Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: [suse-security] DMZ egress access problem
From: Maarten J H van den Berg (maartenvbvb.nl)
Date: Fri May 23 2003 - 12:49:57 CDT
On Thursday 22 May 2003 10:23, you wrote:
> Hello Maarten
> Quoting maarten van den Berg <maartenvbvb.nl>:
> > FW_MASQ_DEV="eth0 eth2"
> Hmm, I don't think it is necessary to masquerade on eth2, and just
> maybe that is the culprit
Yeah... I wondered about that too... The thing is, If I do not masquerade
LAN to my DMZ how do I allow access from LAN to my DMZ servers ?
Am I overlooking something ?
> > FW_FORWARD="0/0,X.Y.Z.160/28,tcp,80 0/0,X.Y.Z.160/28,tcp,22
> > X.Y.Z.160/28,0/0"
> This syntax looks correct indeed.
> So remove eth2 from FW_MASQ_DEV and the forward rule from dmz to
> outside, because I think the fw rules that are setup already should
> allow this.
I'll try that.
> If this does not work have a good look at the routing table on the fw
> Als the DMZ if should be the default gw for the servers in the DMZ
Yeah. It is.
This email has been scanned for the presence of computer viruses.
Maarten J. H. van den Berg ~~//~~ network administrator
VBVB - Amsterdam - The Netherlands - http://vbvb.nl
T +31204233288 F +31204233286 G +31651994273
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here