On Wed, 2008-08-06 at 22:01 +0300, Geoffrey S. Mendelson wrote:
> I want to install a wireless router that is unprotected (it's for a special
> occasion).
>
> During the time it is up, I want to allow users on it to access my Internet
> connection, but not the computer running the connection (it's
Geoffrey S. Mendelson wrote:
I want to install a wireless router that is unprotected (it's for a special
occasion).
During the time it is up, I want to allow users on it to access my Internet
connection, but not the computer running the connection (it's the usual
pptp tunnel).
If I need to I
Geoffrey S. Mendelson wrote:
On Wed, Aug 06, 2008 at 11:35:04PM +0300, Moish wrote:
If you any old box ( or vmware server ), download and install IPCOP and
in 5 minutes you'll have it.
Thanks, but how will that affect my already existing carefully
crafted rules?
Geoff.
If you care to read
On Wed, Aug 06, 2008 at 11:35:04PM +0300, Moish wrote:
> If you any old box ( or vmware server ), download and install IPCOP and
> in 5 minutes you'll have it.
Thanks, but how will that affect my already existing carefully
crafted rules?
Geoff.
--
Geoffrey S. Mendelson, Jerusalem, Israel [EMAI
If you any old box ( or vmware server ), download and install IPCOP and
in 5 minutes you'll have it.
Moish
=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
ech
On Fri, May 23, 2008 at 11:30 AM, shimi <[EMAIL PROTECTED]> wrote:
>
> Is the nmap traffic coming from either one of these interfaces? Because if
> so, these rules allows them to pass, regardless of any other rules you have
> (as you don't have any REJECT before these rules, nor your chain policy
On Fri, May 23, 2008 at 1:49 AM, Hetz Ben Hamo <[EMAIL PROTECTED]> wrote:
> Hi,
>
> I'm playing here with iptables, and I have a small problem:
>
> Here's my iptables config:
>
> -A test-fw-INPUT -i eth0 -j ACCEPT
> -A test-fw-INPUT -i eth0-range0 -j ACCEPT
>
>
Is the nmap traffic coming from eith
Hetz Ben Hamo wrote:
Hi,
I'm playing here with iptables, and I have a small problem:
Here's my iptables config:
FORWARD ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:test-fw-INPUT - [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -j test-fw-INPUT
-A FORWARD -j test-fw-INPUT
-A test-fw-INPUT -i lo -j ACCEPT
-A tes
On Tue, Apr 27, 2004 at 07:51:33PM +0300, Shachar Shemesh wrote:
> Noam Meltzer wrote:
>
> >Hi,
> >I was wondering if any1 knows if iptables has the ability to implement
> >"application intelligence"?
>
> The short answer is "no".
>
> A slightly longer answer is that, if you have a proxy softwa
Noam Meltzer wrote:
Hi,
I was wondering if any1 knows if iptables has the ability to implement
"application intelligence"?
My sepcific interest is to implement something like this:
I have a host, connected to the internet, and it runs iptables, while
ssh's tcp port is the only one opened.
Now, I
On Tuesday 27 April 2004 18:55, Noam Meltzer wrote:
> Hi,
> My sepcific interest is to implement something like this:
> I have a host, connected to the internet, and it runs iptables, while
> ssh's tcp port is the only one opened.
> Now, I want that instead of opening this port, every communication
]
On Behalf Of Shachar Shemesh
Sent: Tuesday, April 27, 2004 6:52 PM
To: Noam Meltzer
Cc: Linux-IL mailing list
Subject: Re: iptables AI (application intelligence)
Noam Meltzer wrote:
> Hi,
> I was wondering if any1 knows if iptables has the ability to implement
> "application intel
Noam Meltzer wrote:
Hi,
I was wondering if any1 knows if iptables has the ability to implement
"application intelligence"?
The short answer is "no".
A slightly longer answer is that, if you have a proxy software that can
act as a transparent proxy, you can direct all traffic to it using
IPTables
I don't think its possible... since the TCP layer only brings the data to
ssh program, it doesn't analyze it (e.g. username).
so the drop will have to be by the ssh server (which already does that).
Regards,
Lior Kaplan
[EMAIL PROTECTED]
http://www.Guides.co.il
- Original Message -
From
[EMAIL PROTECTED] wrote:
> [root@shlomo1 root]# iptables -L
> /lib/modules/2.4.19-16mdk/kernel/net/ipv4/netfilter/ip_tables.o.gz:
> init_module: Device or resource busy
I never knew that kernel modules object files can be gzipped..
