[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-developers] Raq4 ipchains/firewall very strange problem

Subject: Re: [cobalt-developers] Raq4 ipchains/firewall very strange problem
From: adriano@xxxxxxxx (Adriano Galano)
Date: Fri Nov 23 09:26:04 2001
List-id: Discussion Forum for developers on Sun Cobalt Networks products <cobalt-developers.list.cobalt.com>

Hey:

Why not exist the pkg for new kernels (2.4.*)? The firewall in 2.4.* series
(Netfilter) is *really* better than ipchains, ipchains is one module of
iptables, iptables/Netfilter include stateful cheking of packets.

Other advantages in the 2.4.* series include journaling filesystems...

Regards,

-Adriano
--
Adriano Manuel Galano Diez                      SATEC, S.A.
System & Network Engineer                       Phone : (+34) 912 110 383
http://www.satec.es                             PCell : (+34) 676 957 685
      Office: (+34) 917 089 000

----- Original Message -----
From: "Andy Brown" <andy.brown@xxxxxxxxxxxxx>
To: <cobalt-developers@xxxxxxxxxxxxxxx>
Sent: Friday, November 23, 2001 6:12 PM
Subject: [cobalt-developers] Raq4 ipchains/firewall very strange problem


> Hi All,
>
> This problem is really starting to bug me, so thought I'd post and see
> if anybody can come up with something. I'm running a Raq4i, using it as
> a proxy so I've installed Squid and a couple of other things. Installed
> the ipchains RPM, and setup my ipchains rules to block stuff we don't
> want, however its not working!
>
> Ipchains is supposed to be blocking port 110 among others, and I can
> happily telnet in to that port, even while the ipchains rule is in
> place! (I know I can turn it off in inetd.conf but I want to test my
> ipchains rules this way first)
>
> Does anyone know if I need to do something different for the Cobalt
> products, I installed ipchains from: rpm -Uvh
> ftp://ftp.rpmfind.net/linux/redhat/6.2/en/os/i386/RedHat/RPMS/ipchains-1
> .3.9-5.i386.rpm
>
> Which went in no problems. I've had ipchains running on countless other
> machines (Both Cobalt and Slakware/Suse/RedHat) so don't see where the
> problem is!
>
> I've added my ipchains script below just in case!
>
> Thank u!
>
> Andy
> andy@xxxxxxxxxxxxxxxxxxxxx
> http://ineedlinux.info/
>
>
> ( Below is a simplified set of my rules )
>
>
>
> :input ACCEPT
> :forward DENY
> :output ACCEPT
> -A input -s 0.0.0.0/0.0.0.0 -d 193.195.161.17/255.255.255.255 110 -p tcp
> -j DENY -l
>
> -A forward -s 10.0.0.0/255.255.255.0 -d 0.0.0.0/0.0.0.0 -i eth1 -j MASQ
>
> -A output -s 0.0.0.0/0.0.0.0 110:110 -d 0.0.0.0/0.0.0.0 -i eth1 -p tcp
> -j DENY
>
>
> (PS: Not my real IP addresses shown above)
>
> _______________________________________________
> cobalt-developers mailing list
> cobalt-developers@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-developers

References:
- [cobalt-developers] Raq4 ipchains/firewall very strange problem
  - From: Andy Brown

Prev by Date: [cobalt-developers] Raq4 ipchains/firewall very strange problem
Next by Date: [cobalt-developers] move mysql
Previous by thread: [cobalt-developers] Raq4 ipchains/firewall very strange problem
Next by thread: [cobalt-developers] move mysql

Sun Cobalt Developers Message Index

Sun Cobalt Developers Thread Index