Mandrake Linux Archives: security-firewall@mandrivalinux.org

Mandrake Linux: security-firewall@mandrivalinux.org

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

From: florin
Subject: Re: [Security Firewall] Problems setting up latest ISO
Date: 27 Apr 2005 08:06:46 -0000

Hi,

no I NEVER mean directly to me in this ML context :o)

btw ... I have already answered to your email posted on the ML you are
mentioning ...


On 4/27/05, Mark Tiller <mtiller@ntlworld.com> wrote:
> Florin,
> 
> I have already sent this to the mailing list, then I noticed that you asked
> me to send it to you.  I assume that you meant direct to you.
> 
> [root@firewall2 mark]# route -n
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags Metric Ref    Use
> Iface
> 81.109.147.0    0.0.0.0         255.255.255.0   U     0      0        0 eth1
> 192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
> 127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
> 0.0.0.0         81.109.147.254  0.0.0.0         UG    0      0        0 eth1
> 
> [root@firewall2 mark]# /sbin/ip addr|grep -v link|grep -v inet6|grep -v
> valid|grep -v sit|grep -v lo
> 2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
> 3: eth1: <BROADCAST,MULTICAST,NOTRAILERS,UP> mtu 1500 qdisc pfifo_fast qlen
> 1000
> 
> [root@firewall2 mark]# grep -v ^$
> /etc/shorewall/{zones,interfaces,masq,policy,rules} |grep -v :#
> /etc/shorewall/zones:lan        LAN     local_area_network
> /etc/shorewall/zones:dmz        DMZ     demilitarized_zone
> /etc/shorewall/zones:wan        NET     internet
> /etc/shorewall/zones:wifi       WIFI    wireless
> /etc/shorewall/interfaces:lan   eth0    detect
> /etc/shorewall/policy:lan       all     REJECT  info
> /etc/shorewall/policy:dmz       all     REJECT  info
> /etc/shorewall/policy:fw        all     REJECT  info
> /etc/shorewall/policy:wan       all     DROP    info
> /etc/shorewall/policy:wifi      all     REJECT  info
> /etc/shorewall/policy:all       all     REJECT  info
> /etc/shorewall/rules:ACCEPT     fw      wan     tcp     53      -       -
> # dns_queries
> /etc/shorewall/rules:ACCEPT     fw      wan     udp     53      -       -
> # dns_queries
> /etc/shorewall/rules:ACCEPT     dmz     wan     udp     53      -       -
> # dns_queries
> /etc/shorewall/rules:ACCEPT     lan     wan     udp     53      -       -
> # dns_queries
> /etc/shorewall/rules:ACCEPT     wifi    wan     udp     53      -       -
> # dns_queries
> /etc/shorewall/rules:REJECT     wan     fw      tcp     113     -       -
> # ident_port
> /etc/shorewall/rules:ACCEPT     lan     fw      tcp     22      -       -
> # ssh_port
> /etc/shorewall/rules:ACCEPT     lan     fw      tcp     8443    -       -
> # mnf_web_admin_port
> /etc/shorewall/rules:ACCEPT     fw      lan     icmp    8       -       -
> # ping
> /etc/shorewall/rules:ACCEPT     lan     fw      icmp    8       -       -
> # ping
> /etc/shorewall/rules:ACCEPT     lan     dmz     icmp    8       -       -
> # ping
> /etc/shorewall/rules:ACCEPT     dmz     lan     icmp    8       -       -
> # ping
> /etc/shorewall/rules:ACCEPT     dmz     fw      icmp    8       -       -
> # ping
> /etc/shorewall/rules:ACCEPT     fw      dmz     icmp    8       -       -
> # ping
> /etc/shorewall/rules:ACCEPT     lan     wan     tcp     pop3    -       -
> # receive_mail
> /etc/shorewall/rules:ACCEPT     lan     wan     tcp     smtp    -       -
> # send_mail
> /etc/shorewall/rules:ACCEPT     lan     wan     tcp     http    -       -
> # web_surfing
> /etc/shorewall/rules:ACCEPT     lan     wan     tcp     https   -       -
> # secure_web_surfing
> /etc/shorewall/rules:ACCEPT     lan     wan     tcp     ssh     -       -
> # ssh
> /etc/shorewall/rules:ACCEPT     lan     wan     tcp     ftp     -       -
> # ftp
> /etc/shorewall/rules:ACCEPT     lan     wan     tcp     nntp    -       -
> # news
> /etc/shorewall/rules:ACCEPT     fw      wan     udp     ntp     -       -
> # time_synchronisation
> /etc/shorewall/rules:ACCEPT     lan     wan     tcp     imap    -       -
> # internet_mail
> /etc/shorewall/rules:ACCEPT     fw      wan     icmp    8       -       -
> /etc/shorewall/rules:ACCEPT     lan     fw      tcp     ssh     -       -
> 
> [root@firewall2 mark]# cat /etc/resolv.conf nameserver 194.168.8.100
> nameserver 194.168.4.100
> [root@firewall2 mark]#
> 
> Regards,
> 
> Mark
> 
> 


-- 
Florin

____________________________________________________
Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com
Join the Club : http://www.mandrakeclub.com
____________________________________________________

Replies:
- RE: [Security Firewall] Problems setting up latest ISO
  - From: Mark Tiller

Prev by Date: Re: [Security Firewall] Bandwidth shaping based on protocols
Next by Date: RE: [Security Firewall] Problems setting up latest ISO
Previous by thread: [Security Firewall] Bandwidth shaping based on protocols
Next by thread: RE: [Security Firewall] Problems setting up latest ISO
Index(es):
- Date
- Thread

Date Index | Thread Index

Mandrake Linux Archives: security-firewall@mandrivalinux.org

Looking for a job?

Advertisement (via La Vignette)