firewall problem again

Vasilis Vasaitis vvas at hal.csd.auth.gr
Tue Feb 16 23:54:52 EET 1999 

On Tue, Feb 16, 1999 at 05:34:27AM +0200, I.Ioannou wrote:
> On 14-Feb-99 Vasilis Vasaitis wrote:
> >   Prepei na omologiso oti ta netmasks pou xrisimopoieis mou fainontai
> > poli
> > perierga? Den tha itan kalitera an evazes kai stis treis autes
> > entoles gia
> > netmask to 255.255.255.0? ('i ena sketo 24, einai to idio). 
> 
> Oxi, giati einai perierga ? To diktyo pou anaferontai einai akribws
> ayto pou lene : ypodiktio me 4 IPs. Den yparxei mono to 255.255.255.0 !!

  Kapoios ap' tous dio mas exei mperdeutei, opote dieukrinise mou kati: to
x.x.x.8 einai IP address kapoiou sigkekrimenou mixanimatos, 'i einai to
network address tou topikou diktiou? Episis kati de mou arese stin entoli
tou masqueraded, ipenthymizo:

ipfwadm -F -i m -S 192.168.0.0/255.255.255.255 -D 0.0.0.0/0

  To netmask auto leei oti olo ki olo iparxei ena mixanima me dieuthinsi
192.168.0.0! Vevaia auto eipes oti sou douleuei alla emena mou fainetai 
parakseno.

> >   Genika pantos dokimaze panta me ta elaxista dinata options prota
> > (diladi
> > xoris to -V kai to -W), kai ama einai OK vaze ta ena ena kai des pote
> > stamataei na douleuei.
> 
> Ta balw, den ta balw (pou to sxima sto sigkekrimeno mixanima ta thelei
> giati exei 3 devices) to idio kanei distixws. Egw ksekinisa apo teleiws
> minimized entoles (-a acc -S a.a.a.a/aa -D b.b.b.b/b), den douleyane 
> (akomi kai me -c den douleuane) kai meta prostheta mpas kai doulepsei.

  Paizei rolo posa devices exeis? Giati min ksexnas oti etsi ki allios
exeis mpolika (vlepe lo, dummy0). Tespa...to mono forwarding pou
xreiazetai na kano ego einai masquerading, opote den mporo na se voithiso
allo. Ena omos exo na po: sto rule pou exo ftiaksei gia to masquerading,
gia na doulepsei prepei 'i na min doso to -W 'i na einai -W ppp0, allios
den douleuei (-V den vazo katholou). To manpage tou ipfwadm oson afora to
forwarding den dieukrinizei an prepei na doseis to interface pou erxontai
'i pou feugoun ta paketa 'i opoio na 'nai, opote eisai sigouros oti to na
dineis pantou to eth1 einai to sosto? Kane merika peiramata kai vlepoume.

> ---
> I.Ioannou <roryt at hol.gr>

Vasilis Vasaitis
vvas at hal.csd.auth.gr

--
====================================================================
Gia boithia (h na diagrafhte) e-mail sto majordomo at hellug.gr
Ta archives tis listas einai sto http://lists.hellug.gr
prin steilete kapoia erothsh psakte mipos exei hdh apanththei.
Gia opoiodipote problima stilte e-mail ston owner-linux-greek-users
====================================================================

More information about the Linux-greek-users mailing list