[Shorewall-users] ProxyArp Implementation check

Troy Arnold troy at troyandtina.com
Thu Dec 4 08:38:51 PST 2003


127.0.0.1 is your localhost...

-----Original Message-----
From: Ama Kalu [mailto:ama.kalu at cwlgroup.net] 
Sent: Thursday, December 04, 2003 8:29 AM
To: shorewall-users at lists.shorewall.net
Subject: [Shorewall-users] ProxyArp Implementation check

Dear All,
 
I have just implemented ProxyARP with my Mail server behind shorewall. 
 
It appears to be working OK as I can both send and receive mails, and
this server is available to both the NET and my LAN using the same
public IP. 
 
The only port open to the net from shorewall is https (443)
 
I have attempted to reach both the Mailserver and the firewall with nmap
and failed.
 
But I have been seeing this in my Mail server logs for the past 24 hours
since I did this ProxyARP thing.
 
"Connection attempt to service SMTP from IP address 127.0.0.1 rejected."
 
My question is this;
 
Is someone attempting some form of exploit via https on my mail server?
How did this person go past shorewall? Has anyone any idea what is going
on?
 
Are there other ways of testing that ProxyARP and shorewall are working
as designed?
 
Thanks for your assistance.
 
Ama
_______________________________________________
Shorewall-users mailing list
Post: Shorewall-users at lists.shorewall.net
Subscribe/Unsubscribe:
https://lists.shorewall.net/mailman/listinfo/shorewall-users
Support: http://www.shorewall.net/support.htm
FAQ: http://www.shorewall.net/FAQ.htm




More information about the Shorewall-users mailing list