FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.

» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu User
Reload this Page FW: Firewall Setup / Shoreline

 
 
LinkBack Thread Tools
 
Old 11-25-2007, 11:56 PM
"Karl-Heinz Schulz"
 
Default FW: Firewall Setup / Shoreline
I have more information but still the same problem/

This is the output of my kernel log.

Nov 25 18:59:55 ubuntu kernel: [ 96.207858] DROPPED IN= OUT=eth0
SRC=24.172.115.23 DST=24.25.5.60 LEN=57 TOS=0x00 PREC=0x00 TTL=64 ID=8933
DF PROTO=UDP SPT=1027 DPT=53 LEN=37
Nov 25 18:59:59 ubuntu kernel: [ 98.465079] DROPPED IN= OUT=eth0
SRC=24.172.115.23 DST=24.25.5.60 LEN=59 TOS=0x00 PREC=0x00 TTL=64 ID=9878
DF PROTO=UDP SPT=1027 DPT=53 LEN=39
Nov 25 18:59:59 ubuntu kernel: [ 98.465106] DROPPED IN= OUT=eth0
SRC=24.172.115.23 DST=24.25.5.61 LEN=59 TOS=0x00 PREC=0x00 TTL=64 ID=9878
DF PROTO=UDP SPT=1027 DPT=53 LEN=39
Nov 25 18:59:59 ubuntu kernel: [ 98.465122] DROPPED IN= OUT=eth0
SRC=24.172.115.23 DST=24.25.5.60 LEN=59 TOS=0x00 PREC=0x00 TTL=64 ID=9878
DF PROTO=UDP SPT=1027 DPT=53 LEN=39
Nov 25 19:00:04 ubuntu kernel: [ 100.694803] DROPPED IN= OUT=eth0
SRC=24.172.115.23 DST=24.25.5.60 LEN=67 TOS=0x00 PREC=0x00 TTL=64 ID=11218
DF PROTO=UDP SPT=1027 DPT=53 LEN=47
Nov 25 19:00:04 ubuntu kernel: [ 100.694829] DROPPED IN= OUT=eth0
SRC=24.172.115.23 DST=24.25.5.61 LEN=67 TOS=0x00 PREC=0x00 TTL=64 ID=11218
DF PROTO=UDP SPT=1027 DPT=53 LEN=47
Nov 25 19:00:04 ubuntu kernel: [ 100.694845] DROPPED IN= OUT=eth0
SRC=24.172.115.23 DST=24.25.5.60 LEN=67 TOS=0x00 PREC=0x00 TTL=64 ID=11218
DF PROTO=UDP SPT=1027 DPT=53 LEN=47
Nov 25 19:00:04 ubuntu kernel: [ 100.694860] DROPPED IN= OUT=eth0
SRC=24.172.115.23 DST=24.25.5.61 LEN=67 TOS=0x00 PREC=0x00 TTL=64 ID=11218
DF PROTO=UDP SPT=1027 DPT=53 LEN=47
Nov 25 19:00:04 ubuntu kernel: [ 100.694881] DROPPED IN= OUT=eth0
SRC=24.172.115.23 DST=24.25.5.60 LEN=67 TOS=0x00 PREC=0x00 TTL=64 ID=11218
DF PROTO=UDP SPT=1027 DPT=53 LEN=47
Nov 25 19:00:04 ubuntu kernel: [ 100.694896] DROPPED IN= OUT=eth0
SRC=24.172.115.23 DST=24.25.5.61 LEN=67 TOS=0x00 PREC=0x00 TTL=64 ID=11218
DF PROTO=UDP SPT=1027 DPT=53 LEN=4



> I have followed the tutorial to set up the firewall (shoreline) but I
> still cannot my box from the outside via http or ssh/
>
> The output of the shoreline test shows
> -----------------------------------------------------------------
> Checking...
> Initializing...
> Determining Zones...
> IPv4 Zones: net loc
> Firewall Zone: fw
> Validating interfaces file...
> Validating hosts file...
> Pre-processing Actions...
> Pre-processing /usr/share/shorewall/action.Drop...
> Pre-processing /usr/share/shorewall/action.Reject...
> Validating Policy file...
> Determining Hosts in Zones...
> net Zone: eth0:0.0.0.0/0
> WARNING: Zone loc is empty
> Deleting user chains...
> Checking /etc/shorewall/routestopped ...
> Creating Interface Chains...
> Checking Common Rules
> Adding Anti-smurf Rules
> Enabling RFC1918 Filtering
> Checking TCP Flags checking...
> Checking Kernel Route Filtering...
> Checking Martian Logging...
> Compiling IP Forwarding...
> Checking /etc/shorewall/rules...
> Checking Actions...
> Checking /usr/share/shorewall/action.Drop for Chain Drop...
> Checking /usr/share/shorewall/action.Reject for Chain Reject...
> Checking /etc/shorewall/policy...
> Checking Traffic Control Rules...
> Checking Rule Activation...
> Shorewall configuration verified
>
> .. your firewall configuration looks OK.
> -----------------------------------------------------------------
>
> the output of my rules are
>
> # PORT PORT(S) DEST LIMIT GROUP
> ACCEPT net $FW icmp 8
> ACCEPT $FW net icmp
> ACCEPT net fw tcp ssh,www,https,smtp,pop3,pop3s,imap2,imaps,submi
> ssion
> ACCEPT net $FW udp https
>
> and of my zones:
>
> fw firewall
> net ipv4 #
> loc ipv4
>
>
> What am I missing?
>
> TIA
>
>



--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 11-26-2007, 12:10 AM
Fajar Priyanto
 
Default FW: Firewall Setup / Shoreline
On Monday 26 November 2007 07:56:01 Karl-Heinz Schulz wrote:
> I have more information but still the same problem/
>
> This is the output of my kernel log.
>
> Nov 25 18:59:55 ubuntu kernel: [ 96.207858] DROPPED IN= OUT=eth0
> SRC=24.172.115.23 DST=24.25.5.60 LEN=57 TOS=0x00 PREC=0x00 TTL=64 ID=8933
> DF PROTO=UDP SPT=1027 DPT=53 LEN=37

Port UDP 53 is DNS.
Try to open the port (out going)

--
Fajar Priyanto | Reg'd Linux User #327841 | Linux tutorial
http://linux2.arinet.org
08:09:44 up 19 min, 2.6.22-14-generic GNU/Linux
Let's use OpenOffice. http://www.openoffice.org
The real challenge of teaching is getting your students motivated to learn.
--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 

Thread Tools




All times are GMT. The time now is 02:07 AM.

VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org

Contact Us - Linux Archive - Archive - Top -