[Firehol-support] Wierd error

Costa Tsaousis costa at tsaousis.gr
Fri Jun 20 23:03:46 BST 2003

The text editor that created your firehol.conf is really very very very

Please copy and paste the following using pico, nano, vi, cat or something
standard to a NEW /etc/firehol.conf:

--- snip ---

version 5


interface eth0 home src "${home_ips}"
        policy reject
        server  "dns socks dhcp ssh vnc"        accept
        client  samba   accept

interface eth1 internet src not "${home_ips} ${UNROUTABLE_IPS}"
        protection strong 10/sec 10
        server  "ssh vnc"       accept
        server ident reject with tcp-reset
        client  all     accept

router home2internet inface eth0 outface eth1
        route all accept

router internet2home inface eth1 outface eth0
        route ident reject with tcp-reset

--- snip ---

My version is also attached. Now it works.


> This might be a stupid mistake on my part, but I just want to make sure
> I'm not  crazy.  I am running a pretty standard linux box as a DSL
> router (static IP, no  pppoe) using gentoo 1.4, iptables 1.2.8 and such.
> I am attaching my firehol.conf (stripped down to something almost
> identical to  the one in the tutorial) and the output of "firehol
> debug".  There are 3 errors.
> First, it reads something like ": command not foundline 18: masquerade".
>   Whenever "accept\r" or "reject\r" appear in the argument of iptables,
> the  script doesn't replace the appropriate target in and it fails.
> The third one isn't really an error, but the script prompts for modules
> that  are already compiled into the kernel.  Can I turn those warnings
> off?
> Thanks in advanced,  Rodrigo

-------------- next part --------------
A non-text attachment was scrubbed...
Name: firehol.conf2
Type: application/octet-stream
Size: 485 bytes
Desc: not available
URL: <http://lists.firehol.org/pipermail/firehol-support/attachments/20030621/53881bb9/attachment-0003.obj>

More information about the Firehol-support mailing list