Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
urgh! its me again! managed to setup my Mandrake Network Firewall fine now. Its connected to the internet via cable modem (ethernet) on eth1. It is then connected to my lan via the hub on eth0.
The firewall has access to the internet fine, and the lan can access the firewall and its admin page fine too. All the other computers on the network are windowz comps.
The only way, however, ive managed to get the lan computers to access the net is through the proxy server, which is fine but some applications, such as outlook express (not my choice to use it by the way...) cant connect, even tho it uses the same connection settings as i.e and mozilla etc.
So naturally i thought this was a problem with the rules on the firewall, but no matter how many ways i try to tell it lan > wan smtp (25) should be allowed, nothing happens. Its as if it ignores any rules set in that area. (ive also tried shutting the telnet port but to no avail.)
i can not get ip masquerading to work either, which is a pain since applications which do not support proxies wont work.
any help would be EXTREMLY appreciated, ive looked everywhere but cant find anything that answers my questions specifically
Thanks for your responce, but unfortunately, this OS being Linux Mandrake Network Security, its mainly controlled through a web browser to the server.
When trying to login directly to the server, only admin is allowed, and the iptables command does not exist. (you can not login as root at this point, dont ask me why, it just doesnt work =/)
I did however restart the server in failsafe mode, the only way i can login as root. The iptables command worked but of course no connections were present, and no connection information.
If there are any other ways of doing this and accessing iptables through MDF i would greatly appreciate a responce.
One other note, when loggin on through a browser, going to the proxy settings, then content filter, theres a command there that says 'add iptables rules'. The help file doesnt even refer to it. Does anyone know what this does?
I don't know anything about LMNS OS... sorry.
However, if the iptables command worked in the failsafe mode, iptables command is there.
Maybe your path for admin user does not include the path for iptables command.
Check what's the absolute path of the iptables command when in failsafe mode and try it whe logged as admin.
Regarding add iptables rules commans in your web interface, it seems that's exactly what u need to tweak your iptables config from the web (it seems a web frontend to the iptables command).
Unfortunately admin cannot access iptables command, or any other it seems. =/
Also, the 'add iptables rules'... well... does nothing, it seems. Just runs through and goes back, no other options.
Although i have found some interesting points. Other blighters on the net have found the same problems, but have found editing the squid .conf helps (which i dont know how to do) and others have found danguardian (which also runs along side squid) to cause a few problems.
The interface allow you to disable url filtering and content filtering (dansguardian) but this doesnt help.
What I need are the ports for each service. I know the http port on the proxy server must be 3328, (as default) and when dansguardian was running it filtered on 8080.
Either that, or i need to get masquerading working to bypass the proxy server for progs such as mail clients which use smtp.
Any firewall rules i change (MNF runs Shorewall) dont have any effect, unless i change the default rules, which really dont help my situation.
*starts praying...* i kinda convinced our manager this would be a good idea to change to MNF linux instead of using our winxp gateway... i know itll work but it needs to be kinda soon!!
I am in kinda the same boat (convinced my manager to let me use MNF) but can't get it working. The difference is, I can't connect to my network at all, so I haven't even gotten to the browser interface yet.
You can login to the server as root. Don't use the browser interface. Go directly to the MNF machine, boot as regular linux.
Log on as admin, password. at the bash$ prompt, type su and at the password prompt, type in the root password. Now you are logged on as root, and your iptables commands will work.
Hey, it looks to me like you are attempting to telnet into the machine as root
This (now a days usually) is not possible. You can:
A: telnet in and use su to switch to the root user account.
B: get sshd (secure shell daemon) working if not already and ssh in as root. For this you need a ssh client on you windows machine. I recommend Putty. Make sure to set it to ssh
After you get it working and log in you really should use ssh and disable telnet. Telnet is weak and untrustable.
C log in physically and use su as suggested.
In all cases you may have to try 'whereis iptables' and use the full path as the paths are not always set very well when logging in.
I dont know MNF. Sounds a little goofy to me that a network firewall would allow such a weak and known security problem like 'telnetd' to allow you access to the machine in the first place.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.