-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Earl Wilson wrote:
| Thanks to both of you for your help; well, I did add the "0/0_24"
| comment as suggested, but no luck, HOWEVER, I then REMOVED the sshd.lrp
| package, and was able to access the inside web server running on the
| redhat machine v
nal box.
Telnet is DEFINATELY not something you want to put onto your FW box.
Thats about it, let me know if you have any problems.
- Original Message -
From: Earl Wilson <[EMAIL PROTECTED]>
Date: Friday, August 19, 2005 8:43 am
Subject: Re: [leaf-user] Port-forwarding ssh thru Dac
--- Original Message -
From: "Earl Wilson" <[EMAIL PROTECTED]>
To:
Sent: Friday, August 19, 2005 9:27 AM
Subject: Re: [leaf-user] Port-forwarding ssh thru Dachstein
> Thanks to both of you for your help; well, I did add the "0/0_24"
> comment as suggeste
m the
"EXTERN_TCP_PORTS=" line
Earl
- Original Message -
From: <[EMAIL PROTECTED]>
To: "M Lu" <[EMAIL PROTECTED]>
Cc: "Earl Wilson" <[EMAIL PROTECTED]>;
Sent: Tuesday, August 16, 2005 11:22 AM
Subject: Re: [leaf-user] Port-forwarding ssh thru
om: M Lu <[EMAIL PROTECTED]>
Date: Tuesday, August 16, 2005 8:16 am
Subject: Re: [leaf-user] Port-forwarding ssh thru Dachstein
> If Earl wants to use external port 24, then may be he should use
>
> EXTERN_TCP_PORTS="0/0_21 0/0_80 0/0_24"
>
> instead of
>
> &g
t;
To: "M Lu" <[EMAIL PROTECTED]>
Cc: "Earl Wilson" <[EMAIL PROTECTED]>;
Sent: Tuesday, August 16, 2005 9:04 AM
Subject: Re: [leaf-user] Port-forwarding ssh thru Dachstein
This allows an individual to SSH directly to the external IP address,
using port 24, and Dac
gt; other
> port (e.g. 80 as you know for sure 80 is allowed) to 22 and test
> SSH client
> with port 80.
>
>
>
> - Original Message -
> From: "Earl Wilson" <[EMAIL PROTECTED]>
> To:
> Sent: Monday, August 15, 2005 11:04 PM
> Subject: F
SSH client
with port 80.
- Original Message -
From: "Earl Wilson" <[EMAIL PROTECTED]>
To:
Sent: Monday, August 15, 2005 11:04 PM
Subject: Fw: [leaf-user] Port-forwarding ssh thru Dachstein
..
TCP services open to outside world
# Space seperated list: sr
one thing I fogot to add - I can ssh internally from my redhat machine
to the firewall, and out to the internet...
- Original Message -
From: "Earl Wilson" <[EMAIL PROTECTED]>
To:
Sent: Monday, August 15, 2005 10:27 PM
Subject: [leaf-user] Port-forwarding ssh thru Da
Leaf-users:
I am a beginner with firewalls, and have been using Dachstein (with SSHD
package added for remote management) on my old P120 for a while now, and
have finally decided to open ports for different services. The problem
I'm having is that though I am able to confirm port 22 is open to the
On Tuesday 10 February 2004 11:55 am, Stephen Lee wrote:
>
> Thanks much Tom. It works now. Now I understand what ORIGINAL
> DESTINATION and DETECT_DNAT_ADDRS means ;-)
>
You're welcome, Stephen. For the benefit of those searching the archives, the
option in shorewall.conf as actually named DETE
On Tue, 2004-02-10 at 10:51, Tom Eastep wrote:
> On Tuesday 10 February 2004 10:17 am, Stephen Lee wrote:
> > Hi,
> >
> > I'm running a Bering1.2/CD system with a lan(eth1) and a proxy
> > dmz(eth2). There's workstation on the lan running a pcAnywhere host and
> > a server in the DMZ running pcAnyw
On Tuesday 10 February 2004 10:17 am, Stephen Lee wrote:
> Hi,
>
> I'm running a Bering1.2/CD system with a lan(eth1) and a proxy
> dmz(eth2). There's workstation on the lan running a pcAnywhere host and
> a server in the DMZ running pcAnywhere as well. I can connect to the lan
> pcAnywhere via the
Hi,
I'm running a Bering1.2/CD system with a lan(eth1) and a proxy
dmz(eth2). There's workstation on the lan running a pcAnywhere host and
a server in the DMZ running pcAnywhere as well. I can connect to the lan
pcAnywhere via the public IP on eth0. The problem is that attempting to
connect to the
On Tuesday 09 December 2003 08:47 pm, Dr. Richard W. Tibbs wrote:
> Folks:
> As I mentioned in my last post, I have not had luck with the following
> command: INTERN_SERVERS="tcp_${EXTERN_IP}_domain_192.168.x.y_domain
> udp_${EXTERN_IP}_domain_192.168.x.y_domain"
>
> I get no port forwarding for po
At 09:47 PM 12/9/2003 -0500, Dr. Richard W. Tibbs wrote:
Folks:
As I mentioned in my last post, I have not had luck with the following
command:
INTERN_SERVERS="tcp_${EXTERN_IP}_domain_192.168.x.y_domain
udp_${EXTERN_IP}_domain_192.168.x.y_domain"
I get no port forwarding for ports 53. I do get
Folks:
As I mentioned in my last post, I have not had luck with the following command:
INTERN_SERVERS="tcp_${EXTERN_IP}_domain_192.168.x.y_domain
udp_${EXTERN_IP}_domain_192.168.x.y_domain"
I get no port forwarding for ports 53. I do get several messages complaining about
"invalid protocol"
just
IL PROTECTED]
> Subject: [leaf-user] Port-forwarding
>
>
> I have installed webmin on my server and needs to forward trafic on port
> 1.
