-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I have just subscribed to this list but haven''t received any email confirmation yet. Sorry if I am doing something wrong ;-) I have just installed sorewall 1.4.8 on a debian box (debian package from backports.org) and everything seems to be working as expected but one thing: I am unable to close tcp 1755. No matter what I do, this port remains open to the outside world :-( My box acts as a router for my local network; it has two network cards (eth0 and eth1, eth0 pointing to internet and eth1 to the local net through a switch). I have looked through my /etc/shorewall and shorewall''s doc to no avail; I can find no reference to that port in my config; however the port refuses to shut down. I haver tried adding this rule to my rules file: DROP net fw tcp 1755 but it doesn''t work either. Of course, every other port on the firewall is working as expected. Could somebody shed some light on the matter, please? - -- Un saludo. Antonio <antonio@escomposlinux.org> Servicio de news de ecolnet: escribe a newsmaster@escomposlinux.org Servidor de irc: irc.escomposlinux.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFABvA72t+2vrJ8PLURArdgAKC4KjWPPjYR/ZAn7viFYVnYX4ujfACfTAYI I0uCGD9fYB9xhJuf7VLY7HQ=D+Mf -----END PGP SIGNATURE-----
On Thu, 15 Jan 2004, Antonio Aneiros wrote:> I have just installed sorewall 1.4.8 on a debian box (debian package > from backports.org) > and everything seems to be working as expected but one thing: I am > unable to close tcp > 1755. No matter what I do, this port remains open to the outside world :-(Do you mean the box is accepting connections on port 1755 or that there is a program running with port 1755 open? A program can listen for connections even though the firewall is blocking connections.> > I have looked through my /etc/shorewall and shorewall''s doc to no avail; > I can find no > reference to that port in my config; however the port refuses to shut down. > > I haver tried adding this rule to my rules file: > > DROP net fw tcp 1755 > > but it doesn''t work either. >a quick google says it''s for Windows Media 9 streaming servers. --donald -- Donald Z. Cowart -- Senior System Administrator Children''s Oncology Group -- Research Data Center 104 N. Main Street, Gainesville, Fl 32601 Email: dcowart@cog.ufl.edu (G)AIM: slackfive http://www.cowart.info/ ---- CONFIDENTIALITY NOTICE: The information contained in this electronic message is legally privileged and confidential and intended only for the use of the individual(s) or entity(ies) named above. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution, or copying of this email or any of it''s components is strictly prohibited. If you have received this email in error, please contact the sender. ----
On Thursday 15 January 2004 11:55 am, Antonio Aneiros wrote:> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi, I have just subscribed to this list but haven''t received any email > confirmation yet. > Sorry if I am doing something wrong ;-) > > I have just installed sorewall 1.4.8 on a debian box (debian package > from backports.org) > and everything seems to be working as expected but one thing: I am > unable to close tcp > 1755. No matter what I do, this port remains open to the outside world :-(You have of course read FAQ 4b? -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
Hi, I have just subscribed to this list but haven''t received any email confirmation yet. Sorry if I am doing something wrong ;-) I have just installed sorewall 1.4.8 on a debian box (debian package from backports.org) and everything seems to be working as expected but one thing: I am unable to close tcp 1755. No matter what I do, this port remains open to the outside world :-( My box acts as a router for my local network; it has two network cards (eth0 and eth1, eth0 pointing to internet and eth1 to the local net through a switch). I have looked through my /etc/shorewall and shorewall''s doc to no avail; I can find no reference to that port in my config; however the port refuses to shut down. I haver tried adding this rule to my rules file: DROP net fw tcp 1755 but it doesn''t work either. Of course, every other port on the firewall is working as expected. Could somebody shed some light on the matter, please? - -- Un saludo. Antonio <antonio@escomposlinux.org> Servicio de news de ecolnet: escribe a newsmaster@escomposlinux.org Servidor de irc: irc.escomposlinux.org ============================================ You may want to check out the following about streaming and firewalling...Google is your firend http://video.iucc.ac.il/html/html_heb/WinFirewall.htm
