[Shorewall-newbies] Single Static IP FW and internal servers

Tom Eastep teastep at shorewall.net
Mon Jan 5 20:41:02 PST 2004

On Monday 05 January 2004 08:01 am, Lyvim Xaphir wrote:

> >
> > There are a lot of problems with the above two rules:
> >
> > a) bootps is handled by the 'dhcp' option in /etc/shorewall/interfaces
> > b) ntp is UDP only
> > c) the rest are TCP only.
> That's very interesting, since those rules above were set up by the
> Mandrake Control Center program.  Looks like I should post a bug report
> to Mandrake bugzilla.

Seems like a good idea.

> Interesting concept.....that a developer, in charge of the shorewall
> setup rules, would make such an error, when info on tcp and udp standard
> ports are readily available on the net.

Yep, including at http://www.shorewall.net/ports.htm

> Here's something else you might be interested in also, Tom.  In a recent
> conversation on the Mandrake lists, the topic came up that the Mandrake
> control center program was also failing to set up a local zone with the
> firewall when RFC-1918 addresses were being used on the local lan.  In
> other words, the install prog set up a net and a fw zone, and..eh, that
> was all. (!)

I noticed that when I tried Mandrake "Internet Connection Sharing" that if the 
*external* IP is reserved by RFC 1918, the Mandrake setup program makes a 
complete mess of the configuration (but I don't remember the details).

I use Mandrake for my desktop Linux systems but that's all....

Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep at shorewall.net

More information about the Shorewall-newbies mailing list