[luau] firewall problem
burnst001 at hawaii.rr.com
burnst001 at hawaii.rr.com
Wed Nov 6 15:42:01 PST 2002
Is there an error in this output from MonMotha's script? What's that bit about
"Refusing SSR Packets via SysCtl"? Here's the output.
*****************
Loading iptables firewall:
Checking configuration...passed
Performing TCP_ALLOW and UDP_ALLOW alias preprocessing...done
Checking IP Forwarding...enabled.
Checking IP SynCookies...disabled.
Checking Route Verification...activated:eth0 activated:eth1
Refusing SSR Packets via SysCtl...activated:eth0 activated:eth1
Flush: INPUT OUTPUT1 FORWARD PREROUTING1 OUTPUT2 POSTROUTING PREROUTING2 OUTPUT3
Creating chains: INETIN INETOUT DMZIN DMZOUT TCPACCEPT UDPACCEPT LDROP LREJECT
TREJECT LTREJECT
Default Policies: INPUT:DROP OUTPUT:ACCEPT FORWARD:DROP
Setting up drop chains chains: LDROP LREJECT TREJECT LTREJECT
Setting up per-proto ACCEPT: TCPACCEPT UDPACCEPT
TREJECTing invalid packets...done
Setting up INET chains: INETIN INETOUT
Local Traffic Rules: 192.168.0.0/24:ACCEPT 192.168.1.0/24:ACCEPT loopback:ACCEPT
Setting up masquerading: 192.168.0.0/24:MASQUERADE 192.168.1.0/24:MASQUERADE
TREJECTing ICMP messages specified in BAD_ICMP...5 9 10 15 16 17 18
Flood limiting: ICMP-PING
Allowing the rest of the ICMP messages in...done
Hostwise TCP Allows: 0/0>22
Hostwise UDP Allows: 0/0>68 0/0>6112 0/0>6119 0/0>4000
Allowing established outbound connections back in...done
Allowing related inbound connections...done
Setting up INET policies: INETIN:TREJECT INETOUT:ACCEPT
Done loading the firewall!
**********************
Looks okay to me. If there are no errors, what else could prevent the firewall
from working, given that I've tested the cables and cards to my satisfaction?
Desperate Dave
More information about the LUAU
mailing list