;Nick" <[EMAIL PROTECTED]>
Sent: Wednesday, May 24, 2000 9:21 PM
Subject: Re: ipfwadm
> Sorry I answered your question but not as
> clearly as I could have.
>
> You should execute the command I mentionned
> before the others (that you mentionned). Maybe you
> want to put
I no expert but don't you have to enable ip forwarding
in the kernel first by executing the following:
# echo "1" > /proc/sys/net/ipv4/ip_forward
I assume of course that you are trying to set up
ip masquerading. There a good article on this in the
linux journal issue 43, available on line at
What does your routing table look like? If the default route is not set,
that could explain your problem.
Ernest Johanson
Web Systems Administrator
Fuller Theological Seminary
On Fri, 3 Mar 2000, Chris Brown wrote:
> Date: Fri, 3 Mar 2000 18:09:29 -0500
> From: Chris Brown <[EMAIL PROTECTED]>
Hi there,
> Just a thought. Do you other machines have 192.168.20.254
> shown as your gateway?
Yes they were coming.
I've realised my problem and solved it anyhow.
Quick rundown:
> : eth0 Link encap:Ethernet HWaddr 00:00:E8:74:32:FD
> : inet addr:192.168.20.254 Bcast:192.168.2
Just a thought. Do you other machines have 192.168.20.254
shown as your gateway?
Marc-Adrian Napoli <[EMAIL PROTECTED]> wrote:
: hi all,
: quick ipfwadm question.
: ethernet cards are as so:
: eth0 Link encap:Ethernet HWaddr 00:00:E8:74:32:FD
: inet addr:192.168.20.254 Bcast:1
non
- Original Message -
From: George Bonser <[EMAIL PROTECTED]>
To: didier ayllon <[EMAIL PROTECTED]>
Cc: Debian-User
Sent: Sunday, January 16, 2000 10:31 PM
Subject: Re: ipfwadm
> On Sun, 16 Jan 2000, didier ayllon wrote:
>
> > when i try to do
Further to the below problem. If i try to flush the ipautofw table, I get..
ipautofw -F
setsockopt: Protocol not available
Does this mean i dont have the necessary kernel support to forward
connections?
- Original Message -
From: Richard Clarke <[EMAIL PROTECTED]>
To: Debian User List
S
Hi,
There is a modular firewall shell-script called gmmf that should do what
you are after. It's pretty simple to set up, and denies all ports by
default, and requires you to open any specific ports you want to use.
Have a search on http://freshmeat.net for gmmf to find it.
Cheers,
damon
On F
Hi!
> set your default policies to DENY (instead of ACCEPT) and try again
> ..everything will be blocked except what you specifically state should be
> allowed in (dont try this from remote! you may lose access to the machine)
I've already tried that way, but it doesn't work out the way I
set your default policies to DENY (instead of ACCEPT) and try again
..everything will be blocked except what you specifically state should be
allowed in (dont try this from remote! you may lose access to the machine)
(use ipfwadm -p DENY)
nate
[mailto:[EMA
Ideally.. I'd like to allow snmpd to work on my whole 203.41.122.128/26
subnet.. so that I can monitor a few other pcs...
Thanks
Michael
>
>Ok cool.. The script I got works ok.. few problems.. one of which I want to
>solve ASAP is that snmpd doesn't work.. I run mrtg on the linux machine
that
>t
Take a look at http://www.xos.nl/linux/ipfwadm/paper/
Subject: re: ipfwadm
Date: Mon, Dec 21, 1998 at 09:17:15AM +1100
In reply to:Michael Fox
Quoting Michael Fox([EMAIL PROTECTED]):
>
> Anyone care to show me a quick and dirty ipfwadm script to allow
> ftp/http/irc
On Mon, 21 Dec 1998, Michael Fox wrote:
> Anyone care to show me a quick and dirty ipfwadm script to allow
> ftp/http/irc/mail/dns in/out from linux machine..
>
> I'd like to enable ipfw filters.. but stuck on the writing of the ipfw.sh
> script I would run.. examples would be great..
