On Thu, Mar 21, 2002 at 02:32:10PM -0600, Kerry Miller wrote:
: We have a client using a CheckPoint VPN, we're trying to use the VPN-1
: SecureClient. Does anybody know what ports/protocols I need to open for
: this to work through our firewall? I tried this:
I'm going to make a few assumptions
We have a client using a CheckPoint VPN, we're trying to use the VPN-1
SecureClient. Does anybody know what ports/protocols I need to open for
this to work through our firewall? I tried this:
/sbin/ipchains -A good-bad -p all -d $RANGEVPN -j ACCEPT
/sbin/ipchains -A bad-good -p all -s $RANGEVPN
On Mon, 26 Mar 2001, Statux wrote:
> For those of you who use ipchains:
>
> I am reading one of the newer IPCHAINS-HOWTOs and it says how you can
> specify ports with the $LOCALIP symbol. However, when I do the following:
>
> # ipchains -A input -p tcp -d $LOCALIP 21 -l -j DENY
>
> I get this:
>
For those of you who use ipchains:
I am reading one of the newer IPCHAINS-HOWTOs and it says how you can
specify ports with the $LOCALIP symbol. However, when I do the following:
# ipchains -A input -p tcp -d $LOCALIP 21 -l -j DENY
I get this:
DENY tcp l- anywhere 0.0.0
sorry, guess I ddin't read your message closely enough. You need the
package
[cgalpin@pooh admin]$ rpm -qf /usr/sbin/ipmasqadm
ipmasqadm-0.4.2-3
hth
charles
On Thu, 26 Oct 2000, Ed Lazor wrote:
> At 03:09 PM 10/26/2000 -0400, you wrote:
> >/usr/sbin/ipmasqadm portfw -a -P tcp -L 80 -R 80
>
At 03:09 PM 10/26/2000 -0400, you wrote:
>/usr/sbin/ipmasqadm portfw -a -P tcp -L 80 -R 80
k, I ran
find /usr -name '*masq*' -print
and it brought up files with extensions .h, .ver, .stamp, .html, .ph,
.help, but nothing specifically called ipmasqadm, so I get the impression I
need to compi
EMAIL PROTECTED]'" <[EMAIL PROTECTED]>
cc:
Subject: RE: ipchains question
I think it's ipportfw, but I wouldn't swear to that.
> -Original Message-
> From: Ed Lazor [SMTP:[EMAIL PROTECTED]]
> Sent: Thursday, October 26, 2000 2:11 PM
&g
At 03:05 PM 10/26/2000 -0400, you wrote:
>I think it's ipportfw, but I wouldn't swear to that.
hmmm no luck on finding ipportfw.
Something I did notice, in /sbin, with ipchains is a command called
ipfwadm
could that be it? or is that there for backwards compatibility with the
old firewall st
/usr/sbin/ipmasqadm portfw -a -P tcp -L 80 -R 80
hth
charles
On Thu, 26 Oct 2000, Ed Lazor wrote:
> I setup an ipchains based firewall and set it up to masq everything from
> the internal network. I don't have an extra machine to setup in a DMZ, so
> I'm going to have to run a web server o
I think it's ipportfw, but I wouldn't swear to that.
> -Original Message-
> From: Ed Lazor [SMTP:[EMAIL PROTECTED]]
> Sent: Thursday, October 26, 2000 2:11 PM
> To: [EMAIL PROTECTED]
> Subject: ipchains question
>
> I setup an ipchains based
Hi Ed,
That's because it is in a different package. Try this link.
http://rpmfind.net/linux/RPM/contrib/libc6/i386/ipmasqadm-0.4.2-4.i386.html
Have fun,
--
_
Brian Ashe CTO
[EMAIL PROTECTED] Dee-W
I setup an ipchains based firewall and set it up to masq everything from
the internal network. I don't have an extra machine to setup in a DMZ, so
I'm going to have to run a web server on the internal network. I asked a
friend ( who isn't available at the moment) and he said to use the
follo
See comments inline:
-- Original Message --
From: Glen Lee Edwards <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Date: Sun, 30 Jul 2000 10:55:19 -0500 (CDT)
>On Sun, 30 Jul 2000, M. Neidorff wrote:
>
> ...These are home PC's, nothing of a real sensitive
- Original Message -
From: Glen Lee Edwards <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, July 30, 2000 10:55 AM
Subject: Re: ipchains question
> On Sun, 30 Jul 2000, M. Neidorff wrote:
>
> >If this is a question (I'm not sure you are asking or
On Sun, 30 Jul 2000, Glen Lee Edwards wrote:
> On Sun, 30 Jul 2000, M. Neidorff wrote:
>
> >If this is a question (I'm not sure you are asking or not), then what you
> >say is correct. It is exactly what I am doing here. The one possible
> >misunderstanding is that ipchains is not required t
On Sun, 30 Jul 2000, M. Neidorff wrote:
>If this is a question (I'm not sure you are asking or not), then what you
>say is correct. It is exactly what I am doing here. The one possible
>misunderstanding is that ipchains is not required to make the
>connection...it does security.
