Hi,
I am tring out firehol right now on a fresh optimized version of this
firewall that I decided to make from scratch. The damn thing still won't
work. I know I am missing something important in both these scripts because
in both cases it drops everything and my rules are not functioning at all.
On 3 Jul 2005, KC wrote:
> Daniel Pittman wrote:
>> On 3 Jul 2005, KC wrote:
>>
>>> I need help understanding what goes wrong in this script. I cannot ping
>>> anyone and cannot resolve as well. In fact I believe the only thing I can
>>> get is an ip address from my isp's dhcp server.
[...]
>> I
Hi,
Yes the script is kind of long and tedious in its respects. My initial
purpose was to set this up at a remote facility with around 20 systems. I
have also tried to get info from iptables -L chian, but noticed that the
rules seem to be ok. If people want I can put the output for iptables -L
ch
On 3 Jul 2005, Steve Kemp wrote:
> On Sat, Jul 02, 2005 at 04:46:29PM -0400, KC wrote:
[...]
> One thing did stand out though, you don't allow outgoing connections
> generally. These lines:
>
>> iptables --policy OUTPUT DROP
>> iptables -t nat --policy OUTPUT DROP
>> iptables -t mangle --policy
On 3 Jul 2005, KC wrote:
> I need help understanding what goes wrong in this script. I cannot ping
> anyone and cannot resolve as well. In fact I believe the only thing I can
> get is an ip address from my isp's dhcp server.
With sufficiently modern kernels, the DHCP client uses raw sockets, so
it
On Sat, Jul 02, 2005 at 04:46:29PM -0400, KC wrote:
> I need help understanding what goes wrong in this script. I cannot ping
> anyone and cannot resolve as well. In fact I believe the only thing I can
> get is an ip address from my isp's dhcp server.
There's no way I'm going to read through al
Hi
I need help understanding what goes wrong in this script. I cannot ping
anyone and cannot resolve as well. In fact I believe the only thing I can
get is an ip address from my isp's dhcp server.
Best Regards
kc
## FIREWALL ##
## Symbolic Constants
CONNECTION_TRACKING="1"
LOCAL="eth0"
INTERN
7 matches
Mail list logo