I'm using
Anyone care to show me a quick and dirty ipfwadm script to allow
ftp/http/irc/mail/dns in/out from linux machine..
I'd like to enable ipfw filters.. but stuck on the writing of the ipfw.sh
script I would run.. examples would be great..
-- Michael
Administrator
maf networking services
[EMAIL PROTE
Nuno Carvalho wrote:
> > Some time ago, I happened to find a web-based admin utility for ipfwadm
> > and ipchains. Now that I need it, I can't seem to find it anymore.
> > Perhaps somebody out there can help me out?
>
> You can check it on their official site:
>
>http://www.xos.nl/linux/ipfwa
On Tue, 15 Dec 1998, Robert Claeson wrote:
> Some time ago, I happened to find a web-based admin utility for ipfwadm
> and ipchains. Now that I need it, I can't seem to find it anymore.
> Perhaps somebody out there can help me out?
You can check it on their official site:
http://www.xos.nl/l
I have my linux machine routing my packets from my lans 64 ip subnet..
Anyone tell me if I can compile kernel with ipfw support and setup some ip
firewall rules using ipfwadm.. and do some packet filtering..
the machine with the link does.. www/mail/ftp/http/dns/irc so the firewall
should allow al
Michael Laing napisal(a):
[...]
: It's not totally clear to me how to use ipfwadm to do this...
:
: Also, I am considering moving to slink and kernel 2.1.125 and using
: ipchains instead. It looks simpler and I would like to learn just one
: tool, if possible.
Use ipfwadm-wrapper, not ipfwadm.
F
Hi,
>>"Collin" == Collin Rose <[EMAIL PROTECTED]> writes:
Collin> When I boot my system it says
Collin> ipfwadm: setsockopt error protocol not available
Collin> or something like that. What is the problem?
Chances are, you moved to a 2.1.1XX kernel. The never kernels
reuire ipchains
Load the ip_masq_* modules... That fixed my problem w/ sending DCC (I
could receive, which is kinda odd).
Look in /lib/modules/2.0.34/ipv4 for all the possible modules (assuming
you compiled them) and run:
insmod ip_masq_irc
etc.
-Paul
On Tue, 16 Jun 1998, Ben Szyc wrote:
> i'm running Debia
Mark Stone <[EMAIL PROTECTED]> writes:
> In order to use the ipfwadm command set, what options and modules need to
> be selected in configuring the kernel?
Under "Networking options", I think you need to have "IP: firewalling"
selected. You'll also need to select "Network firewalls" to be able
t
On Tue, 26 Aug 1997, Mario Olimpio de Menezes wrote:
> My linux box acts as a ip-masq for the internal sub-net of
> Windows machines. It has 3 cards: one for output to Internet, with a
> valid IP address and 2 for the internal sub-net.
> IP-Masq is working OK; all machines can telnet,
> I have looked at my /proc/net directory. There are no ip_* files. What
> should I do.
That means that there isn't any ip forwarding or firewalling, for sure.
> Note: After recompiling kernel I have noticed following:
>
> Setup is 4384 bytes
> System is 638kB
> System is too big
> Man[1]: ***[
,
Drazen
--
From: Jim Pick
To: Lalovic, Drazen
Cc: debian
Subject: Re: ipfwadm
Date: Wednesday, July 02, 1997 9:05PM
> I have recompiled 2.0.29 Kernel to enable IP forwarding and
firewalling.
> When I try to configure ipfwadd it tells me:
> ipfwadm: setsockopt failed: Protocol not
On Wed, 02 Jul 1997 16:44:00 EDT "Lalovic, Drazen"
([EMAIL PROTECTED]) wrote:
> I have recompiled 2.0.29 Kernel to enable IP forwarding and firewalling.
> When I try to configure ipfwadd it tells me:
> ipfwadm: setsockopt failed: Protocol not available.
> Does somebody have a solution for this p
> I have recompiled 2.0.29 Kernel to enable IP forwarding and firewalling.
> When I try to configure ipfwadd it tells me:
> ipfwadm: setsockopt failed: Protocol not available.