> I added this rule to shorewall;
> Rule "DNAT net loc:192.168.1.200:1 tcp 1" added
> (and, as this shows - no err
I have installed webmin on my server and needs to forward trafic on port
1.
I added this rule to shorewall;
Rule "DNAT net loc:192.168.1.200:1 tcp 1" added
(and, as this shows - no errors when restarting shorewall)
Forwarding port 80 to my webserver is no problem - the rule is the sam
> One blue-sky thought ... I've never tried to set up one of these
> multi-address external interfaces where the extra addresses are on a
> different network than the primary address (and the default gateway). I
> wonder if packets going back out those interfaces can find the default
> gateway? (C
[EMAIL PROTECTED] On Behalf Of
> Ray Olszewski
> Sent: Wednesday, March 12, 2003 3:54 PM
> To: Ken Marshall; [EMAIL PROTECTED]
> Subject: Re: [leaf-user] Port Forwarding and pcAnywhere
>
>
> Ken -- Thanks for a good, clear posting of the details. Based
> on it, I hav
6.225 0.0.0.0 UG0 0 0
eth0
Thanks,
Ken
> -Original Message-
> From: Ray Olszewski [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, March 12, 2003 4:50 PM
> To: Ken Marshall; [EMAIL PROTECTED]
> Subject: RE: [leaf-user] Port Forwarding and pcAnywhere
>
You didn't read the SR FAQ, did you?
Please report the output of:
ip addr show
netstat -nr
These will tell us what interfaces and routes are *actually* being set up
on your Dach router, not what you are *trying* to set up (in the end, that
is all that the config files tell us).
Ken -- Thanks for a good, clear posting of the details. Based on it, I have
a couple of comments.
First, it does not appear that you have tested pcAnywhere with your primary
IP address (206.127.76.231). This assumes some significance when I note ...
Second, I *can* ping your primary IP address
Hello!
I've done quite a bit of testing to try to get this to work. But, I still
am having no luck! Any help would be greatly appreciated.
As a recap, I am trying to allow a client to "Call Remote" over the Internet
by connecting to one of my secondary IP addresses. The workstation behind
the
> -Original Message-
> From: vivek varshney
> Sent: Wednesday, August 14, 2002 2:42 PM
> To: [EMAIL PROTECTED]
> Subject: [leaf-user] Port Forwarding Documentation
>
>
> I would to know if there is set of complete
> documentation on Port Sharing using LEAF (
I would to know if there is set of complete
documentation on Port Sharing using LEAF (I am using
Bering v0.5 of LEAF).
I saw the mini-Howto at this site:
http://sourceforge.net/docman/display_doc.php?docid=1443&group_id=13751
but I still need more info, which as of yet I have
been unable to find
On Thursday 06 June 2002 18:12, James K. Wiggs wrote:
> running OpenH323 and GnomeMeeting 0.85;
> the other is an NT 4.0 box running NetMeeting 3.01. I've configured
Load the "ip_masq_h323" module in /etc/modules.
This is a helper module to get it to work right.
--
~Lynn Avants
aka Guitarl
Hello Folks,
Uncertain which mailing list is the correct and active one, so I'm
posting to both. I'm trying to get voice over IP working between two
boxes; each is behind a basic EigerStein LRP box, both configured as
firewalls. Almost all ports on both boxes are closed. One of the
boxes
On Thu, Jun 06, 2002 at 02:34:13PM +0700, GREGOR wrote:
>
> How do I solve this problem? Are the switches limited for only 5 DMZ?
I have nine entries like that, which work as intended, so no there's no
limit. (Not at 5 anyway ;)
But you have three external IPs... Are you certain that works?
I
Hi,
I'm using DCD-1.02 and has been working great.
So far I've been using DMZ=PRIVATE to do port forwarding.
I put them in DMZ_SERVER0 to DMZ_SERVER4 switch, and they're working fine.
.
.
.
DMZ_SERVER4="tcp 64.110.181.168 110 192.168.15.202 110"
Now I have new servers, I put them in DMZ_SERVE
From: Lee [mailto:[EMAIL PROTECTED]]
>Sent: Thursday, May 30, 2002 4:57 PM
>To: [EMAIL PROTECTED]
>Subject: Re: [leaf-user] Port Forwarding
>
>
>There shouldn't be any other changes necessary - as long as you are
>trying to genuinely access it from outside. You can'
30, 2002 4:57 PM
To: [EMAIL PROTECTED]
Subject: Re: [leaf-user] Port Forwarding
There shouldn't be any other changes necessary - as long as you are
trying to genuinely access it from outside. You can't access it from
inside by hitting your external IP address from the inside.
