[Shorewall-users] Re: [Shorewall-newbies] 2 IPs and Three Interface
teastep at shorewall.net
Wed Mar 3 12:05:39 PST 2004
On Wed, 3 Mar 2004, electro jacs wrote:
> > > and if that happens, since I make to allow all traffic clean without the
> > > rules of firewall?
> >No -- but you can add rules specifically for that IP address to allow it
> >access that you want to give it. To give the IP complete access in and out,
> >you can add these at the top of /etc/shorewall/rules:
> >ACCEPT loc:200.x.x.195 all all
> >ACCEPT all loc:200.x.x.195 all
> ok Mr Tom , that rule was added
> but I scan with NMAP and it shows this to :
> [root at totalweb root]# nmap 200.x.x.194
> Starting nmap 3.48 ( http://www.insecure.org/nmap/ ) at 2004-03-03 14:12 COT
> Note: Host seems down. If it is really up, but blocking our ping probes, try
> -P0Nmap run completed -- 1 IP address (0 hosts up) scanned in 12.061 seconds
> [root at totalweb root]#
> the computer that has the IP 200.x.x.194, sails correctly and apparently all
> this good, and I scan I did it from another computer in Internet
> that I could be badly configured?
I don't understand --
a) The rules I gave you were for IP address 200.x.x.195
b) You claim that nmap doesn't work; yet
c) You say that the IP 200.x.x.194 "sails correctly"
We are loosing something in the translation...
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep at shorewall.net
More information about the Shorewall-users