Hi Dan,
> well - as far as I know I have my ipchains set up as such... I don't think
I'm blocking returning masqueraded traffic - masquerading seems to be working
fine anyhow!
>
> DENY tcp -y--l- anywhere ppp0.ip.address any ->
1024:65535
> ACCEPT tcp ------ anywhere ppp0.ip.address any ->
1024:65535
Yup here ^^^ is your equivalent to my rules
> beingrejected are UDP... should I just be adding a rule to allow UDP ina
> simlar fashion to the TCP one you have set. AFAIK there's no point in
> setting up a rule allowing SYN packets with UDP 'cos SYN is TCP only?
Yeah I would set up the UDP rule as well then. And I do believe you are
right that only TCP has the SYN concept.
> I'm kinda hesitant to just add a rule allowing the traffic without knowing
> what it's about first!
Understandable. I think if you only allow unpriviledged traffic (1024+) then
you should be fairly safe.
--
Regards,
+-----------------------+---------------------------------+
| Peter Kiem | E-Mail : <[EMAIL PROTECTED]> |
| Zordah IT | Mobile : +61 0418 798 121 |
| IT Consultancy & | WWW : www.zordah.net |
| Internet Hosting | ICQ : "Zordah" 866661 |
+-----------------------+---------------------------------+
The Rules Have Changed...Be paid to Surf the Web!
http://au.nz.alladvantage.com/go.asp?refid=OMP682
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
