[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Sheflug] Firewall config - for Ross.
Sorry,
had to subscribe with my other email address, since I'm at work at the moment.
Ross, the firewall config I sent you is default DENY - but it will allow
related connections back (you did patch your 2.4.3 kernel to fix the bug with
that didn't you? If not upgrade to 2.4.4 or patch 2.4.3!).
So, if you are connecting from the box running the firewall to another box, it
should work.
If you are trying to connect to the firewalled box from outside, it will fail
- the firewall will drop the connection attempt.
It's already been suggested - using ssh to tunnel the X connection is a much
easier, and more secure solution, rather than poking holes in the firewall.
If you want to want to drop the firewall for the moment, issue
iptables -P INPUT ACCEPT or
iptables -P FORWARD ACCEPT if your firewall is on a different box to the
machine you are connecting from.
Once again - try SSH - it's a vastly better solution.
Baz.
--
Barrie J. Bremner OpenPGP public key ID: 5164F553
TheEnglishman [at] ecosse.net http://barriebremner.com/
"Linux? Is that some kind of MacOS?"
-- BT technical support
---------------------------------------------------------------------
Sheffield Linux User's Group - http://www.sheflug.co.uk
To unsubscribe from this list send mail to
- <sheflug-request [at] vuw.ac.nz> - with the word
"unsubscribe" in the body of the message.
GNU the choice of a complete generation.