-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Earl Wilson wrote:
| Thanks to both of you for your help; well, I did add the "0/0_24"
| comment as suggested, but no luck, HOWEVER, I then REMOVED the sshd.lrp
| package, and was able to access the inside web server running on the
| redhat machine v
nal box.
Telnet is DEFINATELY not something you want to put onto your FW box.
Thats about it, let me know if you have any problems.
- Original Message -
From: Earl Wilson <[EMAIL PROTECTED]>
Date: Friday, August 19, 2005 8:43 am
Subject: Re: [leaf-user] Port-forwarding ssh thru Dac
--- Original Message -
From: "Earl Wilson" <[EMAIL PROTECTED]>
To:
Sent: Friday, August 19, 2005 9:27 AM
Subject: Re: [leaf-user] Port-forwarding ssh thru Dachstein
> Thanks to both of you for your help; well, I did add the "0/0_24"
> comment as suggeste
m the
"EXTERN_TCP_PORTS=" line
Earl
- Original Message -
From: <[EMAIL PROTECTED]>
To: "M Lu" <[EMAIL PROTECTED]>
Cc: "Earl Wilson" <[EMAIL PROTECTED]>;
Sent: Tuesday, August 16, 2005 11:22 AM
Subject: Re: [leaf-user] Port-forwarding ssh thru
om: M Lu <[EMAIL PROTECTED]>
Date: Tuesday, August 16, 2005 8:16 am
Subject: Re: [leaf-user] Port-forwarding ssh thru Dachstein
> If Earl wants to use external port 24, then may be he should use
>
> EXTERN_TCP_PORTS="0/0_21 0/0_80 0/0_24"
>
> instead of
>
> &g
t;
To: "M Lu" <[EMAIL PROTECTED]>
Cc: "Earl Wilson" <[EMAIL PROTECTED]>;
Sent: Tuesday, August 16, 2005 9:04 AM
Subject: Re: [leaf-user] Port-forwarding ssh thru Dachstein
This allows an individual to SSH directly to the external IP address,
using port 24, and Dac
don't have to change the SSHd server on the internal box
to 24, you leave it as 22 (if I recall correctly).
Sorry to throw in my 2 cents into the thread...
joey
- Original Message -
From: M Lu <[EMAIL PROTECTED]>
Date: Tuesday, August 16, 2005 7:30 am
Subject: Re: [leaf
I do not remember Dachstein very well but just wonder why you have
EXTERN_SSH_PORT=24?
Also I have seen some ISPs rejecting SSH traffic so consider that
possibility too. You can test that by temporary portforwarding some other
port (e.g. 80 as you know for sure 80 is allowed) to 22 and test
On Tuesday 10 February 2004 11:55 am, Stephen Lee wrote:
>
> Thanks much Tom. It works now. Now I understand what ORIGINAL
> DESTINATION and DETECT_DNAT_ADDRS means ;-)
>
You're welcome, Stephen. For the benefit of those searching the archives, the
option in shorewall.conf as actually named DETE
On Tue, 2004-02-10 at 10:51, Tom Eastep wrote:
> On Tuesday 10 February 2004 10:17 am, Stephen Lee wrote:
> > Hi,
> >
> > I'm running a Bering1.2/CD system with a lan(eth1) and a proxy
> > dmz(eth2). There's workstation on the lan running a pcAnywhere host and
> > a server in the DMZ running pcAnyw
On Tuesday 10 February 2004 10:17 am, Stephen Lee wrote:
> Hi,
>
> I'm running a Bering1.2/CD system with a lan(eth1) and a proxy
> dmz(eth2). There's workstation on the lan running a pcAnywhere host and
> a server in the DMZ running pcAnywhere as well. I can connect to the lan
> pcAnywhere via the
On Tuesday 09 December 2003 08:47 pm, Dr. Richard W. Tibbs wrote:
> Folks:
> As I mentioned in my last post, I have not had luck with the following
> command: INTERN_SERVERS="tcp_${EXTERN_IP}_domain_192.168.x.y_domain
> udp_${EXTERN_IP}_domain_192.168.x.y_domain"
>
> I get no port forwarding for po
At 09:47 PM 12/9/2003 -0500, Dr. Richard W. Tibbs wrote:
Folks:
As I mentioned in my last post, I have not had luck with the following
command:
INTERN_SERVERS="tcp_${EXTERN_IP}_domain_192.168.x.y_domain
udp_${EXTERN_IP}_domain_192.168.x.y_domain"
I get no port forwarding for ports 53. I do get
I believe the line should read:
DNAT net loc:192.168.1.200 tcp 1" added
(take out :1)
chris.
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of Tom Harr
> Jakobsen
> Sent: Wednesday, September 03, 2003 5:16 AM
> To: [EMAIL PROTECTED]
> Subject:
> One blue-sky thought ... I've never tried to set up one of these
> multi-address external interfaces where the extra addresses are on a
> different network than the primary address (and the default gateway). I
> wonder if packets going back out those interfaces can find the default
> gateway? (C
[EMAIL PROTECTED] On Behalf Of
> Ray Olszewski
> Sent: Wednesday, March 12, 2003 3:54 PM
> To: Ken Marshall; [EMAIL PROTECTED]
> Subject: Re: [leaf-user] Port Forwarding and pcAnywhere
>
>
> Ken -- Thanks for a good, clear posting of the details. Based
> on it, I hav
6.225 0.0.0.0 UG0 0 0
eth0
Thanks,
Ken
> -Original Message-
> From: Ray Olszewski [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, March 12, 2003 4:50 PM
> To: Ken Marshall; [EMAIL PROTECTED]
> Subject: RE: [leaf-user] Port Forwarding and pcAnywhere
>
You didn't read the SR FAQ, did you?
