Someone posted asking if anyone had tried Shorewall 1.3.1 on Bering_1.0-rc2.
I can't find the original post, and I haven't seen anyone reply, but the
answer's yes, installing took about 5 minutes with ppp0 as the external
interface and two 3c509 cards on the local interfaces, eth0 & eth1.
The
how do we stop masqueraded connections to a given remote port?
this does not work in /etc/ipchains.forward:
$IPCH -I forward -j DENY -p udp -s 192.168.0.0/16 -d 0.0.0.0 1214
$IPCH -I forward -j DENY -p tcp -s 192.168.0.0/16 -d 0.0.0.0 1214
what do you think?
--
Best Regards,
mds
mds resour
Sean =>
A bit pressed for time this weekend; and, this may take more time than
you anticipated.
Sean wrote:
>
> diskfree.sh
>
> Ok, I'll bite. I think I must have missed this thread. Where is this
> supposed to go? What was this supposed to fix? I'm trying to add it to the
> new CD.
Look
"Michael D. Schleif" wrote:
>
> how do we stop masqueraded connections to a given remote port?
>
> this does not work in /etc/ipchains.forward:
>
> $IPCH -I forward -j DENY -p udp -s 192.168.0.0/16 -d 0.0.0.0 1214
> $IPCH -I forward -j DENY -p tcp -s 192.168.0.0/16 -d 0.0.0.0 1214
>
> what do
Michael --
Your report is a bit fragmentary, but even so, the input- and output-chain
rules you propose look like they should work. (I'm not sure about the
forward-chain rules because I'm a bit fuzzy on whether and when NAT changes
the apparent source address).
But as you know, evaluating rul
Am Freitag 14 Juni 2002 23:16 schrieb Etienne Charlier:
> Another option would be getting the initrd.lrp and root.lrp with glibc2.2
> ( I could use precompiled binaries out of the .RPM )
> I tried by myself to replace the libs but I cannot manage to make bering
> boot in this configuration. ( it
Hi again
So my 'blinder' project is moving along. I got (almost) everything in
working order. I still need to do a couple of things before I start
cleaning up, and move everything into the 'proper' fhs-locations. But
none of that is really all that complicated.
There is one obstacle remaining, ho
Hello Jon
> Hi again
>
> So my 'blinder' project is moving along. I got (almost) everything in
> working order. I still need to do a couple of things before I start
> cleaning up, and move everything into the 'proper' fhs-locations. But
> none of that is really all that complicated.
> There is o
Ray =>
Thank you, for your participation.
Ray Olszewski wrote:
>
> Your report is a bit fragmentary, but even so, the input- and output-chain
> rules you propose look like they should work. (I'm not sure about the
> forward-chain rules because I'm a bit fuzzy on whether and when NAT changes
> t
> Questions:
> Is there a sensible way to let a cgi-script update crontab? Without
> opening ridiculous security issues, like hacking sh-httpd to let cgi
> execute outside of cgi-bin...
>
> Does cron allow for 'sourcing' of additional files from /etc/crontab?
> (Like adding a: . /path/to/sh-httpd/
Michael --
Thanks for the additional information. I see you have the rules you were
describing at the top of the input chain and before the only ACCEPT rule in
the output chains, so you should not be having order problems with them.
And all the interface specifications appear to be correct.
T
On Saturday 15 June 2002 09:07, Michael D. Schleif wrote:
> Sean =>
>
> A bit pressed for time this weekend; and, this may take more time
> than you anticipated.
> If we push completion of this out to end of month, I can be more help
I would tend to think that Michael is right here. It would be
On Thursday 13 June 2002 08:12, Tom Eastep wrote:
> On Wed, 12 Jun 2002, Eric House wrote:
> > Anyway, here's one entry. Does this mean anything to any of you?
> >
> > Jun 12 19:26:22 pauling kernel: Shorewall:rfc1918:DROP:IN=eth0 OUT=
> > MAC=01:00:5e:00:00:01:00:20:40:64:a1:fd:08:00 SRC=192.16
Ray =>
Thank you, again . . .
Ray Olszewski wrote:
>
> Thanks for the additional information. I see you have the rules you were
> describing at the top of the input chain and before the only ACCEPT rule in
> the output chains, so you should not be having order problems with them.
> And all the
Responses interspersed below.
At 03:55 PM 6/15/02 -0500, Michael D. Schleif wrote:
>Ray =>
>
>Thank you, again . . .
>
>Ray Olszewski wrote:
> >
> > Thanks for the additional information. I see you have the rules you were
> > describing at the top of the input chain and before the only ACCEPT rul
This is an update on my progress.
1. diskfree.sh - This may take awhile to incorporate, on the back burner for
the moment.
2. MAC script change(modules/modutils) *DONE!
3. p9100.lrp if Bihn Do tests it and lets me know *DONE! Added p9100 and
modified root.lrp to create lp0 and par0
4. Unknown W
Matt,
Have done this on Eigerstein, the mgetty.lrp was a bit tricky to find, but
ppp was suitable as it was on the version of Eiger I had, it works
wonderfully. Email me offline for mgetty if you want it, I would see no
reason why it will not work on most distributions.
Matthew
> Actually, the
Hi,
I used those instructions
http://www.wix.net.nz/LEAF/
I might have made something wrong ,
Nevertheless, I managed to setup a debian slink box and compiled openvpn
with it.
I'm trying to make a package with it
Thanks for you help
Etienne Charlier
- Original Message -
From: "K.-P.
18 matches
Mail list logo
