Hello all, sorry to disturb you with this silly question. I am sure, that it is obvius to all list members (except me ;)
scenario: intranet (10.10.1.x) with win clients (NT & 2k), gateway (Debian GNU/Linux potato with kernel 2.4.18 + iptables). NAT is used for requests from intranet to Internet. this works fine. Web & mailserver is behind the firewall, so I needed to set up portforwarding. dnat is used for this. this works fine. as the webserver is an ii$, I am sure, that some firewall rules must be set up for these two ports. The access.log shows, that is a MUST: GET /scripts/root.exe?/c+dir HTTP/1.0 GET /MSADC/root.exe?/c+dir HTTP/1.0 GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0 ... so on... I'm sure, that it's just a script kiddie, but, on the other hand, it's just m$ product. Q: how to set up filtering rules, if a PREROUTING dnat rule has been set up before? the packet never comes to the INPUT. nor to the FORWARD, doesn't it? I really do not want to set up another firewall onto that win2k server. TIA, gaan -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
