Greetings, I didn't receive a response to yesterday's query about ~killing~ ipmasq. However, I imagine that my post was lost in the ruch of repeat messages sent via the list today.
To sum up my previous post ... I installed apt-get install'd 'ipmasq' in a knee jerk response to all the recent security violations advisories. I, leter, discovered through on-line testing of my ports and research that as my ~static~ ip is in the 10.x.x.x subnet, I am in essence behind my ISP's firewall. Any outside traffic is routed through a dynamically assigned IP address. What I didn't realize was that the installation of ipmasq configured a generic ruleset that denies traffic on the 192.x.x.x subnet. This is a problem as I use vmware to run w98 virtually; I have this set to use 192.x.x.x as a ~virtual~ subnet through a ~virtual~ network card that is provided through vmware. The following snippet is an entry that has appeared in my syslogs for the past three or four days. The port-check happens at five minute intervals .... /begin snippet Dec 7 16:00:11 ip010169239186 kernel: Packet log: output DENY vmnet1 PROTO=17 192.168.46.1:137 192.168.46.255:137 L=78 S=0x00 I=9815 F=0x0000 T=64 (#4) /end snippet In an effort to stop this denial of communication on my ~virtual~ network, I have done the following: apt-get removed 'ipmasq' explicitedly stopped /etc/init.d/ipmasq and /etc/init.d/ipmasq-kmod renamed the ipmasq folder to OLD.ipmasq Yet still this rule is being acted on. Questions are: 1. Where are the rules that ipmasq installed located on a ~stable~ unenhanced 2.2.r4 sytem located and how to I alter and/or remove them. 2. Why are these rules being activated on a ~virtual~ subnet that uses completely ~virtual hardware~ (the logged 'vmnet1'). Although I have the virtual hardware running from init.d, no traffic should be registering unless I actually use vmware. Am I wrong in this? 3. Seeing as my ip is in the 10.x.x.x subnet, should I concern myself with using the capabilities of ipmasq to secure my system in the remote possibility of an instrusion? Please advise. I have checked the man pages (surprise, man ipmasq no longer exists :-( ) as I removed the program. I have also researched ipmasq websites through found through google. They have been little help, as they assume a "standard" redhat application. I know that a debian system handles calls and assignments differently for these applications. Any directions to an appropriate man page and or useful website are greatly appreciated. Many thanks, C. Masters
