[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-developers] Loopback w/IPChains on a Qube3

Subject: RE: [cobalt-developers] Loopback w/IPChains on a Qube3
From: "Pierre Maloka" <Pierre_Maloka@xxxxxxx>
Date: Mon Mar 5 12:56:12 2001
List-id: Discussion Forum for developers on Cobalt Networks products <cobalt-developers.list.cobalt.com>

I have a Linksys DSL Router.

I now a trying plan B...

DETAILS:
My ISP has assigned me a fixed IP address (DSL). The DSL box is connected to
the Linksys Firewall/Router. The PCs and Macs are connected to the
Router/Firewall. The Firewall is forwarding all incoming (from DSL) requests
to the Qube Secondary IP (eth1). The Qube eth0 is also connected to the
router, at a different IP address. All internal users access the Qube via
eth0's IP address. All external users are routed to eth1's IP address. This
should allow me to selectively kill and allow services on eth1's chain.

What ports should I disable to make a safe system, but still allow WEB, SMPT
and POP3 MAIL, and Flash 5 to work?

Can I enable ipchains logging so I can see which ports are accessed by
various services (Such as Flash 5)?

The new chains are:
Input:
eth1 23:23 Deny
eth1 80:80 Accept
eth1 1024:65565 Accept
eth1 Accept
eth0 Accept
Default Accept

Output:
Default Accept

Forward:
Default Deny

> -----Original Message-----
> From: cobalt-developers-admin@xxxxxxxxxxxxxxx
> [mailto:cobalt-developers-admin@xxxxxxxxxxxxxxx]On Behalf Of Dan Sedam
> Sent: Monday, March 05, 2001 11:06 AM
> To: cobalt-developers@xxxxxxxxxxxxxxx
> Subject: Re: [cobalt-developers] Loopback w/IPChains on a Qube3
>
>
> What are you using for a firewall? Is this a seperate device or the Qube
> itself?
>
>
> ----- Original Message -----
> From: Pierre Maloka <Pierre_Maloka@xxxxxxx>
> To: <cobalt-developers@xxxxxxxxxxxxxxx>
> Sent: Monday, March 05, 2001 10:43 AM
> Subject: [cobalt-developers] Loopback w/IPChains on a Qube3
>
>
> > Howdy all!
> >
> > I am trying to let the Qube be fully available inside (LAN) and be a web
> > server outside (WAN). In locking down my firewall, I get active monitor
> > messages saying that most services no longer work. I have a
> firewall book
> > that says to enable the loopback interface. I don't see an "lo"
> interface
> > listed. How do I do that from the Firewall pages on a Qube 3?
> >
> > Any suggestions on a better set of chains?
> >
> > My chains are:
> >
> > Input:
> > eth1 80:80 Accept
> > eth1 127.0.0.0-127.0.0.255 Accept
> > eth1 deny
> > eth0 Accept
> > Default deny
> >
> > Output:
> > Default Accept
> >
> > Forward:
> > Default MASQ
> >
> > Thanks!
> >
> > Hey Cobalt, it sure we be nice to have some sample chains for
> us newbies.
> > (hint)
> >
> > _______________________________________________
> > cobalt-developers mailing list
> > cobalt-developers@xxxxxxxxxxxxxxx
> > http://list.cobalt.com/mailman/listinfo/cobalt-developers
> >
>
> _______________________________________________
> cobalt-developers mailing list
> cobalt-developers@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-developers
>

References:
- Re: [cobalt-developers] Loopback w/IPChains on a Qube3
  - From: Dan Sedam

Prev by Date: [cobalt-developers] webalizer and raq4
Next by Date: Re: [cobalt-developers] How to install php4 on a raq 3 ?
Previous by thread: Re: [cobalt-developers] Loopback w/IPChains on a Qube3
Next by thread: [cobalt-developers] Raq4 SSL problems

Sun Cobalt Developers Message Index

Sun Cobalt Developers Thread Index