Hi, Has anyone got SuSE's ftp-proxy working? If your setting it on a firewall machine what do you use for the DestinationAddress? The IP of the 2nd interface or one of the machines' IP's behind the firewall? I read the docs and they're not complete, especially the part on the config file. TIA scott sworley@houston.rr.com ---------------------------------- E-Mail: sworley@houston.rr.com Date: 05-Jan-00 Time: 20:46:04 This message was sent by XFMail ---------------------------------- -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
sworley@houston.rr.com wrote:
Hi,
Has anyone got SuSE's ftp-proxy working? If your setting it on a firewall machine what do you use for the DestinationAddress? The IP of the 2nd interface or one of the machines' IP's behind the firewall? I read the docs and they're not complete, especially the part on the config file.
Well, I have a firewall up and running. From the get go I wanted to understand what I was doing with respect to the firewall so I want looking for a book, I found the book "Linux Firwall". I liked the book because it got down to business and taught me what I needed to get the firewall working. It did not spend a great amount of time on theory and is very much geared towards the home and small office networks. The author of the book put together a web site: http://www.linux-firewall-tools.com/linux/ The site has a CGI script that will ask you a lot of questions and put together a pretty good firewall script. Because of the strange setup I have here (it is an aDSL system with 10.x.x.x on the outside) I had to use what I learned from the book to hack the script to work. In the end, I am very glad I bought the book (he has a link on his web site to the book) and used his CGI script. Hope this helps. Sam -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
Thanks Sam, I have a copy. Didn't know about the web site. What I'm trying to do is get all the proxies up before setting up the firewall. So far I've got Squid, smtp, pop3 proxies working. ftp was the last. Just something I don't have set correctly in ftp-proxy.conf on the firewall. cott sworley@houston.rr.com On 06-Jan-00 Sam Carleton wrote:
sworley@houston.rr.com wrote:
Hi,
Has anyone got SuSE's ftp-proxy working? If your setting it on a firewall machine what do you use for the DestinationAddress? The IP of the 2nd interface or one of the machines' IP's behind the firewall? I read the docs and they're not complete, especially the part on the config file.
Well, I have a firewall up and running. From the get go I wanted to understand what I was doing with respect to the firewall so I want looking for a book, I found the book "Linux Firwall". I liked the book because it got down to business and taught me what I needed to get the firewall working. It did not spend a great amount of time on theory and is very much geared towards the home and small office networks.
The author of the book put together a web site: http://www.linux-firewall-tools.com/linux/ The site has a CGI script that will ask you a lot of questions and put together a pretty good firewall script. Because of the strange setup I have here (it is an aDSL system with 10.x.x.x on the outside) I had to use what I learned from the book to hack the script to work.
In the end, I am very glad I bought the book (he has a link on his web site to the book) and used his CGI script. Hope this helps.
Sam
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
---------------------------------- E-Mail: sworley@houston.rr.com Date: 05-Jan-00 Time: 21:52:15 This message was sent by XFMail ---------------------------------- -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
Sorry about the lag of this reply, I haven't checked my email in a couple of days. I have SuSE's ftp-proxy set up and running on my sort of firewall (It's got too much running on it to be a real firewall). To start off I set up my ftp server to run on a different port number than 21 (up in the 1024 and up range). I then used ipchains to block the servers new port and prevent connections directly to my ftp server. I then set up SuSE's ftp-proxy to listen on port 21 and proxy all the traffic to my ftp server's new port. I set it up this way this because my firewall is the only computer I have up and running 24/7, but it would be just as easy to have it proxy to another machine if that's what you desire. Although running an ftp server on my firewall is not the most secure thing to do, I feel a little more secure knowing the SuSE's ftp-proxy is there limiting the commands that ftp users are allowed, spoofing the server's identity, and hopefully protecting me against common ftp expoits. fj On 5 Jan, sworley@houston.rr.com wrote:
Hi,
Has anyone got SuSE's ftp-proxy working? If your setting it on a firewall machine what do you use for the DestinationAddress? The IP of the 2nd interface or one of the machines' IP's behind the firewall? I read the docs and they're not complete, especially the part on the config file.
TIA scott sworley@houston.rr.com
-- --> flaw@videotron.ca --> http://pages.infinit.net/fdesigns --> PGP Key found on site -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
participants (3)
-
Anonymous User
-
flaw@videotron.ca
-
sworley@houston.rr.com