[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-security] IPCHAINS and MAC OS

Subject: RE: [cobalt-security] IPCHAINS and MAC OS
From: "Rob Moore" <rob.moore@xxxxxxxxxxxxxxx>
Date: Tue, 30 Apr 2002 00:50:53 +0100
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

>> I installed IPCHAIN and PMfirewall on a raq3i and everything was working
>> fine until several customers all-using MAC systems complained about that
>> they where unable to contact siteadmin pages anymore. The customers have
>> different versions of MAC OS and are on different networks, but all of
them
>> are denied to login to siteadmin.

>> Cheeking the log this is what I can find:

>> Apr 29 18:33:58 www kernel: Packet log: input DENY eth0 PROTO=6
>> 152.93.xx.xx:49163 65.194.xx.xx:81 L=48 S=0x00 I=27950 F=0x4000 T=235 SYN
>> (#47)

<snip>

If this is a DEFAULT installation of pmfirewall then you need to allow
access
to port 81 - not generally allowed by the pmfirewall script - all ports
below
1024 are closed unless otherwise opened. You will probably find that you
cannot
also get to the raq /admin either.

vim /usr/local/pmfirewall/pmfirewall.rules.local (or wherever you installed
pmfirewall)
and look for the lines:-

#HTTPD
$IPCHAINS -A input -p tcp -s $REMOTENET -d $OUTERNET 80 -j ACCEPT

After this add the line

$IPCHAINS -A input -p tcp -s $REMOTENET -d $OUTERNET 81 -j ACCEPT

save, exit and do /usr/local/pmfirewall/pmfirewall restart

this should then allow you access.

Rob

References:
- [cobalt-security] IPCHAINS and MAC OS
  - From: Kai r. s., euroweb as

Prev by Date: [cobalt-security] Re:IPCHAINS and MAC OS
Next by Date: [cobalt-security] Cobalt security resource location (automatic reminder)
Previous by thread: [cobalt-security] Re:IPCHAINS and MAC OS
Next by thread: [cobalt-security] Strange raw sockets?

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index