[Firehol-devs] NF_CONNTRACK_SANE
Costa Tsaousis
costa at tsaousis.gr
Mon May 7 22:18:35 BST 2007
**
Jeff, check the docs.
example:
server_sane_ports="protocol/port" # e.g. tcp/25
client_sane_ports="default" # or a port range
require_sane_modules="nf_conntrack_sane"
require_sane_nat_modules="nf_nat_sane
**then use it as any other service.
Jeff Kowalczyk wrote:
> I'm planning a Gentoo deployment with installed Firehol. One application
> will be networked scanners over SANE. Remote office traffic will most
> likely be through OpenVPN, but I'd like to be able to explicitly configure
> firehol to allow SANE connections only from certain hosts in LAN
> configurations.
>
> linux-2.6.21 adds the netfilter conntrack module/config: NF_CONNTRACK_SANE
>
> What would the suggested method be to use NF_CONNTRACK_SANE with the
> forthcoming firehol release?
>
> Is the SANE protocol (said to be 'ftp-like, with separate control & data
> connections') easy to define as a user protocol, and is it possible to get
> this definition in upstream firehol in the next few months?
>
> Thanks.
>
> http://www.gossamer-threads.com/lists/engine?do=post_view_printable;post=64805;list=iptables
>
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by DB2 Express
> Download DB2 Express C - the FREE version of DB2 express and take
> control of your XML. No limits. Just data. Click to get it now.
> http://sourceforge.net/powerbar/db2/
> _______________________________________________
> Firehol-devs mailing list
> Firehol-devs at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/firehol-devs
>
More information about the Firehol-devs
mailing list