On Wed, 2010-05-26 at 10:09 -0400, Bob Goodwin wrote:
> less /etc/sysconfig/iptables Produces the following. Is this the
> file I need to work on? It looks "simpler" than I expected but I am
> admonished not to "customize" it manually?
Yeap, that's the file. And no, if you don't us
On 26/05/10 09:54, Bob Goodwin wrote:
> On 26/05/10 04:09, Tim wrote:
>> On Tue, 2010-05-25 at 16:19 -0700, Rick Stevens wrote:
>>> If you want to log ALL new connections from box6 (remember that the
>>> "-s" bit is specifying connections coming FROM box6), use the "-I"
>>> version.
>> Yes, and you
On 26/05/10 04:09, Tim wrote:
> On Tue, 2010-05-25 at 16:19 -0700, Rick Stevens wrote:
>
>> If you want to log ALL new connections from box6 (remember that the
>> "-s" bit is specifying connections coming FROM box6), use the "-I"
>> version.
>>
> Yes, and you certainly want any logging ru
On Tue, 2010-05-25 at 16:19 -0700, Rick Stevens wrote:
> If you want to log ALL new connections from box6 (remember that the
> "-s" bit is specifying connections coming FROM box6), use the "-I"
> version.
Yes, and you certainly want any logging rules before any ignoring rules,
because not only wil
On 05/25/2010 02:30 PM, Bob Goodwin wrote:
> On 25/05/10 06:45, kalinix wrote:If this applies for ssh only, you could
> do something like this, on box9:
>>
>>
>> IPTABLES -I INPUT -i eth0 -s ip.of.box.6 -p tcp -m tcp --dport 22 -j
>> ACCEPT
>>
>>
>> If you need more services to be available for box
On 25/05/10 06:45, kalinix wrote:If this applies for ssh only, you could
do something like this, on box9:
>
>
> IPTABLES -I INPUT -i eth0 -s ip.of.box.6 -p tcp -m tcp --dport 22 -j
> ACCEPT
>
>
> If you need more services to be available for box9, you simply let out
> -m tcp and --dport 22, to g
On Tue, 2010-05-25 at 05:17 -0400, Bob Goodwin wrote:
> I have two f12 computers, box9 will ping box6 but box6 to box9
> reports 100% loss. When we had Firestarter there was a log that
> usually indicated where the firewall was blocking data.
>
> It seems to me there should be a way t
On Tue, 2010-05-25 at 05:17 -0400, Bob Goodwin wrote:
> I have two f12 computers, box9 will ping box6 but box6 to box9
> reports 100% loss. When we had Firestarter there was a log that
> usually indicated where the firewall was blocking data.
>
> It seems to me there should be a way to determine th
I have two f12 computers, box9 will ping box6 but box6 to box9
reports 100% loss. When we had Firestarter there was a log that
usually indicated where the firewall was blocking data.
It seems to me there should be a way to determine this without
Firestarter? How do I do that?
