|
Click to See Complete Forum and Search --> : Allowing UDP packets 47776:47807 through my ipchains firewall. outpostrocks 02-10-2001, 01:59 PM If anyone knows the what I have to do to allow the UDP packets 47776 and 47807 through, please IM me, e-mail me, or post on this message thread. --- outpostrocks [ 10 February 2001: Message edited by: outpostrocks ] andrzej 02-11-2001, 07:26 AM # ipchains -A input -s 0.0.0.0/0 -d 0.0.0.0/0 47776 -p 17 -j ACCEPT ... for example. To be placed before the rule that causes such packets to be rejected or denied. Andrzej Fandelem 02-11-2001, 08:19 PM this is a little safer i think.. # $OUTER_INTERFACE = device that connects to the internet # $REMOTENET = 0/0 # $OUTER_IP_ADDRESS = your internet address # # /sbin/ipchains -A input -i $OUTER_INTERFACE -p udp -s $REMOTENET 47776 -d $OUTER_IP_ADDRESS/24 47776 -j ACCEPT /sbin/ipchains -A input -i $OUTER_INTERFACE -p udp -s $REMOTENET 47807 -d $OUTER_IP_ADDRESS/24 47807 -j ACCEPT but i haven't been using ipchains in a while.. but it's good habit to specify the device. ~kyle outpostrocks 02-12-2001, 08:57 PM How do I find the "OUTER_INTERFACE" ??? --- outpostrocks Fandelem 02-12-2001, 11:52 PM your "outer_interface" is the device that connects you to the internet. if you are using an ethernet card, it should be something such as eth0 however if you are using 56k dialup modem, it will be ppp0 the command: ifconfig will give you a clue as well. if you are still unsure, copy and paste everything ifconfig shows here, and we will be able to tell you. ~kyle shuxclams 02-14-2001, 02:52 AM IPMASQADM is a handy tool for this stuff. http://juanjox.kernelnotes.org/ You can find it here. There are man pages included. SHUX outpostrocks 02-15-2001, 09:27 PM shuxlums, I tried that two weeks ago. Fandelem, i inputed the lines: ipchains -A input -i ppp0 -p udp -s 0/0 47776 -d 0/0 -j ACCEPT ipchains -A input -i ppp0 -p udp -s 0/0 47807 -d 0/0 -j ACCEPT What went worng? :confused: --- outpostrocks outpostrocks 02-15-2001, 09:28 PM shuxlums, I tried that two weeks ago. Fandelem, i inputed the lines: ipchains -A input -i ppp0 -p udp -s 0/0 47776 -d 0/0 -j ACCEPT ipchains -A input -i ppp0 -p udp -s 0/0 47807 -d 0/0 -j ACCEPT What went worng? :confused: --- outpostrocks Fandelem 02-15-2001, 10:25 PM you should specify your $OUTER_IP_ADDRESS, not 0/0 (note: the /24 is the same as saying $OUTER_IP_ADDRESS/255.255.255.0) try: /sbin/ipchains -A input -i ppp0 -p udp -s 0/0 47776 -d $OUTER_IP_ADDRESS/24 47776 -j ACCEPT /sbin/ipchains -A input -i ppp0 -p udp -s 0/0 47807 -d $OUTER_IP_ADDRESS/24 47807 -j ACCEPT (keep in mind, you need to have this *before* you have your deny all statement, and you need to flush your previous rules) ~kyle outpostrocks 02-20-2001, 11:01 PM I think I need to correct something I said. If anyone knows the what I have to do to 'allow' the UDP packets 47776 and 47807 through, please IM me, e-mail me, or post on this message thread. I meant to say forward the UDP packets. Sorry. --- outpostrocks [ 24 February 2001: Message edited by: outpostrocks ] outpostrocks 02-24-2001, 02:35 PM bump Fandelem 02-24-2001, 09:48 PM okay.. it'd be something like: /usr/sbin/ipmasqadm portfw -a -P udp -L $OUTER_IP 47776 -R $destination_lan_computer 47776 /usr/sbin/ipmasqadm portfw -a -P udp -L $OUTER_IP 47807 -R $destination_lan_computer 47807 should work. your $OUTER_IP is your internet address. if you need to find it out you can go to http://www.fandelem.com/cgi-bin/iplookup.cgi hope this helps. oh, btw, if you don't have IPMASQADM then you will need to get that as well. you can check out my section on portfw at: http://www.fandelem.com/nhf-5.html#portfw hope this helps, ~kyle justlinux.com
Copyright Internet.com Inc. All Rights Reserved. |
|