Tom Eastep
2004-Mar-03 20:05 UTC
Re: [Shorewall-newbies] 2 IPs and Three Interface firewall
On Wed, 3 Mar 2004, electro jacs wrote:> > > and if that happens, since I make to allow all traffic clean without the > > > rules of firewall? > > > >No -- but you can add rules specifically for that IP address to allow it > >any > >access that you want to give it. To give the IP complete access in and out, > >you can add these at the top of /etc/shorewall/rules: > > > >ACCEPT loc:200.x.x.195 all all > >ACCEPT all loc:200.x.x.195 all > > > >-Tom > > ok Mr Tom , that rule was added > but I scan with NMAP and it shows this to : > /* > [root@totalweb root]# nmap 200.x.x.194 > Starting nmap 3.48 ( http://www.insecure.org/nmap/ ) at 2004-03-03 14:12 COT > Note: Host seems down. If it is really up, but blocking our ping probes, try > -P0Nmap run completed -- 1 IP address (0 hosts up) scanned in 12.061 seconds > [root@totalweb root]# > */ > the computer that has the IP 200.x.x.194, sails correctly and apparently all > this good, and I scan I did it from another computer in Internet > that I could be badly configured?I don''t understand -- a) The rules I gave you were for IP address 200.x.x.195 b) You claim that nmap doesn''t work; yet c) You say that the IP 200.x.x.194 "sails correctly" We are loosing something in the translation... -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net