Francesca C Smith
2003-Oct-08 15:36 UTC
[Shorewall-users] Re: Shorewall-users Digest, Vol 11, Issue 23
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hiya .. At 06:07 PM 10/8/2003, you wrote:>The question is: >1: When configuring for services, where are they considered running. >What I mean is if I want to open ssh(22) so that I can get to it from >the inside is it? >ACCEPT loc fw 22 22 >ACCEPT loc loc 22 22 >Basically are services considered to be running on fw or loc? > >Currently I can not ssh when the firewall is running.Correct rule is ACCEPT loc $FW 22 The rule is bogus .. Lady Linux "No Problems Only Solutions" Francesca C. Smith Lady Linux Internet Services fsmith@ladylinux.com -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com> iQA/AwUBP4SQ1W9MXAhl3ducEQJxuACeIyHKvMJseL0Yo8fEM+t4n3E07uoAoMxl mXB35Hrq0kSXT1LkTM2aSmeB =e6lp -----END PGP SIGNATURE-----
Rodolfo J. Paiz
2003-Oct-08 15:46 UTC
Rule for opening SSH (was: Re: [Shorewall-users] Re: Shorewall-users Digest, Vol 11, Issue 23)
At 16:33 10/8/2003, you wrote:>At 06:07 PM 10/8/2003, you wrote: > >The question is: > >1: When configuring for services, where are they considered running. > >What I mean is if I want to open ssh(22) so that I can get to it from > >the inside is it? > >ACCEPT loc fw 22 22 > >ACCEPT loc loc 22 22 > >Basically are services considered to be running on fw or loc? > > > >Currently I can not ssh when the firewall is running. > > >Correct rule is > >ACCEPT loc $FW 22 > >The rule is bogus .. > >Lady LinuxI am afraid the correction will not work either. I have # SSH access on tcp/22 ACCEPT loc fw tcp 22 You can use either "fw" or "$FW" interchangeably; the first is the name of the firewall zone, the second is a variable that contains "fw" so the result is the same. -- Rodolfo J. Paiz rpaiz@simpaticus.com