>The symtoms are this:
> When my default firewall policies for input and output are "accept",
>everything works (from masqued computers as well as server), but security
>is obviously compromised.
This is definately bad.
>When input + output are deny, the server and the
>masqued computers lose access. From the server i get the error:
>
>/etc/rc.d# ftp sunsite.unc.edu
>ftp: sunsite.unc.edu: Host name lookup failure.
Have you recompiled the kernel with FIREWALL logging enabled?
Then.. on your IPFWADM deny/reject lines, put a "-o". Now..
re-run your IPFWADM rulesets and check out your /var/adm/messages
file to see whats up.
BTW.. where did you get your IPFWADM Ruleset? There are
many out there and most are VERY good. Some don't work though.
--David
.----------------------------------------------------------------------------.
| David A. Ranch - Remote Access/Linux/PC hardware [EMAIL PROTECTED] |
!---- ----!
`----- For more detailed info, see http://www.ecst.csuchico.edu/~dranch -----'
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]
