<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=Content-Type content="text/html; charset=us-ascii">
<meta name=Generator content="Microsoft Word 12 (filtered medium)">
<!--[if !mso]>
<style>
v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style>
<![endif]-->
<style>
<!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
{font-family:Verdana;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p
{mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0cm;
mso-margin-bottom-alt:auto;
margin-left:0cm;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0cm;
margin-right:0cm;
margin-bottom:0cm;
margin-left:36.0pt;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
span.EmailStyle18
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page Section1
{size:612.0pt 792.0pt;
margin:72.0pt 90.0pt 72.0pt 90.0pt;}
div.Section1
{page:Section1;}
/* List Definitions */
@list l0
{mso-list-id:608632897;
mso-list-type:hybrid;
mso-list-template-ids:-1632313784 67633167 67633177 67633179 67633167 67633177 67633179 67633167 67633177 67633179;}
@list l0:level1
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l1
{mso-list-id:1444570348;
mso-list-type:hybrid;
mso-list-template-ids:287330432 67633175 67633177 67633179 67633167 67633177 67633179 67633167 67633177 67633179;}
@list l1:level1
{mso-level-number-format:alpha-lower;
mso-level-text:"%1\)";
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l1:level2
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l2
{mso-list-id:1779911030;
mso-list-type:hybrid;
mso-list-template-ids:-2007872086 67633167 67633177 67633179 67633167 67633177 67633179 67633167 67633177 67633179;}
@list l2:level1
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
ol
{margin-bottom:0cm;}
ul
{margin-bottom:0cm;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=EL link=blue vlink=purple>
<div class=Section1>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Morin,<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Grab the latest firehol from <a
href="http://firehol.sf.net/firehol.tar.gz">http://firehol.sf.net/firehol.tar.gz</a><o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>To do it, execute as root:<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'># cd /tmp<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'># wget <a href="http://firehol.sf.net/firehol.tar.gz">http://firehol.sf.net/firehol.tar.gz</a><o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Untar it:<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'># tar zxvpf firehol.tar.gz<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Go into /tmp/firehol/ directory and run the firehol wizard:<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'># cd /tmp/firehol<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'># ./firehol.sh wizard >/tmp/firehol.conf<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Open /tmp/firehol.conf with an editor and at the very top insert
this line:<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:10.0pt;font-family:"Verdana","sans-serif"'>masquerade
ppp+</span><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Save it and now activate this firehol.conf (while still in
/tmp/firehol/ do):<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'># ./firehol.sh /tmp/firehol.conf<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>It will ask you to commit it once it is activated. Please do so.
Keep in mind that the wizard has ACCEPT rules for everything found to be
running (for example it will ACCEPT traffic from the internet, for everything
running).<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Now, please make your tests again. Do they work?<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>If yes, please examine /tmp/firehol.conf to find out how you
should configure your firewall.<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>If not, please:<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoListParagraph style='text-indent:-18.0pt;mso-list:l0 level1 lfo3'><![if !supportLists]><span
lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><span style='mso-list:Ignore'>1.<span style='font:7.0pt "Times New Roman"'>
</span></span></span><![endif]><span lang=EN-US style='font-size:11.0pt;
font-family:"Calibri","sans-serif";color:#1F497D'>send us /tmp/firehol.conf, It
will be long, so please attach it to the e-mail.<o:p></o:p></span></p>
<p class=MsoListParagraph style='text-indent:-18.0pt;mso-list:l0 level1 lfo3'><![if !supportLists]><span
lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><span style='mso-list:Ignore'>2.<span style='font:7.0pt "Times New Roman"'>
</span></span></span><![endif]><span lang=EN-US style='font-size:11.0pt;
font-family:"Calibri","sans-serif";color:#1F497D'>Send us also the output of
the commands (on the firewall):<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'># ip link show<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'># ip route show<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'># ip rule show<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>And answer the following questions:<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoListParagraph style='text-indent:-18.0pt;mso-list:l1 level1 lfo1'><![if !supportLists]><span
lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><span style='mso-list:Ignore'>a)<span style='font:7.0pt "Times New Roman"'>
</span></span></span><![endif]><span lang=EN-US style='font-size:11.0pt;
font-family:"Calibri","sans-serif";color:#1F497D'>How to you setup your hosts?
