You're right it looks exactly like that bug. When I do a show version all I get is:
Baseline Version: vc3 Booted From: disk Because of the similarity I would assume I haven't gotten the latest yet. How should I go about updating it? When i do just 'aptitude' it gives me a confusing ncurse thing. Thanks, Nate On Mon, 2008-01-28 at 09:16 -0800, Steven Kath wrote: > Nate, > > Are you using version 2.3? It seems like you might be experiencing bug > 2502: > > http://bugzilla.vyatta.com/show_bug.cgi?id=2502 > > This bug was resolved with the 2.3.1 release, so you may want to upgrade > if you haven't already. > > If you're already using the latest version and still getting errors, it > would be useful to have a look at a log of your commands and the exact > error message that's coming back. From what I can tell, the rule 1 you > describe below should work properly in version 2.3.1. > > - Steve > > > Nathan McBride wrote: > > So then I probably couldn't view a web page or see my pings because > > the response packets I was getting were being blocked? > > > > What is the correct way to make an esablished and related rule so you > > don't get the errors I am getting? > > > > Thanks, > > Nate > > > > > > On Mon, 2008-01-28 at 08:05 -0800, Justin Fletcher wrote: > > > >> You shouldn't need the out rule; until a firewall is applied, > >> everything is accepted. > >> However, the simple rule is protocol any action accept. That should > >> do it if you > >> want to be thorough :-) > >> > >> Justin > >> > >> On Jan 28, 2008 7:28 AM, Nathan McBride <[EMAIL PROTECTED]> wrote: > >> > >>> Hey guys, > >>> > >>> I just installed Vyatta and have it working. (big step for me) > >>> But I'm having some trouble. I first wanted to know if I should > >>> make the firewall using Vyatta's commands or just iptables? > >>> I tried iptables and it didn't seem to work. I added a rule to allow ssh > >>> but ssh couldn'g go through. So then I made one in Vyatta. Denied > >>> ping, enabled ssh, then applied it to the wan interface. Well that > >>> killed all network traffic so looking through the manual I saw that when > >>> I applied the IN rule for the interface I guess the out rule > >>> automatically got a deny everything since I didn't apply a rule to it. > >>> So, I needed to add a related and established rule to the in for the wan > >>> interface. I did (this is from memory): > >>> > >>> set firewall name eth0-in rule 1 action accept > >>> set firewall name eth0-in rule 1 state established enable > >>> set firewall name eth0-in rule 1 state related enable > >>> > >>> Then I was going to commit this but commit gave an error saying that > >>> protocol needed to be icmp. Once I had set that it errored saying > >>> protocol needed to be tcp... I'm really confused but I need to get a > >>> firewall up. > >>> > >>> Once this is done I was going make a rule for out on the wan interface > >>> to allow everything to go out. Is there a simple rule for this? > >>> > >>> Thanks, > >>> Nate > >>>
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
