Robin Lynn Frank | 1 Jul 04:29 2003

Re: Slight glitch on new DSL setup

On Monday 30 June 2003 01:34 pm, Simon Edwards wrote:
> On Friday 27 June 2003 22:14, Robin Lynn Frank wrote:
> > I have a setup with 2 NICs eth0 for lan eth1, DHCP for DSL behind a
> > Netgear router.  I got everything going, except while I can connect with
> > the
>
> router's
>
> > built in config pages, I can't connect to the internet unless I disable
> > the firewall.  Everything works for the ppp0 connection we have as a
> > backup.
>
> Can
>
> > someone point me in the direction of what I've overlooked?
>
> What port does the config page run on? (What's URL look like?)
>
> cheers,

It appears to be a standard port 80 at 192.168.0.1.  I can bring up the config 
page with no problem.  It is when I try to get to the internet, I run into a 
brick (fire) wall.  I attempted to  insure I was doeing the same things I was 
for ppp0 for the nic behind the router.  Wheile the router makes me stealth 
on all the test sites I've tried, I'm, too paranoid to leave it at that..  I 
may have to open a few things up (making note of what I've done to see if I 
cure the problem, and then close things one at a time and see what causes it.

Now that I've got the connection settings solid, I can start tinkering with 
guarddog.
(Continue reading)

Japie | 1 Jul 09:58 2003
Picon

samba connection problem between 2internal interfaces.

Hello,

Keep runneing into trouble when trying to connect to other pc's on
another interface via samba.
I have 2 interfaces:
eth0 192.168.0.100 and wlan0 192.168.1.100 with 2 clients on every
interface.
Connections between clients on eth0 are no problem and between wlan
niether. (off-course, sinse they are direct, wihout firewall)
Connections from any client to the local samba server is no problem
either.
Only connecting from a wla0n client to a eth0 client doesn't work.
I created a zone LAN with zone-adress 192.168.0.0/24 and 192.168.0.255
and a zone WLAN with zone-adress 192.16810.0/24 and 192.168.1.255
Opend windows networking and netbios between local and LAN, local and
WLAN, LAN and WLAN, WLAN and LAN.
Ping from LAN to WLAN client works, so I don't know what to do anymore.
Please help me.
--

-- 
Groetjes Japie
http://japie.is.dreaming.org

-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01
Simon Edwards | 3 Jul 21:59 2003

Re: samba connection problem between 2internal interfaces.


On Tuesday 01 July 2003 09:58, Japie wrote:
> Keep runneing into trouble when trying to connect to other pc's on
> another interface via samba.
> I have 2 interfaces:
> eth0 192.168.0.100 and wlan0 192.168.1.100 with 2 clients on every
> interface.
> Connections between clients on eth0 are no problem and between wlan
> niether. (off-course, sinse they are direct, wihout firewall)
> Connections from any client to the local samba server is no problem
> either.
> Only connecting from a wla0n client to a eth0 client doesn't work.
> I created a zone LAN with zone-adress 192.168.0.0/24 and 192.168.0.255
> and a zone WLAN with zone-adress 192.16810.0/24 and 192.168.1.255
> Opend windows networking and netbios between local and LAN, local and
> WLAN, LAN and WLAN, WLAN and LAN.
> Ping from LAN to WLAN client works, so I don't know what to do anymore.

Are you using Guidedog to turn on routing? Does it work with Guarddog 
disabled?

cheers,

--

-- 
Simon Edwards             | Guarddog Firewall
simon <at> simonzone.com       | http://www.simonzone.com/software/
Nijmegen, The Netherlands | "ZooTV? You made the right choice."

-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
(Continue reading)

Simon Edwards | 3 Jul 22:05 2003

Re: Port Forwarding

Hi

On Friday 27 June 2003 23:53, Laurent Dellus wrote:
> I have Remotelyanywhere running on my lan at address 192.168.2.1 port 2000
> and I'm trying to access it from behind my firewall. I use guidedog port
> forwarding set to forward port 23 on the local firewall machine to
> 192.168.2.1 port 2000. It doesn't work no matter what I do. I opened port 23
> (Telnet) on the firwall, I tried to use other ports, nada.

You may have to set up Guarddog to allow internet machines to access 
192.168.2.1 port 2000. What does your system log say?

(Yes I need to work out what exactly is happening and make some good docs...)

cheers,

--

-- 
Simon Edwards             | Guarddog Firewall
simon <at> simonzone.com       | http://www.simonzone.com/software/
Nijmegen, The Netherlands | "ZooTV? You made the right choice."

-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01
Simon Edwards | 3 Jul 22:16 2003

Re: Configuring headless servers with Guarddog?

Hi,

On Thursday 26 June 2003 13:11, Jens Benecke wrote:
> I'm maintaining a couple of headless (especially X11- and KDE-less)
> servers which I would love to configure via Guarddog, remotely. And I think
> this is feasible with a few extra features in Guarddog.

> AFAIunderstand, Guarddog saves its settings in a files /etc/rc.firewall and
> the Guarddog package contains an init.d script to start this firewall. The
> GUI portion is only used to configure the firewall, after that the init.d
> script and rc.firewall do all the work.

Basically, 

> c) configure Guarddog to use e.g. SSH to save the rc.firewall script and

> d) make Guarddog absolutely ensure that the SSH line to the host being
> configured it always kept open, no matter what the user specifies for
> that host (and tell him/her about it),

Or automatically restore the old firewall automatically after 30 seconds, and 
during that time Guarddog could test if SSH still works. There's a few things 
that you could do.

