[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sheflug] Firewall config - for Ross.
On Thursday 17 May 2001 13:24, you wrote:
> Ross, the firewall config I sent you is default DENY - but it will allow
> related connections back (you did patch your 2.4.3 kernel to fix the bug
> with that didn't you? If not upgrade to 2.4.4 or patch 2.4.3!).
>
dropped the firewall and now xhost is running :-)
i had already added some lines to the firewall to allow related packets
through on ppp1 (my direct serial link) so i thought that should do it.
however..... you mention a patch for related pachets....
i would hope that the latest kernel from mandrake was patched!
is there some way of checking?
i don't relish the idea of recomiling the kernel.... i've had bad experiances
of this:-(
can i acespt all packets from ppp1? if so how?
the lines i added to the firewall are
iptables -A INPUT -i ppp1 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i ppp1 -m state --state RELATED,ESTABLISHED -j ACCEPT
--
Thanks,
Ross
ross.h [at] ntlworld.com
____________________________________________________________________________
---------------------------------------------------------------------
Sheffield Linux User's Group - http://www.sheflug.co.uk
To unsubscribe from this list send mail to
- <sheflug-request [at] vuw.ac.nz> - with the word
"unsubscribe" in the body of the message.
GNU the choice of a complete generation.