[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-developers] Raq4 ipchains/firewall very strange problem
- Subject: [cobalt-developers] Raq4 ipchains/firewall very strange problem
- From: "Andy Brown" <andy.brown@xxxxxxxxxxxxx>
- Date: Fri Nov 23 09:13:03 2001
- List-id: Discussion Forum for developers on Sun Cobalt Networks products <cobalt-developers.list.cobalt.com>
Hi All,
This problem is really starting to bug me, so thought I'd post and see
if anybody can come up with something. I'm running a Raq4i, using it as
a proxy so I've installed Squid and a couple of other things. Installed
the ipchains RPM, and setup my ipchains rules to block stuff we don't
want, however its not working!
Ipchains is supposed to be blocking port 110 among others, and I can
happily telnet in to that port, even while the ipchains rule is in
place! (I know I can turn it off in inetd.conf but I want to test my
ipchains rules this way first)
Does anyone know if I need to do something different for the Cobalt
products, I installed ipchains from: rpm -Uvh
ftp://ftp.rpmfind.net/linux/redhat/6.2/en/os/i386/RedHat/RPMS/ipchains-1
.3.9-5.i386.rpm
Which went in no problems. I've had ipchains running on countless other
machines (Both Cobalt and Slakware/Suse/RedHat) so don't see where the
problem is!
I've added my ipchains script below just in case!
Thank u!
Andy
andy@xxxxxxxxxxxxxxxxxxxxx
http://ineedlinux.info/
( Below is a simplified set of my rules )
:input ACCEPT
:forward DENY
:output ACCEPT
-A input -s 0.0.0.0/0.0.0.0 -d 193.195.161.17/255.255.255.255 110 -p tcp
-j DENY -l
-A forward -s 10.0.0.0/255.255.255.0 -d 0.0.0.0/0.0.0.0 -i eth1 -j MASQ
-A output -s 0.0.0.0/0.0.0.0 110:110 -d 0.0.0.0/0.0.0.0 -i eth1 -p tcp
-j DENY
(PS: Not my real IP addresses shown above)