So, now I see why I was doing the fw 2 fw rule. It was for my YP/NIS usage. Does anyone know how I get that to work?
TGS wrote:> So, now I see why I was doing the fw 2 fw rule. It was for my YP/NIS usage. > > Does anyone know how I get that to work?Again, why do you want to limit fw2fw traffic? More than likely you have configured NIS incorrectly and it''s nothing to do with the firewall rules. BTW, running NIS is usually a bad idea unless you use an encrypted network (e.g. IPSEC), and usually an even worse idea on a firewall. Why do you want it? -- Paul Gear, Manager IT Operations, Redlands College 38 Anson Road, Wellington Point 4160, Australia (Please send attachments in portable formats such as PDF, HTML, or OpenOffice.) -- The information contained in this message is copyright by Redlands College. Any use for direct sales or marketing purposes is expressly forbidden. This message does not represent the views of Redlands College.
That is the problem, when I have everything open, I assume, from not having any fw2fw rules, I still get that nis is being blocked on port 111 in the /var/log/messages log. I know that NIS is bad, but since I am the only one on my network, and I enjoy just coming home from work with my linux laptop and having direct access to my accounts on the firewall. I also do not have to kludge my system by putting symlinks to /home directories and web directories that reside on different drives. Any, I just shutdown the whole NIS/NFS configuration for the moment. I on 10/07/2004 11:09 PM, Paul Gear at pgear@redlands.qld.edu.au wrote:> TGS wrote: >> So, now I see why I was doing the fw 2 fw rule. It was for my YP/NIS usage. >> >> Does anyone know how I get that to work? > > Again, why do you want to limit fw2fw traffic? More than likely you > have configured NIS incorrectly and it''s nothing to do with the > firewall rules. > > BTW, running NIS is usually a bad idea unless you use an encrypted > network (e.g. IPSEC), and usually an even worse idea on a firewall. > Why do you want it?
TGS wrote:> That is the problem, when I have everything open, I assume, from not having > any fw2fw rules, I still get that nis is being blocked on port 111 in the > /var/log/messages log.Tom has already explained to you that *you don''t need fw2fw rules*. Take out the ones you''ve got and the fw2fw traffic will be allowed. -- Paul Gear, Manager IT Operations, Redlands College 38 Anson Road, Wellington Point 4160, Australia (Please send attachments in portable formats such as PDF, HTML, or OpenOffice.) -- The information contained in this message is copyright by Redlands College. Any use for direct sales or marketing purposes is expressly forbidden. This message does not represent the views of Redlands College.
Okay, I thought my message below started this clearly... I DO NOT have any fw2fw rules. to quote myself : "from not having any fw2fw rules" on 10/07/2004 11:43 PM, Paul Gear at pgear@redlands.qld.edu.au wrote:> TGS wrote: >> That is the problem, when I have everything open, I assume, from not having >> any fw2fw rules, I still get that nis is being blocked on port 111 in the >> /var/log/messages log. > > Tom has already explained to you that *you don''t need fw2fw rules*. > Take out the ones you''ve got and the fw2fw traffic will be allowed.
TGS wrote:> Okay, I thought my message below started this clearly... > > I DO NOT have any fw2fw rules. > > to quote myself : "from not having any fw2fw rules"Sorry - i didn''t get that clearly. My fault. What do the log messages say now, then? -- Paul Gear, Manager IT Operations, Redlands College 38 Anson Road, Wellington Point 4160, Australia (Please send attachments in portable formats such as PDF, HTML, or OpenOffice.) -- The information contained in this message is copyright by Redlands College. Any use for direct sales or marketing purposes is expressly forbidden. This message does not represent the views of Redlands College.