|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [suse-security] nntp client behind suse firewall
From: John Andersen (jsa
pen.homeip.net)
Date: Sat Aug 05 2006 - 01:32:07 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Friday 04 August 2006 03:27, wpc wrote:
> NNTP works well on my firewall, but doesn't work at
> all on client computers that reside behind my
> firewall.
>
>
>
> i put this iptables line in my custom firewall script
> file.
>
> under "fw_custom_after_antispoofing()"
>
> i have
>
> iptables -N network1_in
> iptables -N network1_out
> iptables -A FORWARD -i eth2 -o eth1 -j network1_in
> iptables -A FORWARD -i eth1 -o eth2 -j network1_out
>
> iptables -t nat -A POSTROUTING -o eth2 -p tcp -s
> $mynet --sport 1024:65535 -d 0/0 --dport 119 -j SNAT
> --to $my_ext_ip
>
> iptables -A network1_out -p tcp -s $mynet --sport
> 1024:65535 -d 0/0 --dport 119 -m state --state
> NEW,ESTABLISHED -j ACCEPT
>
> iptables -A network1_in -p tcp -s 0/0 --sport 119 -d
> $mynet --dport 1024:65535 -m state --state ESTABLISHED
> -j ACCEPT
>
>
> but it still doesn't work ? what could be the problem
Why do you want your internal machines to traverse your firewall to
get to an nntp server? The proper thing to do is run your own server
on the firewall which is the only machine that would have to bother
the public servers.
--
_____________________________________
John Andersen
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQBE1DtuYH9YMSad7nIRAow8AKCgotIO8/69Zk7kw6XB5kuLgQ6j0QCgttfA
zbqCd5KyviJ8MdIawJdvhPs=
=A3Ot
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]