Re: HELP ! ipfw et natd
From: Ludek Frybort (frybort_at_amit.cz)
Date: 12/06/03
- Next message: George Reitsma: "Thunderbird 0.3 crashes, alternatives?"
- Previous message: Manuel Treitinger: "FBSD and GTK2..."
- In reply to: ferdydurke: "Re: HELP ! ipfw et natd"
- Next in thread: jpd: "Re: HELP ! ipfw et natd"
- Reply: jpd: "Re: HELP ! ipfw et natd"
- Reply: ferdydurke: "Re: HELP ! ipfw et natd"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Sat, 06 Dec 2003 22:02:57 +0100
Hi,
ferdydurke wrote:
>
> [snip]
>
> 00501 0 0 allow udp from 81.249.237.84 67 to any 68 in recv rl0
> 00503 10 3170 allow udp from any 67 to 255.255.255.255 68 in recv rl0
>
> I don't understand what do you want me to do on rule 501, what to fix ?
The rule 501 allows DHCP packets from an IP address. I don't know what
the IP address above is supposed to be (I though it was what you
supposed to be your DHCP-server), but I can see that the rule isn't
getting any hits. So I suppose the IP address is incorrect and needs to
be fixed.
> the DHCP server is my ethernet modem which adress is 192.168.0.1
Then I suggest you change the rule 501 to:
00501 allow udp from 192.168.0.1 67 to any 68 in recv rl0
The result should be that the rule 501 starts slowly getting hits, while
the rule 503 stops getting any. If so, you can remove the rule 503 and
than you are secured.
> [snip]
> God ! a 2.2.7 version ? isn't to old ?
Ancient. But still not too old to do the job it's doing.
> I suppose it is your machine at job
> and you don't use it as a desktop machine but only for a server.
Yes. A gateway/firewall, a SMTP/POP3 server, a http-server.
No keyboard nor monitor attached. Neither has been needed since the
installation in 1999 [1].
[1] Well, frankly, I attached the monitor once in the 2000, after I
mistakenly typed "kill 1" (as root) in a remote session, and didn't
understand what was happening - just knew that I couldn't connect to the
box anymore. So I attached the monitor to see what was happening (and to
reconnect to the web to be able to search for info on what I had done
when I killed "1", and slap my forehead hard and repeatedly when I found
out).
> You can't have all the newest applications.
Don't need any there. Just a couple of daemons and the ones that are
there "aren't broken" as well.
> I suppose there is a part of the handbook where I can have explanations
> about upgrading daemons ?
I'm sure there is. See description of the ports collection (applies to a
reasonably fresh OS-version, on the ancient system I have to build apps
from source).
> How long have you been computing ?
11 years. I mean professionally.
> What counsel can you give me about programming ? I mean I am just about to
> learn some languages, for hobby first and perhaps later for my job. I would
> like to have a dynamic web site, with data bases, maps, possibly with open
> source softs, under unix, and I have heard about zope platform, python, and
> other stuff...
I don't think I'm the right person to give you advice on that. You know,
apart from som client-side scripting in web pages (which I do in
javascript) and some shell scripting on the FreeBSD box, I do almost
everything in the "C" language. But that's not because I think "C" is
generally the best tool for all the jobs (and it's definitely not the
path I would recommend to a beginner). The reason is that it's the
language I'm most "fluent" in, and therefore _for_me_ it's the right
tool for dealing even with occassional tasks that I suspect would be
much easier done in perl, php, python... But I'd have to learn them and
an ocassional task that can be solved by 20 to 100 lines in "C" simply
isn't worth it. Your mileage _will_ vary.
So I suggest you ask this question in a general computing-related group,
or even in this group (I seem to recall questions like this answered
right here) in a separate thread - I don't suppose anyone is following
this longish thread that has turned into a 1-on-1 conversation.
But be prepared to hear contradicting advice from the advocates of
different languages.
Ludek
- Next message: George Reitsma: "Thunderbird 0.3 crashes, alternatives?"
- Previous message: Manuel Treitinger: "FBSD and GTK2..."
- In reply to: ferdydurke: "Re: HELP ! ipfw et natd"
- Next in thread: jpd: "Re: HELP ! ipfw et natd"
- Reply: jpd: "Re: HELP ! ipfw et natd"
- Reply: ferdydurke: "Re: HELP ! ipfw et natd"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