Please report the output of:
ip addr show
netstat -nr
These will tell us what interfaces and routes are *actually* being set up
on your Dach router, not what you are *trying* to set up (in the end, that
is all that the config files tell us).
Ken -- Thanks for a good, clear posting of the details. Based on it, I have
a couple of comments.
First, it does not appear that you have tested pcAnywhere with your primary
IP address (206.127.76.231). This assumes some significance when I note ...
Second, I *can* ping your primary IP address
> -Original Message-
> From: vivek varshney
> Sent: Wednesday, August 14, 2002 2:42 PM
> To: [EMAIL PROTECTED]
> Subject: [leaf-user] Port Forwarding Documentation
>
>
> I would to know if there is set of complete
> documentation on Port Sharing using LEAF (I am using
> Bering v0.5 of L
On Thursday 06 June 2002 18:12, James K. Wiggs wrote:
> running OpenH323 and GnomeMeeting 0.85;
> the other is an NT 4.0 box running NetMeeting 3.01. I've configured
Load the "ip_masq_h323" module in /etc/modules.
This is a helper module to get it to work right.
--
~Lynn Avants
aka Guitarl
On Thu, Jun 06, 2002 at 02:34:13PM +0700, GREGOR wrote:
>
> How do I solve this problem? Are the switches limited for only 5 DMZ?
I have nine entries like that, which work as intended, so no there's no
limit. (Not at 5 anyway ;)
But you have three external IPs... Are you certain that works?
I
From: Lee [mailto:[EMAIL PROTECTED]]
>Sent: Thursday, May 30, 2002 4:57 PM
>To: [EMAIL PROTECTED]
>Subject: Re: [leaf-user] Port Forwarding
>
>
>There shouldn't be any other changes necessary - as long as you are
>trying to genuinely access it from outside. You can'
30, 2002 4:57 PM
To: [EMAIL PROTECTED]
Subject: Re: [leaf-user] Port Forwarding
There shouldn't be any other changes necessary - as long as you are
trying to genuinely access it from outside. You can't access it from
inside by hitting your external IP address from the inside.
Some troub
ed to make besides the two edits in etc/network.conf?
Thanks,
Jon
-Original Message-
From: Lee [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 30, 2002 3:55 PM
To: [EMAIL PROTECTED]
Subject: Re: [leaf-user] Port Forwarding
The IP address you see in the example is the IP address of the ext
what I put because I have a dynamic IP
for my external network connection. Can you help me out?
Thanks,
Jon
-Original Message-
From: Lee Kimber [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, May 29, 2002 11:02 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Re: [leaf-user] Port Forwarding
W
I've editted the /etc/network.conf file, through lrcfg (network settings,
then network configuration) for something similar, port forwarding to an
internal smtp server (with static, private IP address 192.168.1.201). I
modified two lists as follow:
Page down to about line 325 to find EXTERN_TCP_P
What you need is in the /etc/network.conf file, which you can edit from the
lrcfg menu by going to Network Settings and then Network Configuration.
IIRC you need to do two things:
1. open the firewall to port 113 in the section that begins:
# IP Filter setup - can pull in settings from above
2
EXTERN_TCP_PORT0="0/0 www 111.222.333.444" I think this wrong not really
sure
EXTERN_TCP_PORTS="0/0_ssh 0/0_smtp 0/0_www 0/0_domain 0/0_https 0/0_pop-3
0/0_spop3" this is mine and it is working.
How did you try to access your internal web server
since you are firewall and MASQ your pub
i know in dachstein floppy 1.0.2 the variable is ${EXTERN_IP}, not
${EXTERN} ... also, if you're using ssh, it listens on TCP port 22, not
24... my network.conf for ssh looks like this:
EXTERN_TCP_PORT0="0/0 ssh"
INTERN_SERVERS="tcp_${EXTERN_IP}_ssh_192.168.1.10_ssh"
-david
On S
[EMAIL PROTECTED] wrote:
>
> Hello,
>
> I have added
>
> EXTERN_UDP_PORTS="0/0_24"
> EXTERN_TCP_PORTS="0/0_24"
> INTERN_SERVERS="tcp_${EXTERN}_24_192.168.1.5_22 udp_${EXTERN}_24_192.168.1.5_22 "
>
> But my external port 24 shows up as filtered and I can not connect to the internal
>server.
>
Timothy Schilbach wrote:
> Hey there,
>
> I have the E2B working great. Thakn you for that awesome documentation
> on LEAF. My network only has one subnet so I didnt install Seattle
> Firwall. I figgured the basic version would be good enough for now.
>
> I have allowed SMTP, WWW, POP-3 to be
32 matches
Mail list logo