Hello James,
Do a ipchains -L again and e-mail it to me
:
[EMAIL PROTECTED]
I think the list has seen enough
Cheers,
Pieter
Peiter,
I was wrong. I can do stuff from my Linux machine now, but now it seems
open. I did a port scan and it showed port 111 open.
James
At 08:32 PM 1/2/2002 +0200, you wrote:
>Hello James,
>
>Well there ya go ! Hope you enjoy it and Linux !
>
>I was sure I saw a message saying +0200 from yo
Hello James,
Well there ya go ! Hope you enjoy it and Linux !
I was sure I saw a message saying +0200 from youWell must have been
wrong ! BTW Iam in Durban, South Africa, same timeline as UK
Go well,
Pieter De Wit
___
Redhat-list mailing list
That seemed to fix it. Thanks for your help on this. I really appreciate it.
I'm in the US, west coast of Florida. Based on the time stamps of your
messages I'm guessing you're in the UK, or similar time zone.
James
At 08:15 PM 1/2/2002 +0200, you wrote:
>Hello James,
>
>Ok I got it nowI
Hello James,
Ok I got it nowI forgot to tell the firewall that it must accept any
"opened" connections from your box.
This is done as follow:
ipchains -A input -i $EXT ! -s $EXTIP -j ACCEPT
P.S. note the !
try this and let me know...btw where are you since we seem to be on the same
time l
Okay, here's what I get when I try to use Konqueror on 192.168.1.8 to hit a
web server at 192.168.1.2.
Jan 2 12:14:38 compaq kernel: Packet log: input DENY eth0 PROTO=6
192.168.1.2:80 192.168.1.8:328
99 L=60 S=0x00 I=12220 F=0x4000 T=64 (#5)
Jan 2 12:14:41 compaq kernel: Packet log: input DEN
Hello James,
Drop the -i $ANY part and then try
Cheers,
Pieter
Oops. no I didn't. When I uncomment these two lines:
ipchains -A input -i $ANY -j DENY -l
ipchains -A output -i $ANY -j DENY -l
I get:
Warning: wierd character in interface `any/0' (No aliases, :, ! or *).
Warning: wierd character in interface `any/0' (No aliases, :, ! or *).
James
At 07:37 PM
Hello James,
Did you enable the loggin part ?
Thanks,
Pieter
ACCEPT <-- Very bad I know but lets try
>
>Cheers,
>
>Pieter
>
>- Original Message -
>From: "James Pifer" <[EMAIL PROTECTED]>
>To: <[EMAIL PROTECTED]>
>Sent: Wednesday, January 02, 2002 6:33 PM
>Subject: RE: firewall-config tool
>
>
&
but lets try
Cheers,
Pieter
- Original Message -
From: "James Pifer" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, January 02, 2002 6:33 PM
Subject: RE: firewall-config tool
> Pieter,
>
> Based on your message here's what I have. Prob
pchains -A input -i $EXT -p tcp -s $ANY $UNPRIVPORTS -d $EXTIP 80 -j ACCEPT
>ipchains -A input -i $EXT -p tcp -S $ANY $UNPRIVPORTS -d $EXTIP 443 -j
>ACCEPT
>
>#If you want to see the traffic that makes it pass
>#the Firewall (denied traffic) then uncomment these
>#lines.
&
/log/messages to check the messages
#I would disable it because your logs might fill up quickly !
--snip--
to start the firewall once you on the box and havn't reboot type /etc/rc
This should do what you want. Sorry I don't know the firewall-config-tool !
Cheers,
Pieter De Wit
Is anyone familar with the firewall-config tool that comes installed with
7.2? I have a system that I need to put on the internet so obviously I need
to lock it down. I only want the following incoming ports open: 22, 80, and
443. When on the machine, either on the console or through an x
14 matches
Mail list logo
