[LUAU] ipfwadm -W
Mark Robinson
sleepdoc at usa.net
Wed Jun 30 17:19:17 PDT 1999
Hi
I am have a small lan that works well with wide open forwarding and masq through my RR box.(RH5.2)
I have been trying to work up a firewall using ipfwadm and the Fire wall tool at http://rlz.ne.mediaone.net/linux/firewall/index.html
I think I uderstand the filter concept, but am having trouble with one of the rule styles
the firewall tool generates. It sets a variable EXTERNAL_INTERFACE ="eth0". This is the
interface used with DHCPC that connects to RR, or LOOPBACK_INTERFACE= "lo". It uses
the following syntax:
ipfwadm -O -a accept -W $LOOPBACK_INTERFACE .
Comment for this line says "Unlimited trafic on loopback interface."
I understand this to say accept any packets from the loopback interface destined for anywhere.
When I list the resulting rule :ipfwadm -O -l , I get :
acc all anywhere anywhere.
I think the problem is in the use of the -W parameter. This is supposed to designate the name of an
interface, but it is not able to evaluate lo so it defaults to anywhere. The gateway box knows about
lo,eth0,eth1 according to ifconfig, and they are active. So any ideas as to what -W name is supposed to
evaluate to? IP Address? I can edit the script to do so , but how do you think it is supposed to work?
Thanks Mark Robinson
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freesoftwarehawaii.org/pipermail/luau-freesoftwarehawaii.org/attachments/19990630/356b0312/attachment-0001.htm>
More information about the LUAU
mailing list