[Firehol-support] Custom services
Costa Tsaousis
costa at tsaousis.gr
Wed Nov 3 00:50:32 GMT 2004
Danniel,
Two errors:
1. server ports should be in the form: protocol/port
Example: tcp/143
2. client ports do not a protocol, just the number or port name.
Costa
> Sorry for the wrong subject entry.
>
> Is there anything wrong with the following?
>
> AMFESLAN_IF="eth0"
> AMFESLAN_LAN="192.168.0.0/24"
> AMFESLAN_IP="192.168.0.1"
> AMFESLAN_BCAST="192.168.0.255"
>
> AA_IF="eth1"
> AA_LAN="67.106.235.97/27"
> AA_IP="67.106.235.121"
> AA_BCAST="67.106.235.127"
>
> server_americasarmy_ports="1716/tcp 1717/tcp 1718/tcp 8777/udp 27900/udp
> 20045/tcp"
> client_americasarmy_ports="default 1716/tcp 1717/tcp 1718/tcp 8777/udp
> 27900/udp 20045/tcp"
>
> interface "${AA_IF}" aa src not "${UNROUTABLE_IPS} ${AMFESLAN_LAN}" dst
> "${AA_IP}"
> protection strong 100/sec 50
> server ident reject with tcp-reset
> client all accept
>
> router aainternet2aalan inface "${AA_IF}" outface "${AMFESLAN_IF}"
> protection strong 100/sec 50
> server americasarmy accept
> route ident reject with tcp-reset
>
> Firehol gives me iptables error messages on execution.
>
> Daniel
>
>
>
> -------------------------------------------------------
> This SF.Net email is sponsored by:
> Sybase ASE Linux Express Edition - download now for FREE
> LinuxWorld Reader's Choice Award Winner for best database on Linux.
> http://ads.osdn.com/?ad_id=5588&alloc_id=12065&op=click
> _______________________________________________
> Firehol-support mailing list
> Firehol-support at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/firehol-support
>
More information about the Firehol-support
mailing list