Marcus Limosani wrote:
Hi tom,
I set things up as per your recommendation.
I can browse the net from the internal network, and then applied the
other rules as you indicated.
I still get the FORWARD:REJECT response on traffic destined to the servers.
I have attached the
Tom Eastep wrote:
Marcus Limosani wrote:
Hi tom,
I set things up as per your recommendation.
I can browse the net from the internal network, and then applied the
other rules as you indicated.
I still get the FORWARD:REJECT response on traffic destined to the servers.
I have
Tom Eastep wrote:
Tom Eastep wrote:
Marcus Limosani wrote:
Hi tom,
I set things up as per your recommendation.
I can browse the net from the internal network, and then applied the
other rules as you indicated.
I still get the FORWARD:REJECT response on traffic destined to the
JC Janos wrote:
Fyi, though possibly old news for you,
http://markmail.org/message/2mvljuomcvm22zhe
The binding feature is scheduled for removal in the next ipset
release: the functionality can be replaced by the new set types.
I think this may eventually affect the Docs at
Hi, i would like to read opinions about my firewall settings:
I am using Iptables with Shorewall (frontend) and my configuration is:
- Default Policy: REJECT all connections.
- Rules: Allow DNS (my DNS servers), allow http and https connections
for servers: www.google.es, ...
So, nobody
Manuel Gomez wrote:
Hi, i would like to read opinions about my firewall settings:
Please STOP CROSS-POSTING.
-Tom
--
Tom Eastep\ The ultimate result of shielding men from the
Shoreline, \ effects of folly is to fill the world with fools.
Washington, USA \
Sam Kuper escribió:
2008/11/10 Sam Kuper [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED]
By using REJECT instead of DROP, you have no stealth. This means
you can be port-scanned to look for weaknesses, e.g. unpatched
OpenSSH vulnerabilities, etc.
That said, if SSH traffic is
Sam Kuper escribió:
2008/11/10 Sam Kuper [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED]
By using REJECT instead of DROP, you have no stealth. This means
you can be port-scanned to look for weaknesses, e.g. unpatched
OpenSSH vulnerabilities, etc.
That said, if SSH traffic is
Sam Kuper escribió:
2008/11/10 Sam Kuper [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED]
By using REJECT instead of DROP, you have no stealth. This means
you can be port-scanned to look for weaknesses, e.g. unpatched
OpenSSH vulnerabilities, etc.
That said, if SSH traffic is
shorewall does not stop, do not responding.
Does anything at all happen when you try to restart Shorewall?
I'm not sure what is going on, but this doesn't sound like a Shorewall
problem.
-
This SF.Net email is
10 matches
Mail list logo