DHCP or static?<br>
If it is DHCP, please attach the configuration of your dhcp server.<o:p></o:p></span></p>
<p class=MsoListParagraph><span lang=EN-US style='font-size:11.0pt;font-family:
"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoListParagraph style='text-indent:-18.0pt;mso-list:l1 level1 lfo1'><![if !supportLists]><span
lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><span style='mso-list:Ignore'>b)<span style='font:7.0pt "Times New Roman"'>
</span></span></span><![endif]><span lang=EN-US style='font-size:11.0pt;
font-family:"Calibri","sans-serif";color:#1F497D'>Pick any two hosts, each in a
different subnet to make some tests with, and for both of them please give us
this info:<o:p></o:p></span></p>
<p class=MsoListParagraph style='margin-left:72.0pt;text-indent:-18.0pt;
mso-list:l1 level2 lfo1'><![if !supportLists]><span lang=EN-US
style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><span
style='mso-list:Ignore'>a.<span style='font:7.0pt "Times New Roman"'>
</span></span></span><![endif]><span lang=EN-US style='font-size:11.0pt;
font-family:"Calibri","sans-serif";color:#1F497D'>IP Address<o:p></o:p></span></p>
<p class=MsoListParagraph style='margin-left:72.0pt;text-indent:-18.0pt;
mso-list:l1 level2 lfo1'><![if !supportLists]><span lang=EN-US
style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><span
style='mso-list:Ignore'>b.<span style='font:7.0pt "Times New Roman"'>
</span></span></span><![endif]><span lang=EN-US style='font-size:11.0pt;
font-family:"Calibri","sans-serif";color:#1F497D'>Subnet Mask<o:p></o:p></span></p>
<p class=MsoListParagraph style='margin-left:72.0pt;text-indent:-18.0pt;
mso-list:l1 level2 lfo1'><![if !supportLists]><span lang=EN-US
style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><span
style='mso-list:Ignore'>c.<span style='font:7.0pt "Times New Roman"'>
</span></span></span><![endif]><span lang=EN-US style='font-size:11.0pt;
font-family:"Calibri","sans-serif";color:#1F497D'>Broadcast Address<o:p></o:p></span></p>
<p class=MsoListParagraph style='margin-left:72.0pt;text-indent:-18.0pt;
mso-list:l1 level2 lfo1'><![if !supportLists]><span lang=EN-US
style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><span
style='mso-list:Ignore'>d.<span style='font:7.0pt "Times New Roman"'>
</span></span></span><![endif]><span lang=EN-US style='font-size:11.0pt;
font-family:"Calibri","sans-serif";color:#1F497D'>Default Gateway<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Thanks,<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Costa<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<div>
<div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm 0cm 0cm'>
<p class=MsoNormal><b><span lang=EN-US style='font-size:10.0pt;font-family:
"Tahoma","sans-serif"'>From:</span></b><span lang=EN-US style='font-size:10.0pt;
font-family:"Tahoma","sans-serif"'> M. O. [mailto:mofog@hotmail.com] <br>
<b>Sent:</b> Thursday, February 12, 2009 9:52 PM<br>
<b>To:</b> cefrodrigues@gmail.com<br>
<b>Cc:</b> firehol-support@lists.sourceforge.net<br>
<b>Subject:</b> Re: [Firehol-support] Routing between virtual interfaces<o:p></o:p></span></p>
</div>
</div>
<p class=MsoNormal><span lang=EN-US><o:p> </o:p></span></p>
<p class=MsoNormal style='margin-bottom:12.0pt'><span style='font-size:10.0pt;
font-family:"Verdana","sans-serif"'>No more suggestions?<br>
If this was caused by a small glitch in firehol itself, I'd be willing to offer
my system as a test course. Just let me know if I can be of any assistance. I
just wanted to let you know that I won't be available for the next 10 days. Afterwards,
I'm going to merge the subnets to avoid further complications, in case no one
has any hints left.<br>
<br>
<br>
Thanks for the great support so far!<br>
<br>
Morin <br>
<br>
<br>
<br>
<br>
> Date: Sun, 8 Feb 2009 18:16:15 +0000<br>
> Subject: Re: [Firehol-support] Routing between virtual interfaces<br>
> From: cefrodrigues@gmail.com<br>
> To: mofog@hotmail.com<br>
> CC: firehol-support@lists.sourceforge.net<br>
> <br>
> On Fri, Feb 6, 2009 at 7:11 PM, M. O. <mofog@hotmail.com> wrote:<br>
> > As you can see, there are some contradictory statements: one maps the<br>
> > traffic from 192.168.0.4 to 192.168.1.51 successfully to the rule<br>
> > "DELTA2BRO", and the next line tells the exact opposite
(same addresses are<br>
> > mapped to "PASS-unknown"). I'm quite in despair now.<br>
> <br>
> What does your firehol.conf look like? Are you accepting all traffic?<br>
> <br>
> -- <br>
> Carlos Rodrigues<o:p></o:p></span></p>
<div class=MsoNormal align=center style='text-align:center'><span
style='font-size:10.0pt;font-family:"Verdana","sans-serif"'>
<hr size=2 width="100%" align=center>
</span></div>
<p class=MsoNormal><span style='font-size:10.0pt;font-family:"Verdana","sans-serif"'>Brand
neu: Top Videos auf MSN ClipClub! Schau Dir die besten Playlists an <a
href="http://redirect.gimas.net/?n=M0902ClipClub" target="_new">>> Play
now!</a><o:p></o:p></span></p>
</div>
</body>
</html>