Florin:
I tried this, but maybe I am missing something. You mean like:
172.16.96.0/19!172.16.96.151__172.16.96.152
or is there a missing symbol in the email? I tried above and that is
not working
I did learn that the masquerades are processed after the static nats so
it really shouldn't be necessary to exclude these if they are snatted
already, right? However, I would like to be able to do this so could
you clarify what __ means with an example? I also noticed in the
shorewall docs that they specified the subnet CIDR for each address:
172.16.96.0/19!172.16.96.151/19,172.16.96.152/19
Is that necessary in MNF?
Thanks
Doug
Florin wrote:
Doug White <[EMAIL PROTECTED]> writes:
I am trying to set up a DHCP component to a network with Beta 2.
If I allow dhcp addresses, do I need to masquerade the interface to
allow the dhcp addresses on the interenet. I tried this using
172.16.96.0/19!172.16.96.151,172.16.96.152
you cannot use commas in the web frontend. I might add a code like __ and
this will be translated into a comma in the backend ...
as the masq setup since I have several servers on that subnet that are
static nat (151 and 152). This causes major problems (errors when
shorewall tries to restart).
I presume you have something like the following:
172.16.96.0/19!172.16.96.151,
which generates a shorewall error
Any thoughts.
Secondly:
Where are the files used to generate "rules" in /etc/shorewall/rules.
It says to edit the template file but the template file is a script and
I couldn't figure out where the rules originate. I want a way to backup
just parts of the firewall (like the rules) without the entire
configuration backup.
/usr/share/naat/templates/etc are the templates and they use the variables
from /var/lib/naat/configuration : RulesList in your case (be careful if
you edit that by hand because it's a huge single line) :o)
I figured out a way to do this by editing the backup text file and
inserting the rules I want there but it would be easier to just copy in
the base files.
copy the RulesList line
____________________________________________________
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
Join the Club : http://www.mandrakeclub.com
____________________________________________________
|
begin:vcard
fn:Doug White, CISSP, CCE, PHD
n:White;Doug
org:Roger Williams University;CIS Department
adr:;;One Old Ferry Rd.;Bristol;RI;02809;USA
email;internet:[EMAIL PROTECTED]
title:Associate Professor
tel;work:401-254-3165
tel;home:401-289-0228
tel;cell:401-662-9781
x-mozilla-html:TRUE
url:http://cisweb.rwu.edu/dwhite
version:2.1
end:vcard
____________________________________________________
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
Join the Club : http://www.mandrakeclub.com
____________________________________________________
