[Shorewall-users] lan addreses visible
teastep at shorewall.net
Thu Sep 2 12:31:29 PDT 2004
On Thursday 02 September 2004 12:28, richard wrote:
> Tom Eastep wrote:
> > On Thursday 02 September 2004 11:07, richard wrote:
> >>Where is the documentation on stopping addresses of machines on a Lan
> >>being visible to scanning s/w when masquerading through a firewall.
> > Usually, setting the 'norfc1918' option on your external interface is all
> > you need.
> > -Tom
> Thanks Tom , I was a bit warey of using that as the first router up line
> is 10.48.0.1, but sitting it does not seem to stop wanted incoming
You can always add an exception record for 10.48.0.1 in your rfc1918 file
(copy /usr/share/shorewall/rfc1918 to /etc/shorewall and modify it).
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep at shorewall.net
PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Url : http://lists.shorewall.net/pipermail/shorewall-users/attachments/20040902/3b41fd6a/attachment.bin
More information about the Shorewall-users