Right now you can use the export function to get a copy of the firewall and 
then move it to the firewall machine manually.

But yes, that is a good suggestion, I have actually thought of it earlier too 
BTW. ummm... it's something for the future perhaps, but I'm also busy with a 
million other projects too. So don't hold your breath... =)
(Continue reading)

Japie | 4 Jul 20:39 2003
Picon

Re: samba connection problem between 2internal interfaces.

Op do 03-07-2003, om 21:59 schreef Simon Edwards:

> Are you using Guidedog to turn on routing? 

Yes, I included the rcfile.

> Does it work with Guarddog disabled?

No, it didn't. (sorry I didn't tested that before posting)
--

-- 
Groetjes Japie
http://japie.is.dreaming.org

Gnu/Linux
2.4.20-wolk4.1s i686

How dare the government intervene to stifle innovation in the computer
industry! That's Microsoft's job, dammit!
;^)

-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01
Ed | 6 Jul 03:01 2003
Picon

Port 138

Hi,

I have a LAN behind my linux/guarddog server.
I have netBIOS enabled in BOTH directions between the local zone and my LAN
zone.

Yet, I'm getting a lot of dropped messages like this:

Jul  5 20:47:23 main kernel: DROPPED IN= OUT=eth1 SRC=192.168.0.1
DST=192.168.0.23 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=49483 DF PROTO=TCP
SPT=139 DPT=1133 SEQ=1959070697 ACK=2734881775 WINDOW=6432 RES=0x00 ACK
URGP=0 
Jul  5 20:47:32 main kernel: DROPPED IN= OUT=eth1 SRC=192.168.0.1
DST=192.168.0.23 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=49732 DF PROTO=TCP
SPT=139 DPT=1113 SEQ=1350087568 ACK=2586456365 WINDOW=6432 RES=0x00 ACK
URGP=0 

192.168.0.23 is one of the machines on the LAN.
192.168.0.1  is the linux/guarddog server.

This seems to be related to copying files from the local zone to the LAN.

The source port is always 139.  The destination port varies.

What am I doing wrong.

Thanks,  Ed

-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
(Continue reading)

Morpheus | 10 Jul 11:46 2003

ICQ and stealth

Hello folks,

Unfortunately the archive appears to be down so I can't find out if this is 
a known issue but
I have recently installed Guarddog 2.1.5 from the RPM for Mandrake 9.1 and 
have noticed the following behaviour.

If I enable Yahoo or MSN Messenger in the Chat protocols then when doing a 
scan of my machine from sites such as grc and sygate
results in my machine being listed as stealthed. If I enable ICQ then 1024+ 
become closed instead of stealthed.  If this known behaviour
or have I found a bug. Whilst its not really as security risk per se it is 
slightly irritating as it is not particularly obvious why this is the case.

Thanks for your help,

Richard

-------------------------------------------------------
This SF.Net email sponsored by: Parasoft
Error proof Web apps, automate testing & more.
Download & eval WebKing and get a free book.
www.parasoft.com/bulletproofapps1
Ed | 13 Jul 22:40 2003
Picon

Destination ports (FreeNet)

Hi,

My understanding is that all destination ports are closed by default.
Please correct me if I'm wrong about this.

The problem is that I have tried to use FreeNet and can't because FN uses a
different destination port for each user.  Thus there are potentially
thousands of ports that would have to be open.

FreeNet requires that one inbound port (60395) be open and virtually all
outbound ports must be open.

Here are a couple of syslog items that showed up when I tried to run FN
(there were many, many more):

Jul 12 16:37:36 main kernel: DROPPED IN=eth1 OUT=eth0 SRC=192.168.0.24
DST=24.92.39.86 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=57960 DF PROTO=TCP
SPT=3412 DPT=5566 SEQ=4284363774 ACK=0 WINDOW=64240 RES=0x00 SYN URGP=0 OPT
(020405B401010402) 

Jul 12 16:37:36 main kernel: DROPPED IN=eth1 OUT=eth0 SRC=192.168.0.24
DST=147.46.115.61 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=57974 DF PROTO=TCP
SPT=3416 DPT=12891 SEQ=4285327033 ACK=0 WINDOW=64240 RES=0x00 SYN URGP=0 OPT
(020405B401010402) 

The source and destination ports are all different.  The source ports seem
to be running in sequence.

The source ip (192.168.0.24) is my Windows box which is on my LAN behind the
Guarddog/iptables firewall.  The destination ip's seem to be
(Continue reading)

Simon Edwards | 15 Jul 06:56 2003

Re: Port 138

Hi,

On Sunday 06 July 2003 03:01, Ed wrote:
> Jul  5 20:47:23 main kernel: DROPPED IN= OUT=eth1 SRC=192.168.0.1
> DST=192.168.0.23 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=49483 DF PROTO=TCP
> SPT=139 DPT=1133 SEQ=1959070697 ACK=2734881775 WINDOW=6432 RES=0x00 ACK
> URGP=0 

Looks like part of NetBIOS aka Windows Networking. Read the section in the 
manual about Windows Networking, and also make sure that you have it enabled 
boths ways for your LAN/Linux box.

cheers,

--

-- 
Simon Edwards             | Guarddog Firewall
simon <at> simonzone.com       | http://www.simonzone.com/software/
Nijmegen, The Netherlands | "ZooTV? You made the right choice."

-------------------------------------------------------
This SF.Net email sponsored by: Parasoft
Error proof Web apps, automate testing & more.
Download & eval WebKing and get a free book.
www.parasoft.com/bulletproofapps1

Gmane