Antonio Aneiros wrote:> > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi, I have just subscribed to this list but haven''t received any email > confirmation yet. > Sorry if I am doing something wrong ;-) > > I have just installed sorewall 1.4.8 on a debian box (debian package > from backports.org) > and everything seems to be working as expected but one thing: I am > unable to close tcp > 1755. No matter what I do, this port remains open to the outside world :-( > > My box acts as a router for my local network; it has two network cards > (eth0 and eth1, eth0 > pointing to internet and eth1 to the local net through a switch). > > I have looked through my /etc/shorewall and shorewall''s doc to no avail; > I can find no > reference to that port in my config; however the port refuses to shut down. > > I haver tried adding this rule to my rules file: > > DROP net fw tcp 1755 > > but it doesn''t work either.Just a question, Antonio. What does netstat -an on the router show? If your policy file has: net all DROP then your problem should be resolved. Regards, -- Patrick Benson Stockholm, Sweden
On Thursday 15 January 2004 01:55 pm, Bill.Light@kp.org wrote:> Hi, I have just subscribed to this list but haven''t received any email > confirmation yet. > Sorry if I am doing something wrong ;-) > > I have just installed sorewall 1.4.8 on a debian box (debian package > from backports.org) > and everything seems to be working as expected but one thing: I am > unable to close tcp > 1755. No matter what I do, this port remains open to the outside world :-( > > My box acts as a router for my local network; it has two network cards > (eth0 and eth1, eth0 > pointing to internet and eth1 to the local net through a switch). > > I have looked through my /etc/shorewall and shorewall''s doc to no avail; > I can find no > reference to that port in my config; however the port refuses to shut > down. > > I haver tried adding this rule to my rules file: > > DROP net fw tcp 1755 > > but it doesn''t work either. > > Of course, every other port on the firewall is working as expected. > > Could somebody shed some light on the matter, please?We could ask some questions as well: a) What do you mean by saying "this port remains open to the outside world"? How are you testing that assertion. b) Are you talking about UDP port 1755 or TCP port 1755? c) On the firewall: tcpdump -ni <your external interface> port 1755 or icmp Now try whatever you are doing in answer to a). Does tcpdump display any traffic? -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
hi, with this rule, you only block the connection to the firewall itself, try DROP net fw tcp 1755 DROP net fw udp 1755 DROP net loc tcp 1755 DROP net loc udp 1755 this rules will ensure that shorewall will block the connection to your local network too. am>I haver tried adding this rule to my rules file: > >DROP net fw tcp 1755 > >but it doesn''t work either. >> >> -++++++++++++++++++++++++++++++++++++++++- Razham Misra, Abdul Razak (CCNP,CCNA,MCP-W2K,MCP-NT4) 07762068227 Freelance Network/Security Consultant PHP/MySQL Developer Freelance Linux Consultant. -++++++++++++++++++++++++++++++++++++++++- - --------------------------------------------- "A player that makes a team great is more valuable than a great team" - --------------------------------------------- -++++++++++++++++++++++++++++++++++++++++- Razham Misra, Abdul Razak (CCNP,CCNA,MCP-W2K,MCP-NT4) 07793055032 Freelance Network/Security Consultant LAMP Application Developer Freelance Linux Consultant. -++++++++++++++++++++++++++++++++++++++++- - --------------------------------------------- "A player that makes a team great is more valuable than a great team" - ---------------------------------------------
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, first of all, sorry if I am sending this message twice as I made a little mistake in the process of subscribing to the list ;-) I have just installed sorewall 1.4.8 on a debian box (debian package from backports.org) and everything seems to be working as expected but one thing: I am unable to close tcp 1755. No matter what I do, this port remains open to the outside world :-( My box acts as a router for my local network; it has two network cards (eth0 and eth1, eth0 pointing to internet and eth1 to the local net through a switch). I have looked through my /etc/shorewall and shorewall''s doc to no avail; I can find no reference to that port in my config; however the port refuses to shut down. I haver tried adding this rule to my rules file: DROP net fw tcp 1755 but it doesn''t work either. Of course, every other port on the firewall is working as expected. Could somebody shed some light on the matter, please? - -- Un saludo. Antonio <antonio@escomposlinux.org> Servicio de news de ecolnet: escribe a newsmaster@escomposlinux.org Servidor de irc: irc.escomposlinux.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFACXkq2t+2vrJ8PLURAj7yAKCNryZRPOE8AOFSJXzALey82kzieACgpFW9 fy25/gWCn0DmlQU04Zl1KpM=BWUJ -----END PGP SIGNATURE-----
On Saturday 17 January 2004 10:04 am, Antonio Aneiros wrote:> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > Hi, first of all, sorry if I am sending this message twice as I made a > little > mistake in the process of subscribing to the list ;-) >Then look at the archives -- don''t expect everyone to post their responses again (and there have been quite a few responses). -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net