Actually I thought you asked the question quite well...
The packets you are seeing are from your ISP's DHCP server. To conserve
public IP address space, many ISPs are apparently using RFC1918
addresses for pieces of their internal network, including their DHCP
servers.
In theory, RFC1918
--- Kim Oppalfens [EMAIL PROTECTED] wrote:
At 20:28 21/07/2002, Cass Tolken wrote:
Taking out the norfc on should stop logging these.
It is in there by default because you are not supposed to have an
address
in the 10.x.y.z range
on an external interface. The norfc means to block
At 21:13 21/07/2002, Cass Tolken wrote:
Your external address 24.46.y.z doesn't appear to be in the rfc1918 range.
So there is no reason to take the norfc1918 out.
Is your intern dhcp server serving up addresses in this 10 range by any chance?
I don't think so sonce your internal ip is in the
--- Kim Oppalfens [EMAIL PROTECTED] wrote:
At 21:13 21/07/2002, Cass Tolken wrote:
Your external address 24.46.y.z doesn't appear to be in the rfc1918
range. So there is no reason to take the norfc1918 out. Is your
intern dhcp server serving up addresses in this 10 range by any
chance? I
On Sunday 21 July 2002 14:30, Kim Oppalfens wrote:
At 21:13 21/07/2002, Cass Tolken wrote:
Your external address 24.46.y.z doesn't appear to be in the rfc1918
range. So there is no reason to take the norfc1918 out.
Is your intern dhcp server serving up addresses in this 10 range by
any
Some ISP's use private ip's on their DHCP and DNS servers, though
this is a bad way to save real ip's, it works for them. This is not
the case in your situation however, you would not have received
a DHCP lease if it was.
Lynn -
I'm curious as to your reasoning on this. Doesn't the DHCP lease
On Sunday 21 July 2002 16:02, Paul M. Wright, Jr. wrote:
Lynn -
I'm curious as to your reasoning on this. Doesn't the DHCP lease
request occur before the firewall rules are started?
My ISP is using an RFC1918 DHCP server and I get and maintain a lease
even with the default Shorewall
I have been gettingwarning indications on the web interface for Bering-rc3 . I want to
increase the ramdisk to clear the indication. How do I increase the ramdisk? Is it in
the syslinux.cfg file?
---
This sf.net email is sponsored
At 02:02 PM 7/21/02 -0700, Paul M. Wright, Jr. wrote:
Some ISP's use private ip's on their DHCP and DNS servers, though
this is a bad way to save real ip's, it works for them. This is not
the case in your situation however, you would not have received
a DHCP lease if it was.
Lynn -
I'm
On 20 Jul 2002, Stephen Lee wrote:
Hi,
What is the Shorewall equivalent of port-forwarding to a private address
DMZ as described in Dachstein? I only have 2 public static IPs so proxy
arp and static NAT DMZ would appear to be out of the question. I can go
as far as adding a second (eth2)
On Sun, 2002-07-21 at 15:51, Tom Eastep wrote:
On 20 Jul 2002, Stephen Lee wrote:
Hi,
What is the Shorewall equivalent of port-forwarding to a private address
DMZ as described in Dachstein? I only have 2 public static IPs so proxy
arp and static NAT DMZ would appear to be out of the
On 21 Jul 2002, Stephen Lee wrote:
On Sun, 2002-07-21 at 15:51, Tom Eastep wrote:
That's FAQ #1 -- http://www.shorewall.net/FAQ.htm#faq1
My interpretation is that FAQ #1 addresses the needs of portforwarding
to the private subnet (eth1) but it does not address access from the
The new version 1.3.4 of shorewall has moved some files to
/var/lib/shorewall. My Bering rc3 doesn't copy these files when the
shorwall.lrp package is installed.
I'm trying Bering for the first time, and am migrating my Dachstein
DMZ setup. I have gotten the older Shorewall version that comes
i believe this will help you to get shorewall 1.3.3
and above to work with bering
http://leaf.sourceforge.net/devel/jnilo/bering/update/shorewall/README.txt
brett
--- Tim Wegner [EMAIL PROTECTED] wrote:
The new version 1.3.4 of shorewall has moved some
files to
/var/lib/shorewall. My
I've been trying to get the cute CGI scripts in weblet.lrp to run under thttp on my
LEAF box...but I can't get it to go.
If you run the cgi-scripts by hand, they generate the right code to STDOUT, but if you
invoke them via browser, you get a blanki page.
The standard SSI example in thttpd
On Sunday 21 July 2002 19:38, [EMAIL PROTECTED] wrote:
Anybody done this, or gotten bourne shell cgi scriipts to run under
thttpd under LEAF?
The Mosquito LEAF-affiliated distribution is doing this.
They are also using the uncgi binary, this may or may
not be necessary for the cgi.
I hope
Thanks Brett. I have now updated my Dachstein plus Seawall setup to
Bering rc3 plus Shorewall 1.3.4 using the three interface (external,
local, and DMZ) version.
Migrating was easier than I expected. Bering is an outstanding piece
of work. Thanks to Charles, Jacques, Eric, and Tom!
Tim
17 matches
Mail list logo