[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-security] pmfirewall , IPCHAINS, CDONTS and mail forwarding

Subject: RE: [cobalt-security] pmfirewall , IPCHAINS, CDONTS and mail forwarding
From: Gerald Waugh <gwaugh@xxxxxxxxxxxxxxxxxxxxxxx>
Date: Tue, 23 Apr 2002 09:05:27 -0400
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

On Tue, 23 Apr 2002, Sean Ward wrote:
> Didn't work. Bummer.
> 
check  /etc/rc.d/init.d/pmfirewall  see if you have a couple lines like this....

     # These are open to sockets created by connections allowed by ipchains
     $IPCHAINS -A input -p tcp -s $REMOTENET -d $OUTERNET 1023:65535 -j ACCEPT
     $IPCHAINS -A input -p udp -s $REMOTENET -d $OUTERNET 1023:65535 -j ACCEPT

DNS may use high numbered ports, not just 53

Also, did I understand that your server is running on multiple IP addresses?
This may affect operation...
I remember someone a few months ago that had a problem with multiple IP
addresses...


--
Gerald Waugh
http://www.frontstreetnetworks.com
Front Street Networks LLC - 203-785-0699
229 Front Street, Ste. #C, New Haven CT, 06513-3203

Follow-Ups:
- RE: [cobalt-security] pmfirewall , IPCHAINS, CDONTS and mail forwarding
  - From: Sean Ward

References:
- RE: [cobalt-security] pmfirewall , IPCHAINS, CDONTS and mail forwarding
  - From: Sean Ward

Prev by Date: RE: [cobalt-security] pmfirewall , IPCHAINS, CDONTS and mail forwarding
Next by Date: Re: [cobalt-security] Re: Re: SSI Vuln on cobalt
Previous by thread: RE: [cobalt-security] pmfirewall , IPCHAINS, CDONTS and mail forwarding
Next by thread: RE: [cobalt-security] pmfirewall , IPCHAINS, CDONTS and mail forwarding

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index