Can anybody help me with this problem, I have a machine in my DMZ which needs to access a flexlm license from a machine in the LOC. I have added the following rule: ACCEPT:info dmz:192.168.12.30 loc:192.168.11.5 tcp 5280 ACCEPT:info dmz:192.168.12.30 loc:192.168.11.5 udp 5280 I added these but to no avail. ACCEPT:info loc:192.168.11.5 dmz:192.168.12.30 tcp 5280 ACCEPT:info loc:192.168.11.5 dmz:192.168.12.30 udp 5280 5280 is the port number that the licence is at. Thanks in advance, I really need to get this woking. Mike _______________________________________________ Shorewall-users mailing list Post: Shorewall-users@lists.shorewall.net Subscribe/Unsubscribe: https://lists.shorewall.net/mailman/listinfo/shorewall-users Support: http://www.shorewall.net/support.htm FAQ: http://www.shorewall.net/FAQ.htm
On Thu, 4 Dec 2003, Mike Noble wrote:> Can anybody help me with this problem, I have a machine in my DMZ which > needs to access > a flexlm license from a machine in the LOC. > > I have added the following rule: > ACCEPT:info dmz:192.168.12.30 loc:192.168.11.5 tcp > 5280 > ACCEPT:info dmz:192.168.12.30 loc:192.168.11.5 udp > 5280 > > I added these but to no avail. > ACCEPT:info loc:192.168.11.5 dmz:192.168.12.30 tcp > 5280 > ACCEPT:info loc:192.168.11.5 dmz:192.168.12.30 udp > 5280 > > 5280 is the port number that the licence is at. > > Thanks in advance, I really need to get this woking. >A) If you "shorewall clear", does this then work? B) What are you seeing in your log when you try this connection? -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net _______________________________________________ Shorewall-users mailing list Post: Shorewall-users@lists.shorewall.net Subscribe/Unsubscribe: https://lists.shorewall.net/mailman/listinfo/shorewall-users Support: http://www.shorewall.net/support.htm FAQ: http://www.shorewall.net/FAQ.htm
Just found the answer, for whoever is interested the following will work: ACCEPT:info dmz:192.168.12.30 loc:192.168.11.5 tcp 5280,32899 It appears that flexlm (or in this case passibly Cadence) uses port 32899 as well. I proved that it would work by opening up full access from dmz to loc and looking at the logs which showed me port 32899 was be used as well on every request. Mike Tom Eastep wrote:>On Thu, 4 Dec 2003, Mike Noble wrote: > > > >>Can anybody help me with this problem, I have a machine in my DMZ which >>needs to access >>a flexlm license from a machine in the LOC. >> >>I have added the following rule: >>ACCEPT:info dmz:192.168.12.30 loc:192.168.11.5 tcp >>5280 >>ACCEPT:info dmz:192.168.12.30 loc:192.168.11.5 udp >>5280 >> >>I added these but to no avail. >>ACCEPT:info loc:192.168.11.5 dmz:192.168.12.30 tcp >>5280 >>ACCEPT:info loc:192.168.11.5 dmz:192.168.12.30 udp >>5280 >> >>5280 is the port number that the licence is at. >> >>Thanks in advance, I really need to get this woking. >> >> >> > >A) If you "shorewall clear", does this then work? >B) What are you seeing in your log when you try this connection? > >-Tom >-- >Tom Eastep \ Nothing is foolproof to a sufficiently talented fool >Shoreline, \ http://shorewall.net >Washington USA \ teastep@shorewall.net >_______________________________________________ >Shorewall-users mailing list >Post: Shorewall-users@lists.shorewall.net >Subscribe/Unsubscribe: https://lists.shorewall.net/mailman/listinfo/shorewall-users >Support: http://www.shorewall.net/support.htm >FAQ: http://www.shorewall.net/FAQ.htm > >_______________________________________________ Shorewall-users mailing list Post: Shorewall-users@lists.shorewall.net Subscribe/Unsubscribe: https://lists.shorewall.net/mailman/listinfo/shorewall-users Support: http://www.shorewall.net/support.htm FAQ: http://www.shorewall.net/FAQ.htm