy way to get the IP address other than using ifconfig or route
: (they are not good because
On Mon, 22 Sep 1997, Lawrence wrote:
I am using dialup PPP and need to run ipfwadm everytime I connect to my
ISP. I know that I can put ipfwadm into /etc/rc file. What is the
best/easy way to get the IP address other than using ifconfig or route
(they are not good because the output is more
, browse, ftp, etc
to external servers on Internet, being masquerade with the Linux IP.
I'm using this sintax:
# ipfwadm -O -a deny -S 0.0.0.0/0 -D some.site.denied/0
but isn't working, since I can connect the denied site from a inside
machine. What is wrong?
Have you tried:
# ipfwadm -F
is working OK; all machines can telnet, browse, ftp, etc
to external servers on Internet, being masquerade with the Linux IP.
I'm using this sintax:
# ipfwadm -O -a deny -S 0.0.0.0/0 -D some.site.denied/0
but isn't working, since I can connect the denied site from a inside
machine. What
On Thu, 21 Aug 1997, Mike wrote:
Jose Maria Omo Millan wrote:
# Redirect to Squid proxy server
/sbin/ipfwadm -I -a acc -P tcp -D default/0 80 -r 8080
ERROR: The requested URL could not be retrieved
While trying to retrieve the URL: /
The http 1.0 protocol does not send
Hello,
I would like redirect all www traffic from my lan through Squid server
transparently. I use IP masquerading and besides I do:
# Redirect to Squid proxy server
/sbin/ipfwadm -I -a acc -P tcp -D default/0 80 -r 8080
This rule really redirect http request of any PC to squid server
1 - 100 of 133 matches
Mail list logo