I could use
If this is a question (I'm not sure you are asking or not), then what you
say is correct. It is exactly what I am doing here. The one possible
misunderstanding is that ipchains is not required to make the
connection...it does security.
At 07:53 AM 07/28/2000 -0700, you wrote:
>I am under th
On Fri, 28 Jul 2000, Paul Smith wrote:
> I am under the impression that if I am using dsl, with a static ip address I
> can use a redhat machine with ipchains and two network cards to allow multiple
> internal machines to use that one redhat machine (gateway) for browsing the
> internet. I suppo
; > -Original Message-
>> > From: Paul Smith [SMTP:[EMAIL PROTECTED]]
>> > Sent: Friday, July 28, 2000 10:34 AM
>> > To: [EMAIL PROTECTED]
>> > Subject: ipchains question
>> >
>> > Hello all,
>> >
>> > What is th
t 0x01 0x10
$IPCHAINS -A output -p tcp -d 0/0 21 -t 0x01 0x10
$IPCHAINS -A output -p tcp -d 0/0 110 -t 0x01 0x10
$IPCHAINS -A output -p tcp -d 0/0 25 -t 0x01 0x10
echo -n "."
#
# Set ftp-data for maximum throughput
$IPCHAINS -A output -p tcp -d 0/0 20 -t 0x01 0x08
echo -n "."
"Burke, Thomas G." wrote:
> Do you have a routable internal network, or are you using masquerade?
>
> > -Original Message-
> > From: Paul Smith [SMTP:[EMAIL PROTECTED]]
> > Sent: Friday, July 28, 2000 10:34 AM
> > To: [EMAIL PROTECTED]
> > Sub
u want to
close. It only takes a few minutes to get it up & running, works great.
That is cheating however, since your not doing your scripts yourself. ;)
-Original Message-
From: Paul Smith [mailto:[EMAIL PROTECTED]]
Sent: Friday, July 28, 2000 9:34 AM
To: [EMAIL PROTECTED]
Subject: ipch
Do you have a routable internal network, or are you using masquerade?
> -Original Message-
> From: Paul Smith [SMTP:[EMAIL PROTECTED]]
> Sent: Friday, July 28, 2000 10:34 AM
> To: [EMAIL PROTECTED]
> Subject: ipchains question
>
> Hello all,
>
>
Hello all,
What is the basic ipchains command that allows internal computers to
make use of a redhat 6.2 machine gateway for browsing the internet.
I've been playing around with ipchains using different commands, but
don't seem to beable to get my internal machines to browse the
internet. I've r
I want squid to perform an ident lookup on Win9x clients. This is no
problem if the client browsers are configured to use the proxy, i.e. Port
3128 and are running a identd.exe.
However, when using squid transparently, no lookups take place. I think
this is an Ipchains issue since the only re
On Mon, Jun 26, 2000 at 05:14:08PM -0500, Bob Hartung said:
> A basic ipchains question from a neophyte:
> I am using a two NIC P90 as a masquerade server for a DNS connection.
> When I write ipchain rules for Accept, Reject, or Deny how do I, or do I
> never, know which NIC I
> Resent-Cc:
> MBOX-Line: From [EMAIL PROTECTED] Mon Jun 26 18:09:05 2000
> Sender: [EMAIL PROTECTED]
> Date: Mon, 26 Jun 2000 17:14:08 -0500
> From: Bob Hartung <[EMAIL PROTECTED]>
>
> A basic ipchains question from a neophyte:
> I am using a two NIC P90 as
A basic ipchains question from a neophyte:
I am using a two NIC P90 as a masquerade server for a DNS connection.
When I write ipchain rules for Accept, Reject, or Deny how do I, or do I
never, know which NIC I am appending rules for.
Can I allow access from an internal machine to the
I have a tried to set up a Linux (RedHat 6.0) firewall behind a router
running NAT (+).
I have all the packet forwarding working, but cannot get IPCHAINS set up
properly.
The chains work, but if I use one of the example chains files it blocks
everything.
I set the chains to open, and logged a si
29 matches
Mail list logo