> Does somebody have a solution for this problem.
I'm not sure. You can check to see if they are compiled into the
kerne
>Thoughts? I presume this would be much easier if I used a static IP, but
>the boxes I use don't authenticate with TACACS+ or radius, so I can't just
>make an entry.. I'd be able to do some cut/awk type stuff to extract the
>IP and add the stuff to the bottom of /usr/bin/pon, but I just need what
> > At 00:41 22-11-96 -0500, Adam Heath wrote:
> > |I current connect to the Internet with PPPD, and all works well. I
have
> > |compiled my kernel (2.0.24) with IP_MASQ enabled, and have verified
that
> > |this works. Here is my question.
> > |
> > |Can it be setup, so that when someone telnets
> At 00:41 22-11-96 -0500, Adam Heath wrote:
> |I current connect to the Internet with PPPD, and all works well. I have
> |compiled my kernel (2.0.24) with IP_MASQ enabled, and have verified that
> |this works. Here is my question.
> |
> |Can it be setup, so that when someone telnets into the Li
Adam Heath wrote:
|I current connect to the Internet with PPPD, and all works well. I have
|compiled my kernel (2.0.24) with IP_MASQ enabled, and have verified that
|this works. Here is my question.
|
|Can it be setup, so that when someone telnets into the Linux box, instead
|of the request being
Hi,
I'm the diald maintainer. That doesn't mean I can give you any useful
advice :-)
Sorry I didn't reply to you last message, but I'm not particularly
skilled in networking (I maintain diald only because when I installed
Debian the first time diald was not part of the distribution) and I
was ho
> From: Gerry Jensen <[EMAIL PROTECTED]>
>
> On Fri, 27 Sep 1996, Simon Martin wrote:
>
>> 2) recompiled the kernel experimental, with the masquerade, firewall,
etc
>> enabled, ip forwarding, etc disabled, as per the instructions in the
>> IP_MASQUERADE mini howto. (I can connect to my ISP without
I have a two PC network. One box is connected to the ISP via
diald/ppp. The second box talks to the first one through an ethernet.
I left the diald setup on the box with the modem unchanged. Having
recompiled the kernel, I execute the script below (my internal lan is
192.168.1, the ethernet card
>
>Actually, either of the above tips by themselves may fix the problem as I
>think they are essentially doing the same thing.
>
>For what it's worth, this is how I set up masquerading on my machine, but
>I know there are several ways to do it. The way you are doing it sounds
>like it is working.
On Wed, 21 Aug 1996 [EMAIL PROTECTED] wrote:
> Anyone here on the Debian-L know the secrets of using the ipfwadm
> utility to set up masquerading? I've built a kernel with the proper
> options but I'm concerned about whether I'm really masquerading, or
> just forwarding packets. How do I prove i
Hi,
# ipfwadm -F -i masquerade -P all -S 192.168.210.0/0 -D 0.0.0.0/0
this is OK.
> The reason for the question is this; the ipfwadm -M -l shows no masquerade
> rule set.
ipfwadm -M -l (or netstat -M) will only show you masqueraded connections,
not the rules. The rules are displayed with "ipfwa
On Wed, 21 Aug 1996 [EMAIL PROTECTED] wrote:
> The reason for the question is this; the ipfwadm -M -l shows no masquerade
> rule set.
My setup command is more or less like yours, and I can see my masquerade
rule set with 'ipfwadm -Fl', as it is shown with a "msq" type.
/___
/_
/___manuele ([EM
Hi,
> Just one more thang... I know ping wont work through this, but is there
> something I can do to make FTP operational from all the other machines
> besides the Linux box?
you can eighter use passive FTP from the PC (Netscape does this for
example), or you need to load the ip_masq_ftp modu
This message is in reply to the one just posted by Susan Kleinmann:
I tried something similar to what you said, but I could not get it to work.
What did work for me was what Bernd Eckenfels mentioned earlier (Thanks, Bernd).
Essentially,
ipfwadm -F -a masq -S 192.168.0.0/29 -D 0
39 matches
Mail list logo