Some troub
ed to make besides the two edits in etc/network.conf?
Thanks,
Jon
-Original Message-
From: Lee [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 30, 2002 3:55 PM
To: [EMAIL PROTECTED]
Subject: Re: [leaf-user] Port Forwarding
The IP address you see in the example is the IP address of the ext
what I put because I have a dynamic IP
for my external network connection. Can you help me out?
Thanks,
Jon
-Original Message-
From: Lee Kimber [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, May 29, 2002 11:02 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Re: [leaf-user] Port Forwarding
W
I've editted the /etc/network.conf file, through lrcfg (network settings,
then network configuration) for something similar, port forwarding to an
internal smtp server (with static, private IP address 192.168.1.201). I
modified two lists as follow:
Page down to about line 325 to find EXTERN_TCP_P
What you need is in the /etc/network.conf file, which you can edit from the
lrcfg menu by going to Network Settings and then Network Configuration.
IIRC you need to do two things:
1. open the firewall to port 113 in the section that begins:
# IP Filter setup - can pull in settings from above
2
I'm using the Dachstein floppy distribution and I need to setup port
forwarding to one of my lan workstations. My router is at 192.168.1.254,
while my workstation I'm trying forward to is 192.168.1.1. There are a
number of ports for different programs I need to direct, but the one I'm
trying to do
it
should work
Upnet Joe
- Original Message -
From: "barwals" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, March 05, 2002 6:20 AM
Subject: [Leaf-user] Port forwarding problem!
> Hi,
>
> I 'm running the Dachstein LEAF firewall. I'm
Hi,
I 'm running the Dachstein LEAF firewall. I'm not able to forwarding the external
traffice which is coming to my valid IPaddr (eth0) to my internal web server which is
a windows 2000 server. I have allready gone through all the related mailing list
archive but could not solve the problem a
i know in dachstein floppy 1.0.2 the variable is ${EXTERN_IP}, not
${EXTERN} ... also, if you're using ssh, it listens on TCP port 22, not
24... my network.conf for ssh looks like this:
EXTERN_TCP_PORT0="0/0 ssh"
INTERN_SERVERS="tcp_${EXTERN_IP}_ssh_192.168.1.10_ssh"
-david
On S
[EMAIL PROTECTED] wrote:
>
> Hello,
>
> I have added
>
> EXTERN_UDP_PORTS="0/0_24"
> EXTERN_TCP_PORTS="0/0_24"
> INTERN_SERVERS="tcp_${EXTERN}_24_192.168.1.5_22 udp_${EXTERN}_24_192.168.1.5_22 "
>
> But my external port 24 shows up as filtered and I can not connect to the internal
>server.
>
Hello,
I have added
EXTERN_UDP_PORTS="0/0_24"
EXTERN_TCP_PORTS="0/0_24"
INTERN_SERVERS="tcp_${EXTERN}_24_192.168.1.5_22 udp_${EXTERN}_24_192.168.1.5_22 "
But my external port 24 shows up as filtered and I can not connect to the internal
server.
Thanks Josh
Hush provide the worlds most sec
Is there a known problem with Dachstein 1.01 and port forwarding? My
installation doesn't, and ls /proc/net/ip_masq makes me think it won't
ever:
app
icmp
tcp
udp
I'll try out the 1.02 kernel, but thought I'd ask while I'm at it.
--
Jack Coates
Monkeynoodle: A Scientific Venture...
__
How do I open ports and forward in Dachstein CD 1.0.2 ?
I finally got this thing workin hehehe. This is so exciting.
Hello
I have been using ES2B för a while but want to migrate to Dachstein.
I have setup the RC2 and it all works well except portforwarding.
The INTERN_FTP_SERVER= etc works fine but the INTERN_SERVERS= gives
me errors when the network starts, even uncommenting the example
gives me errors like "IP
Hello
I have been using ES2B för a while but want to migrate to Dachstein.
I have setup the RC2 and it all works well except portforwarding.
The INTERN_FTP_SERVER= etc works fine but the INTERN_SERVERS= gives
me errors when the network starts, even uncommenting the example
gives me errors like "IP
Timothy Schilbach wrote:
> Hey there,
>
> I have the E2B working great. Thakn you for that awesome documentation
> on LEAF. My network only has one subnet so I didnt install Seattle
> Firwall. I figgured the basic version would be good enough for now.
>
> I have allowed SMTP, WWW, POP-3 to be
Hey there,
I have the E2B working great. Thakn you for that awesome documentation
on LEAF. My network only has one subnet so I didnt install Seattle
Firwall. I figgured the basic version would be good enough for now.
I have allowed SMTP, WWW, POP-3 to be forwarded in my network.conf
49 matches
Mail list logo