On Mon, 6 Oct 2003, Jeff Lasman wrote:
>
> > I'm hopeful that a "do firewall $foo for DCC" in the SA docs, plus
> > this friendly reminder, will help some or most sites that haven't
> > yet realized that they are rejecting DCC query responses.
>
> I just got SA running today and so far so good. But I know I'm
> rejecting DCC query responses, because I'm getting DCC timeouts. I've
> got an ipchains firewall; can anyone tell me what the rules should look
> like in my ipchains /etc/sysconfig/ipchains file?
>
For ipchains I can crib from my old firewall setup-
$IPCHAINS -A input -p udp -i $EXT_IFACE -d $EXT_IP 1024: -s 0.0.0.0/0 6277 -j ACCEPT
where IPCHAINS = path to ipchains binary
EXT_IFACE = my external interface
EXT_IP = my external IP
The above rule assumes that the firewall machine itself is running
the dcc client. You'll need to adjust if your clients are behind
the firewall (change $EXT_IP, possibly use forwarding chain instead
of input chain).
--
--------------------------------------------------------
Dave Lugo [EMAIL PROTECTED] LC Unit #260 TINLC
Have you hugged your firewall today? No spam, thanks.
--------------------------------------------------------
Are you the police? . . . . No ma'am, we're sysadmins.
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
