Mailinglist Archive: opensuse-security (605 mails)
| < Previous | Next > |
Firewall problems
- From: Rüdiger H <linuz@xxxxxxxx>
- Date: Sat, 6 Oct 2001 13:54:20 +0200
- Message-id: <01100613542000.01682@client1>
hi!
3 days ago I've written an email to you. thanks for your help! everything
worked fine, except the nfs.
I opened the ports 2049 and 111 completely, but I still get this error
message:
mount: RPC: Wartezeit abgelaufen ("waiting time expired")
I tried to log everything blocked by the firewall, but it didn't work. I
don't find the log file of iptables nor in /var/log/messages. These things
I've already tried:
1)
iptables -N no-conns-from-eth0
iptables -A no-conns-from-eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A no-conns-from-eth0 -m state --state NEW -i ! eth0 -j ACCEPT
iptables -A no-conns-from-eth0 -i $DEV_EXT -m limit -j LOG --log-prefix "Bad
packet from eth0:"
iptables -A no-conns-from-eth0 -i ! $DEV_EXT -m limit -j LOG --log-prefix
"Bad packet not from eth0:"
iptables -A no-conns-from-eth0 -j DROP
iptables -A INPUT -j no-conns-from-eth0
iptables -A FORWARD -j no-conns-from-eth0
2)
iptables -N my_drop
iptables -A my_drop -p ICMP -j LOG --log-prefix "DROP-ICMP "
iptables -A my_drop -p UDP -j LOG --log-prefix "DROP-UDP "
iptables -A my_drop -p TCP -j LOG --log-prefix "DROP-TCP "
iptables -A my_drop -j DROP
3)
iptables -A INPUT -i $DEV_EXT -f -j LOG --log-prefix "IPTABLES FRAGMENTS:"
iptables -A INPUT -i $DEV_EXT -f -j DROP
4)
iptables -N logdrop
iptables -A logdrop -j LOG
iptables -A logdrop -j DROP
iptables -j logdrop
can anybody tell me where I can find the log files? answers in german would
be very helpful, but many thanks to all!!!
Rüdiger H
3 days ago I've written an email to you. thanks for your help! everything
worked fine, except the nfs.
I opened the ports 2049 and 111 completely, but I still get this error
message:
mount: RPC: Wartezeit abgelaufen ("waiting time expired")
I tried to log everything blocked by the firewall, but it didn't work. I
don't find the log file of iptables nor in /var/log/messages. These things
I've already tried:
1)
iptables -N no-conns-from-eth0
iptables -A no-conns-from-eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A no-conns-from-eth0 -m state --state NEW -i ! eth0 -j ACCEPT
iptables -A no-conns-from-eth0 -i $DEV_EXT -m limit -j LOG --log-prefix "Bad
packet from eth0:"
iptables -A no-conns-from-eth0 -i ! $DEV_EXT -m limit -j LOG --log-prefix
"Bad packet not from eth0:"
iptables -A no-conns-from-eth0 -j DROP
iptables -A INPUT -j no-conns-from-eth0
iptables -A FORWARD -j no-conns-from-eth0
2)
iptables -N my_drop
iptables -A my_drop -p ICMP -j LOG --log-prefix "DROP-ICMP "
iptables -A my_drop -p UDP -j LOG --log-prefix "DROP-UDP "
iptables -A my_drop -p TCP -j LOG --log-prefix "DROP-TCP "
iptables -A my_drop -j DROP
3)
iptables -A INPUT -i $DEV_EXT -f -j LOG --log-prefix "IPTABLES FRAGMENTS:"
iptables -A INPUT -i $DEV_EXT -f -j DROP
4)
iptables -N logdrop
iptables -A logdrop -j LOG
iptables -A logdrop -j DROP
iptables -j logdrop
can anybody tell me where I can find the log files? answers in german would
be very helpful, but many thanks to all!!!
Rüdiger H
| < Previous | Next > |