[Firehol-support] Custom services
Daniel L. Miller
dmiller at amfes.com
Sun Nov 7 09:39:17 CET 2004
Thank you. Somehow every time I read the sample I saw it backwards.
Now it works.
Costa Tsaousis wrote:
>Daniel,
>
>Two errors:
>
>1. server ports should be in the form: protocol/port
>Example: tcp/143
>
>2. client ports do not a protocol, just the number or port name.
>
>Costa
>
>
>
>
>
>>Sorry for the wrong subject entry.
>>
>>Is there anything wrong with the following?
>>
>>AMFESLAN_IF="eth0"
>>AMFESLAN_LAN="192.168.0.0/24"
>>AMFESLAN_IP="192.168.0.1"
>>AMFESLAN_BCAST="192.168.0.255"
>>
>>AA_IF="eth1"
>>AA_LAN="67.106.235.97/27"
>>AA_IP="67.106.235.121"
>>AA_BCAST="67.106.235.127"
>>
>>server_americasarmy_ports="1716/tcp 1717/tcp 1718/tcp 8777/udp 27900/udp
>>20045/tcp"
>>client_americasarmy_ports="default 1716/tcp 1717/tcp 1718/tcp 8777/udp
>>27900/udp 20045/tcp"
>>
>>interface "${AA_IF}" aa src not "${UNROUTABLE_IPS} ${AMFESLAN_LAN}" dst
>>"${AA_IP}"
>> protection strong 100/sec 50
>> server ident reject with tcp-reset
>> client all accept
>>
>>router aainternet2aalan inface "${AA_IF}" outface "${AMFESLAN_IF}"
>> protection strong 100/sec 50
>> server americasarmy accept
>> route ident reject with tcp-reset
>>
>>Firehol gives me iptables error messages on execution.
>>
Daniel
More information about the Firehol-support
mailing list