bong sabolboro, 2002-Dec-15 19:43 -0800:
> All of these discussions deal with the rules. Where
> would one place the routing and forwarding commands
> considering they should be last to be activated after
> rules have been set up, in case="start" of
> /etc/init.d/networking?
Here's the order of
smux stand for multiplexed agents, basically, you have a frontend main
agent and some smux sub agent, managing only a part of the mib, the main
agent querying the sub agent when the tree is requested. This is deprecated
and replaced by agentx protocol (same story of agent/sub agent).
I dont thing
All of these discussions deal with the rules. Where
would one place the routing and forwarding commands
considering they should be last to be activated after
rules have been set up, in case="start" of
/etc/init.d/networking?
Thanks to all who shared their expertise in the
discussions here. I've
On 2002/12/15 07:15:25PM -0800, Sun, Torrin wrote:
> I changes the subject and started a new thread here. Anyway . . .
>
> >>> # Drop spoofed packets
> >>> iptables -A INPUT -i eth0 -j DROP -s 192.168.1.3 -d 0.0.0.0/0
>
> >What about outgoing spoofed packets? They didn't get dropped in this
> >s
I changes the subject and started a new thread here. Anyway . . .
Nicolas Boullis wrote:
> You should add the rule:
>
>$IPTABLES -A INPUT -j ACCEPT -i eth0 -m state --state ESTABLISHED,RELATED
Thanks, those rules that I gave as an example are from my workstation which
has 2.4 kernel installed.
bong sabolboro, 2002-Dec-15 19:43 -0800:
> All of these discussions deal with the rules. Where
> would one place the routing and forwarding commands
> considering they should be last to be activated after
> rules have been set up, in case="start" of
> /etc/init.d/networking?
Here's the order of
smux stand for multiplexed agents, basically, you have a frontend main
agent and some smux sub agent, managing only a part of the mib, the main
agent querying the sub agent when the tree is requested. This is deprecated
and replaced by agentx protocol (same story of agent/sub agent).
I dont thing
All of these discussions deal with the rules. Where
would one place the routing and forwarding commands
considering they should be last to be activated after
rules have been set up, in case="start" of
/etc/init.d/networking?
Thanks to all who shared their expertise in the
discussions here. I've
On 2002/12/15 07:15:25PM -0800, Sun, Torrin wrote:
> I changes the subject and started a new thread here. Anyway . . .
>
> >>> # Drop spoofed packets
> >>> iptables -A INPUT -i eth0 -j DROP -s 192.168.1.3 -d 0.0.0.0/0
>
> >What about outgoing spoofed packets? They didn't get dropped in this
> >s
I changes the subject and started a new thread here. Anyway . . .
Nicolas Boullis wrote:
> You should add the rule:
>
>$IPTABLES -A INPUT -j ACCEPT -i eth0 -m state --state ESTABLISHED,RELATED
Thanks, those rules that I gave as an example are from my workstation which
has 2.4 kernel installed.
Nicolas Boullis <[EMAIL PROTECTED]> writes:
[snip]
>> # Drop spoofed packets
>> iptables -A INPUT -i eth0 -j DROP -s 192.168.1.3 -d 0.0.0.0/0
What about outgoing spoofed packets? They didn't get dropped in this script
at all. It's only a selfish half-hearted firewall if all it does is to
protect
Hi!
On Sun, Dec 15, 2002 at 09:07:21AM -0800, Torrin wrote:
> /etc/network/if-pre-up.d/iptables
>
> #!/bin/sh
>
> if [ `uname -r | cut -b -3` != "2.4" ]; then
> # echo "Not a 2.4 kernel. Exiting iptables firewall script.";
>exit 0;
> fi
>
> # This deletes existing tables
> iptables -F
>
On Sun, 15/12/2002 10:24 +0100, Vasarhelyi asd Daniel wrote:
> Putting it into /etc/rc.boot will not harm the system. I think it's the
> best place to put the script, it's ran before entering runlevel-2 which
> sets up network interfaces.
"The /etc/rc.boot directory is obsolete. It has been supers
Nicolas Boullis <[EMAIL PROTECTED]> writes:
[snip]
>> # Drop spoofed packets
>> iptables -A INPUT -i eth0 -j DROP -s 192.168.1.3 -d 0.0.0.0/0
What about outgoing spoofed packets? They didn't get dropped in this script
at all. It's only a selfish half-hearted firewall if all it does is to
protect
Hi!
On Sun, Dec 15, 2002 at 09:07:21AM -0800, Torrin wrote:
> /etc/network/if-pre-up.d/iptables
>
> #!/bin/sh
>
> if [ `uname -r | cut -b -3` != "2.4" ]; then
> # echo "Not a 2.4 kernel. Exiting iptables firewall script.";
>exit 0;
> fi
>
> # This deletes existing tables
> iptables -F
>
On Sun, 15/12/2002 10:24 +0100, Vasarhelyi asd Daniel wrote:
> Putting it into /etc/rc.boot will not harm the system. I think it's the
> best place to put the script, it's ran before entering runlevel-2 which
> sets up network interfaces.
