Re: [cobalt-users] Re. Cube 2 Firewall Trouble

[Gerald Waugh <gwaugh@xxxxxxxxxxxxxxxxxxxxxxx>]

On Tue, 23 Jul 2002, Edward Werner Cook wrote:

>  >One thing you have to be sure you are connected to the correct eth port.
>  >th1 is for the outer LAN
>  >which is opposite of most server installations.
>  >If I were you, I'd forget the built-in firewall (Ive heard nothing but
>  >trobble) and get ipfwadm and put it on it.
>  >There is an rpm for it, if you can't find it elsewhere
>
>  >We use it on RaQ2s all the time
>
> I did set up the Cube with the Primary on LAN and Secondary on the fixed IP
> Internet. I was careful to do it that way because I too thought it counter
> intuitive and needed to follow directions carefully rather than instinct.
> I did download the listed rpm from your comments but I'm not familiar with
> installing it. I thought only pkg files could install into the Cube through
> the interface.
> I'm still curious about the Cube Firewall Wizard which disappeared from the
> Cobalt site within the last fortnight. Reckless and somewhat irresponsible
> of Sun to do that...
>
IIRC that wizard was really not usefull, and the qube2 always had a bad
firewall. I actually donated a Qube2 to a fellow on the list who was
supposed to fix some of the Qube2 issues.

If you downloaded the RPM, you start a shell session, and enter
rpm -ivh ipfwadm-2.3.0-4C1.mips.rpm
This will install ipfwadm
Then goto the following website and build a firewall script.
Select ipfwadm as the IPFW Method and fill in the blanks
Download the script in the browser.
Rename the script to be rc.firewall.
Move the script to /etc/rc.d/rc.firewall.
chown root.root /etc/rc.d/rc.firewall
chmod 0754 /etc/rc.d/rc.firewall
Put a line at the end of rc.local
   /etc/rc.d/rc.firewall

--
Gerald Waugh <gwaugh@xxxxxxxxxxxxxxxxxxxxxxx>
http://frontstreetnetworks.com | Website Hosts & SOHO Networks
229 Front Street, Ste.#C, New Haven, CT. 06513 United States
voice +1 302-785-0699 | fax +1 203-785-1787