It does not work at my system though - is it requires
some addit
Reformulation of Problem:
running
iptables -t nat -I PREROUTING -m mac --mac-source 00:02:2D:08:FD:67 -j
ACCEPT
then
iptables -t nat -I PREROUTING -m mac --mac-source 00:02:2D:08:FD:67 -j
DNAT --to-destination 10.0.10.2
does not work for established connections, like browsing CNN.COM
man ip
ahi Fadida [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 18, 2002 5:43 PM
To: Levy Ohad; [EMAIL PROTECTED]
Subject: RE: iptables flush doesn't kill RELATED packets
If you have adsl(which u didn't mention) The fact that u can go to walla
gives a hint that maybe you didn't flush every
Assaf Flatto wrote:
Message
stop the IPtables deamon running in the background
would be a good start
/etc/init.d/iptables stop
or
service iptables stop
The IPTables "service" is not a daemon, but a simple script that loads rules
from a file in sysconfing into the ker
On Wed, 18 Sep 2002, Assaf Flatto wrote:
> stop the IPtables deamon running in the background would be a good start .
>
> /etc/init.d/iptables stop
> or
> service iptables stop
There is no iptables daemon. It is not a separate process. The iptables
service is simply intended to restore upon star
ell.
>
> I see that the only solution is to remove the modules them self.
>
> Thanks,
> Ohad
>
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, September 18, 2002 1:15 PM
> To: Levy Ohad
> Cc: Assaf Flat
rning.html
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of
> [EMAIL PROTECTED]
> Sent: Wednesday, September 18, 2002 4:28 PM
> To: [EMAIL PROTECTED]
> Subject: RE: iptables flush doesn't kill RELATED packets
>
>
> N
-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 18, 2002 1:15 PM
To: Levy Ohad
Cc: Assaf Flatto; [EMAIL PROTECTED]
Subject: Re: iptables flush doesn't kill RELATED packets
On Wed, Sep 18, 2002 at 10:21:17AM +0200, Assaf Flatto wrote:
> stop the IPtables deamon ru
On Wed, Sep 18, 2002 at 10:21:17AM +0200, Assaf Flatto wrote:
> stop the IPtables deamon running in the background would be a good start .
>
> /etc/init.d/iptables stop
> or
> service iptables stop
>
>
> Assi
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED
Title: Message
stop
the IPtables deamon running in the background would be a good start
/etc/init.d/iptables stop
or
service iptables stop
Assi
-Original Message-From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent:
Wednesday, September 18, 2002 9:57 AMTo:
[E
On Sun, 5 May 2002, Amir Tal wrote:
> On Saturday 04 May 2002 20:54, Guy Cohen wrote:
> > What shows lsmod?
>
> problem solved.
> looks like ipchains was also running, and it interuppted iptables.
the "service" ipchains probably ran 'modprobe ipchains' which loaded the
module 'ipchains'. On kern
On Saturday 04 May 2002 20:54, Guy Cohen wrote:
> What shows lsmod?
problem solved.
looks like ipchains was also running, and it interuppted iptables.
i did :
/sbin/chkconfig --del ipchains
/sbin/service ipchains stop
/sbin/modprobe -r ipchains
then :
/sbin/chkconfig --levels 2345 iptables on
What shows lsmod?
On Sat, May 04, 2002 at 12:06:27PM +0300, Amir Tal wrote:
> hi,
>
> one of my machines at home is running RH72 , 2.4.9-31 (upgraded from up2date)
> and since i upgraded i am having problems forwarding traffic through that
> machine using iptables.
> the iptables version that
=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
>> when i installed iptables rpm it told me that i need a kernel bigger than
>> 2.4 which is already 2.4.5 .
fredy <[EMAIL PROTECTED]> wrote:
> 3. You need to get the new PPP package and install it.
This is true if you want to run PPP on the new kernel, but has nothing
to do with iptables.
I
Title: Message
This
may sound silly but you hve to check the following things:
1. did
u actualy install the new kernel, and if u have more then one in the lilo boot ,
is the new one running?
2. You
have to enable in the new kernel all the PPP stuff and the netfilter stuff to
use IPTables.
30 matches
Mail list logo