"The /etc/rc.boot directory is obsolete. It has been supers
Putting it into /etc/rc.boot will not harm the system. I think it's the
best place to put the script, it's ran before entering runlevel-2 which
sets up network interfaces.
asd
--
Daniel "asd" Vasarhelyi
PGP key avaible at http://asd.musichello.com/gpg-pub.key and public keyservers
Key fingerprint
Hi,
Torrin <[EMAIL PROTECTED]> writes:
> > I presume you call these scripts from some other
> > script? From /etc/init.d/networking perhaps?
> No need to. I've never seen documentation on this, but from what I
> understand, if you put a script in the if-pre-up.d directory it gets
> call automati
> networking goes down. Can anybody point us to the relevant
> documentation?
last I knew there wasn't any, it was a todo item
I wrote a quicky stub logger that logs its environment and how it was
called, this is what I found:
called as "/etc/network/if-pre-up.d/pre-up" (no arguments), nothing
Putting it into /etc/rc.boot will not harm the system. I think it's the
best place to put the script, it's ran before entering runlevel-2 which
sets up network interfaces.
asd
--
Daniel "asd" Vasarhelyi
PGP key avaible at http://asd.musichello.com/gpg-pub.key and public keyservers
Key fingerprint
Quoting pain ([EMAIL PROTECTED]):
> I need to add smtp-auth capabilities to a postfix MTA. The postifix
> documentation talks about sasl to do this. Is this method secure?
> Exist other (better or more secure) alternatives?
The SMTP-AUTH service is part of the ESMTP extension, which in turn is a
Hi,
Torrin <[EMAIL PROTECTED]> writes:
> > I presume you call these scripts from some other
> > script? From /etc/init.d/networking perhaps?
> No need to. I've never seen documentation on this, but from what I
> understand, if you put a script in the if-pre-up.d directory it gets
> call automati
> networking goes down. Can anybody point us to the relevant
> documentation?
last I knew there wasn't any, it was a todo item
I wrote a quicky stub logger that logs its environment and how it was
called, this is what I found:
called as "/etc/network/if-pre-up.d/pre-up" (no arguments), nothing
Hello,
I need to add smtp-auth capabilities to a postfix MTA. The postifix
documentation talks about sasl to do this. Is this method secure?
Exist other (better or more secure) alternatives?
thanks to all,
bye
> /etc/network/if-pre-up.d/iptables
Oops, that second script is supposed to be
/etc/network/if-post-down.d/iptables
^^
> #!/bin/sh
>
> if [ `uname -r | cut -b -3` != "2.4" ]; then
> # echo "Not a 2.4 kernel. Exiting iptables firewall script.";
>exit 0;
> fi
>
> #
Quoting pain ([EMAIL PROTECTED]):
> I need to add smtp-auth capabilities to a postfix MTA. The postifix
> documentation talks about sasl to do this. Is this method secure?
> Exist other (better or more secure) alternatives?
The SMTP-AUTH service is part of the ESMTP extension, which in turn is a
> I presume you call these scripts from some other
> script? From /etc/init.d/networking perhaps?
No need to. I've never seen documentation on this, but from what I
understand, if you put a script in the if-pre-up.d directory it gets
call automatically just before networking comes up. Also, if yo
Hello,
I need to add smtp-auth capabilities to a postfix MTA. The postifix
documentation talks about sasl to do this. Is this method secure?
Exist other (better or more secure) alternatives?
thanks to all,
bye
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Tr
> /etc/network/if-pre-up.d/iptables
Oops, that second script is supposed to be
/etc/network/if-post-down.d/iptables
^^
> #!/bin/sh
>
> if [ `uname -r | cut -b -3` != "2.4" ]; then
> # echo "Not a 2.4 kernel. Exiting iptables firewall script.";
>exit 0;
> fi
>
> #
> I presume you call these scripts from some other
> script? From /etc/init.d/networking perhaps?
No need to. I've never seen documentation on this, but from what I
understand, if you put a script in the if-pre-up.d directory it gets
call automatically just before networking comes up. Also, if yo
On Sat, 14 Dec 2002, Javier [iso-8859-1] Fern?ndez-Sanguino Pe?a wrote:
>
> PS: BTW what is smux for? On a (brief) search it seems to be a way to
> associate managers to MIBs that are later provided in the SNMP daemon to
> management statiosn...
>
I have seen smux used for session management by
On Sat, 14 Dec 2002, Javier [iso-8859-1] Fernández-Sanguino Peña wrote:
>
> PS: BTW what is smux for? On a (brief) search it seems to be a way to
> associate managers to MIBs that are later provided in the SNMP daemon to
> management statiosn...
>
I have seen smux used for session management by
32 matches
Mail list logo
