[plug] Firewall problem

Clinton Butler misprint at bizzpro.com.au
Sun Aug 26 01:17:11 WST 2001 


Bernard Blackham wrote:

>
> Clinton,
>
> It seems that the firewall script doesn't match with the rules that
> ipchains gives. You probably have some other firewalling script at work,
> maybe ipmasq or something? Check in /etc/ppp/ip-up.d/ directory for any
> scripts that might implement a separate firewall. Either disable them by
> uninstalling the package or just removing the executable flag from the
> script for the meantime.

do not quite understand... as there is only one file with my firewall stuff

>
>
> Also the output of "ipchains -L -v" is a bit more informative - just
> "ipchains -L" without the -v skimps a bit on the details.

(begin)
[root at victory:/etc/init.d]$ ipchains -L -v
Chain input (policy DENY: 45 packets, 3282 bytes):
 pkts bytes target     prot opt    tosa tosx  ifname     mark       outsize
source                destination           ports
    2   100 ACCEPT     all  ------ 0xFF 0x00  lo
anywhere             anywhere              n/a
    0     0 DENY       all  ----l- 0xFF 0x00  !lo
127.0.0.0/8          anywhere              n/a
26719 2392K ACCEPT     all  ------ 0xFF 0x00  eth0
localnet/24          anywhere              n/a
    0     0 DENY       all  ----l- 0xFF 0x00  ppp0
localnet/24          anywhere              n/a
29531   18M ACCEPT     all  ------ 0xFF 0x00  ppp0
anywhere             snap39.eftel.com      n/a
    0     0 DENY       all  ----l- 0xFF 0x00  any
anywhere             anywhere              n/a
Chain forward (policy DENY: 0 packets, 0 bytes):
 pkts bytes target     prot opt    tosa tosx  ifname     mark       outsize
source                destination           ports
23628 2158K MASQ       all  ------ 0xFF 0x00  ppp0
localnet/24          anywhere              n/a
    0     0 DENY       all  ----l- 0xFF 0x00  any
anywhere             anywhere              n/a
Chain output (policy DENY: 2 packets, 148 bytes):
 pkts bytes target     prot opt    tosa tosx  ifname     mark       outsize
source                destination           ports
    2   100 ACCEPT     all  ------ 0xFF 0x00  lo
anywhere             anywhere              n/a
30660   19M ACCEPT     all  ------ 0xFF 0x00  eth0
anywhere             localnet/24           n/a
    0     0 ACCEPT    !tcp  ------ 0xFF 0x00  eth0
anywhere             BASE-ADDRESS.MCAST.NET/4  any ->   any
    0     0 DENY       all  ----l- 0xFF 0x00  ppp0
anywhere             localnet/24           n/a
24583 2233K ACCEPT     all  ------ 0xFF 0x00  ppp0
snap39.eftel.com     anywhere              n/a
    0     0 DENY       all  ----l- 0xFF 0x00  any
anywhere             anywhere              n/a
(end)

this is not with the New Firewall by Jason Nicholls


--
     _.._    _    Clinton Butler
   ."\__/"./`_\   misprint at bizzpro.com.au
 _/__<__>__\/     Homepage:
`"/_/""""\_\\     N/A until I get Apache up

More information about the plug mailing list