[Firewall] Firewall Digest, Vol 81, Issue 4

humberto.alcazar at pe.g4s.com humberto.alcazar at pe.g4s.com
Sun Oct 7 15:15:46 CEST 2012


Hi, how work the plugin ids ?

Thank you.

Enviado desde mi BlackBerry de Movistar

-----Original Message-----
From: firewall-request at rocky.eld.leidenuniv.nl
Sender: firewall-bounces at rocky.eld.leidenuniv.nl
Date: Sun, 07 Oct 2012 12:00:02 
To: <firewall at rocky.eld.leidenuniv.nl>
Reply-To: firewall at rocky.eld.leidenuniv.nl
Subject: Firewall Digest, Vol 81, Issue 4

Send Firewall mailing list submissions to
	firewall at rocky.eld.leidenuniv.nl

To subscribe or unsubscribe via the World Wide Web, visit
	http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall
or, via email, send a message with subject or body 'help' to
	firewall-request at rocky.eld.leidenuniv.nl

You can reach the person managing the list at
	firewall-owner at rocky.eld.leidenuniv.nl

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Firewall digest..."


Today's Topics:

   1. Re: Next problem (Eli Wapniarski)


----------------------------------------------------------------------

Message: 1
Date: Sun, 07 Oct 2012 07:24:23 +0200
From: Eli Wapniarski <eli at orbsky.homelinux.org>
To: firewall at rocky.eld.leidenuniv.nl
Subject: Re: [Firewall] Next problem
Message-ID: <3111526.1AYQi27Wdp at orbskyl>
Content-Type: text/plain; charset="us-ascii"

On Friday 05 October 2012 18:50:03 Robert Bain wrote:
> On 05/10/2012 17:27, Eli Wapniarski wrote:
> > On Friday 05 October 2012 11:06:04 Lonnie Abelbeck wrote:
> >> On Oct 5, 2012, at 9:59 AM, Eli Wapniarski wrote:
> >>> On Friday 05 October 2012 09:34:32 Lonnie Abelbeck wrote:
> >>>> Eli,
> >>>> 
> >>>> If you want to forward UDP 9987 to your internal host 192.168.0.11
> >>>> using
> >>>> the same port, you *only* need: --
> >>>> NAT_FORWARD_UDP="9987>192.168.0.11"
> >>>> --
> >>>> Note the matching double-quotes, shell script style.
> >>>> 
> >>>> By also having OPEN_UDP="9987" you are tying to do two different things
> >>>> with the same packet.
> >>>> 
> >>>> So, remove OPEN_UDP="9987" and make sure you have matching
> >>>> double-quotes.
> >>> 
> >>> Thanks Lonnie
> >>> 
> >>> That did the trick. Does this apply to everythig I forwared or just to
> >>> udp?
> >>> 
> >>> Eli
> >> 
> >> Yes, everything.  Either you NAT forward the packet (NAT_FORWARD_) to
> >> internal hosts or allow the packet (OPEN_) to your local computer running
> >> Arno's firewall, not both.
> > 
> > I will try to configure my firewall as per your suggestion Lonnie.
> > However, I gotta ask a dumb question then. How come, when I have the
> > open_tcp configured and nat_forward_tcp configured with the same ports
> > everything seems to work OK?
> > 
> > Eli
> 
> Luck. Maybe TCP port forwards are parsed before the TCP Open ports and
> the other way around for UDP


Thanks all.... This was all very very helpful.

Eli


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.



------------------------------

_______________________________________________
Firewall mailing list
Firewall at rocky.eld.leidenuniv.nl
http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall


End of Firewall Digest, Vol 81, Issue 4
***************************************


More information about the Firewall mailing list