Firewall se linux shorewall

[Ted Constadoudakis]

tha ithela na rotiso to eksis..
estisa 1 firewall se linux shorewall me two intefaces gia mia etairia
apo tin mia karta diktiou ston router me true IP kai apo tin alli karta diktiou se olo to esoteriko diktio me false IP
Ola doulepsan mia xara kai telika katafera oti ithela na petixo alla kollisa se mia rithmisi tou firewall sto arxeio "policy"
se kathe policy iparxei sto telos mia rithmisi pou legetai LIMIT : BURST
p.x

ACCEPT   loc    net      tcp    80           (kai kapou edo iparxei i stili LIMIT:BURST )
ACCEPT   fw     net      tcp   80            (kai kapou edo iparxei i stili LIMIT:BURST )

apo tin www.shorewall.net brika 1 paradeigma opou ebazan gia limit:burst ====>   10/sec:40   pou simainei oti se kathe sec tha dexomai 10 tcp connections kai tha bazo stin oura 40 ..
Poli oraia mexri edo omos to problima einai oti otan bazo ayti tin rithmisi eite apo to  firewall sto net eite apo to loc sto net stamataei sto firewall na bgainei ekso sto internet sinepos kai to esoteriko diktio...molis bgazo tin rithmisi (pou einai kai optional) kanontas restart to Shorewall ola einai ok..
Mipos morei kapoios na me boithisei giati pisteuo oti auti i rithmisi tha boithisei poli stin sosti dianomi tou internet an rithmistei sosta...


Thodoris Constadoudakis 
(thodoris at enternet.gr)



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.hellug.gr/pipermail/hellug/attachments/20040402/5b7acc61/attachment.htm>