Hi
From: Linuxdom@in-sight.de [mailto:Linuxdom@in-sight.de]
Hello list, I have set the Parameter "FW_TRUSTED_NETS="198.201.201.0/24". the Parameter to enable the firewall to be pinged is turned off, so the firewall shouldn't be "pingable". Now when I set the "TRUSTED"NETS" Parameter, the firewall is "pingable". When I leave the entry emty, I works fine.
it reads in the comment that the fw should not be pingable, unless icmp is allowed for that hosts. if you just add the trusted ip-address then icmp works as well as any other port. try to allow access via tcp only or even better restrict the ports you want to use from your trusted hosts. FW_TRUSTED_NETS="192.168.10.156,tcp 231.67.90.213,22"
What does the Paramter mean exactly ? It tells me that I can define Hosts/Nets to ports on the firewall, doesn't it ? I don't want any service to be allowed neither from the internet nor from the intranet, except port 8080 for proxying from the inside of our net.
so i guess your case will be ... FW_SERVICES_EXT="" FW_SERVICES_INT="8080" FW_TRUSTED_NETS="<your_ip>,tcp,22" ...
Thanks in advance you're welcome ;-)
maX Bauer
cheers, stefan