[Firehol-support] Custom services

Daniel L. Miller dmiller at amfes.com
Wed Nov 3 00:33:51 GMT 2004


Sorry for the wrong subject entry.

Is there anything wrong with the following?

AMFESLAN_IF="eth0"
AMFESLAN_LAN="192.168.0.0/24"
AMFESLAN_IP="192.168.0.1"
AMFESLAN_BCAST="192.168.0.255"

AA_IF="eth1"
AA_LAN="67.106.235.97/27"
AA_IP="67.106.235.121"
AA_BCAST="67.106.235.127"

server_americasarmy_ports="1716/tcp 1717/tcp 1718/tcp 8777/udp 27900/udp
20045/tcp"
client_americasarmy_ports="default 1716/tcp 1717/tcp 1718/tcp 8777/udp
27900/udp 20045/tcp"

interface "${AA_IF}" aa src not "${UNROUTABLE_IPS} ${AMFESLAN_LAN}" dst
"${AA_IP}"
        protection strong 100/sec 50
        server ident reject with tcp-reset
        client all accept

router aainternet2aalan inface "${AA_IF}" outface "${AMFESLAN_IF}"
        protection strong 100/sec 50
        server americasarmy accept
        route ident reject with tcp-reset

Firehol gives me iptables error messages on execution.

Daniel





More information about the Firehol-support mailing list