OK now. This followup illustrates nicely the difficulties of trying to
troubleshoot based on (very) incomplete descriptions of the problem. The
added info here helps, and I hope you will be able to use these comments
(offered inline) to troubleshoot your problem.
At 01:11 PM 7/17/2003 +0800, Da
On Wed, 2003-07-16 at 22:11, David Pitts wrote:
> Does the lack of any relevant entries in my log (shorewall.log) mean
> that there is no relevant traffic being blocked? I do have some
> shorewall.log entries showing rejected connections. Should every
> rejected attempt to access any port be log
David Pitts wrote:
>
> Just a bit more.
>
> The connection is made from a client provided by the Tax Office.
> However, on their website they say that to use the software you must
> have a browser capable of 128 bit SSL installed, so its possible they're
> using the browser protocol (HTTP?) and p
Sent: Thursday, 17 July 2003 11:31 AM
To: [EMAIL PROTECTED]
Subject: Re: [leaf-user] Interesting Issue?
At 10:59 AM 7/17/2003 +0800, David Pitts wrote:
>Hi guys.
>
>I have just fallen over an interesting (I think) issue with firewalls
>in general that I'm hoping you can give me
At 10:59 AM 7/17/2003 +0800, David Pitts wrote:
Hi guys.
I have just fallen over an interesting (I think) issue with firewalls in
general that I'm hoping you can give me some ideas about.
I'm trying to access an online tax return service provided by the
Australian Tax Office. They're using some s
On Thu, 17 Jul 2003 11:27:23 +0800, David Pitts <[EMAIL PROTECTED]>
wrote:
Tom, my logs are showing nothing. I take it from your comment that my
logs should be showing blocked traffic on whatever port is being used?
Exactly -- if your logs aren't showing anything being blocked (and your
logging
]
Subject: Re: [leaf-user] Interesting Issue?
On Thu, 17 Jul 2003 10:59:20 +0800, David Pitts
<[EMAIL PROTECTED]>
wrote:
> or do I need to DNAT each port to the to the particular loc IP?
If you are using masquerading then the answer is YES.
> Thanks for your thoughts.
Doesn&#
On Thu, 17 Jul 2003 10:59:20 +0800, David Pitts <[EMAIL PROTECTED]>
wrote:
or do I need to DNAT each port to the to the particular loc IP?
If you are using masquerading then the answer is YES.
Thanks for your thoughts.
Doesn't anyone ever look at their logs?
-Tom
--
Tom Eastep\ Shorewall -
Hi guys.
I have just fallen over an interesting (I think) issue with firewalls in
general that I'm hoping you can give me some ideas about.
I'm trying to access an online tax return service provided by the
Australian Tax Office. They're using some sort of SSL protocol for
security. They won't t
