Assuming that this is a single NIC on a server on the internal lan and
you have no idea what you want a firewall to be doing on this computer
anyway...why don't you just turn it off?
service ipchains off
chkconfig --levels 2345 ipchains off
Otherwise,
/sbin/ipchains -A input -j ACCEPT -i $EXTIF -p tcp -s $UNIVERSE -d
$EXTIP 10000
replace port & variables as necessary but I have to tell you that what
you have in place for ipchains is pretty minimal and you shouldn't feel
as though anything is secure on that system because you have an ipchains
firewall running on it.
Craig
On Tue, 2002-06-25 at 17:49,
alandd@mindspring.com wrote:
> OK, this is looking like a firewall (ie. ipchains) setting issue. I will have
> to go learn how to do ipchains, and without a GUI since I didn't put it on
> this box!
>
> The output of "ipchains -L" gives:
>
> Chain input (policy ACCEPT):
> target prot opt source destination ports
> ACCEPT udp ------ 192.168.200.1 anywhere domain ->
> 1025:65535
> ACCEPT tcp -y---- anywhere anywhere any ->
> http
> ACCEPT tcp -y---- anywhere anywhere any ->
> ssh
> ACCEPT udp ------ anywhere anywhere
> bootps:bootpc -> bootps:bootpc
> ACCEPT udp ------ anywhere anywhere
> bootps:bootpc -> bootps:bootpc
> ACCEPT all ------ anywhere anywhere n/a
> REJECT tcp -y---- anywhere anywhere any ->
> any
> REJECT udp ------ anywhere anywhere any ->
> any
> Chain forward (policy ACCEPT):
> Chain output (policy ACCEPT):
>
> What line to I need to allow Webmin miniserv.pl to listen for https
> connections on eth0? Where do I put said line?
>
> Mean while, I'll go read the manuals...
>
> Alan
>
> ________________________________________________
> See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't post to the list quickly and you use Netscape to write mail.
>
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)