Excellent!
Please consider adding this information in documentation.
Komal
Robyn Orosz wrote:
> Hi Adrian,
>
> First off, I apologize for the long delay in getting back to you but, I
> think I have an answer for you. On the Vyatta router, try the following:
>
> echo 0 > /proc/sys/net/netfilt
were getting through Vyatta.Thanks!Adrian
Original Message
Subject: Re: [Vyatta-users] Vyatta Stateful Firewall Issue
From: Robyn Orosz <[EMAIL PROTECTED]>
Date: Wed, November 14, 2007 10:57 pm
To: "Adrian F. Dimcev" <[EMAIL PROTECTED]>
Cc: vyatta-users@ma
opback lo {
> }
> ethernet eth0 {
> hw-id: 00:0c:29:3c:4c:79
> address 192.168.22.225 {
> prefix-length: 24
> }
> firewall {
> local {
> name: "ext"
> }
> }
ace: "eth0"
source {
network: "192.168.40.0/24"
}
destination {
network: "!192.168.10.0/24"
}
outside-address {
address: 192.168.22.225
}
}
A weird thing:
When I specify a
Hi Adrian,
What rules have you placed in your firewall and what options are you
using to send ACK segments with nmap (specific ports etc?)
Thank you,
Robyn
Adrian F. Dimcev wrote:
> I've been testing with vc2.2 too.
> Same problem regarding the ACK segment.
> Everything else seems to work just
I've been testing with vc2.2 too.
Same problem regarding the ACK segment.
Everything else seems to work just fine(is blocking other TCP segments
with different flag combinations).
However the "lonely" ACK segment is passing free through Vyatta.
Looks like a bug to me.
Hi,I've been playing a little bit with Vyatta's firewall and I've noticed a litlle problem.As the documetation says Vyatta offers stateful inspection.As my test shown it is so.However I can always pass an ACK segment which is not a part of any existing connection.I'm usually using namp or hping to
