Menu
▾
▴
devil-linux-discuss
|
From: Moray M. <mmc...@ox...> - 2006-06-06 14:37:40
|
Sorry, my mistake, didn't quite read it correctly. I see that you are = updating the copy on the floppy (presumably in the archive file). Best = would be to update the file on the server first (before updating on the = floppy), then you can test it before you save it to the config. You can = get it onto the server using scp, if your server is running ssh. Then = you can run it using /etc/init.d/firewall.rules to test.=20 Once it is on the server, you can save it (like your whole config) with = save-config, or write it directly on the floppy the way you have been. Yours, Moray =20 -------------------------------------=20 Moray McConnachie IS Manager +44 1865 261 600 Oxford Analytica http://www.oxan.com -----Original Message----- From: Moray McConnachie=20 Sent: 06 June 2006 15:34 To: 'dev...@li...' Subject: RE: [Devil-Linux-discuss] fw question Yes, just run the rules using /etc/init.d/firewall.rules. M. ------------------------------------- Moray McConnachie IS Manager +44 1865 261 600 Oxford Analytica http://www.oxan.com -----Original Message----- From: dev...@li... = [mailto:dev...@li...] On Behalf Of = gro...@un... Sent: 06 June 2006 15:30 To: dev...@li... Subject: [Devil-Linux-discuss] fw question Hi all! I'm a really new user in DL world so I apologize if this is a dumb = question. I configured it to use as a firewall with fwbuilder to generate rules. I=B4ve installed fwbuilder in another machine which I use to compile the = rules and update /etc/init.d/firewall.rules in the floppy. Then I reboot = the firewall so it loads the new configuration. The question is: is = there a way I can reload the firewall's rules avoiding a reboot? Thank you very much Gustavo --------------------------------------------------------- Este mensaje ha sido enviado desde WebMail UNR usando IMP _______________________________________________ Devil-linux-discuss mailing list Dev...@li... https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss =20 |
|
From: Matthew H. <mat...@va...> - 2006-06-06 16:32:28
|
Shouldn't the command be "ip route" not iproute? Just something to grep for. -----Original Message----- From: dev...@li... = [mailto:dev...@li...] On Behalf Of = gro...@un... Sent: 06 June 2006 17:20 To: dev...@li... Subject: Re: [Devil-Linux-discuss] fw question Hi Moray. I had already tried that, but when I run /etc/init.d/firewall.rules = there's a message that says "iproute not found" and the rules aren't reloaded. I = don't know why but when I reboot this doesn't happen and the script runs = normally. Next is part of the script where I think the mistake must be in: LSMOD=3D"sbin/lsmod" MODPROBE=3D"sbin/modprobe" IPTABLES=3D"usr/sbin/iptables" IPTABLES_RESTORE=3D"usr/sbin/iptables-restore" IP=3D"usr/sbin/ip" LOGGER=3D"usr/bin/logger" if $IP link ls >/dev/null 2>&1; then echo; else echo "iproute not found" exit 1 fi echo 1 > /proc/sys/net/ipv4/conf/all/accept_redirects echo 30 > /proc/sys/net/ipv4/tcp_fin_timeout echo 1800 > /proc/sys/net/ipv4/tcp_keepalive_intvl I checked all the routes (specially usr/bin/ip) and they are correct = (besides, it works fine when I reboot, as I said). Something important I ommited before: the machine running DL boots from = a CD and loads etc.tar.bz2 from the floppy drive, it has no hard drive. Any clues? Thanks Gustavo Mensaje citado por Moray McConnachie <mmc...@ox...>: > Sorry, my mistake, didn't quite read it correctly. I see that you are > updating the copy on the floppy (presumably in the archive file). Best = would > be to update the file on the server first (before updating on the = floppy), > then you can test it before you save it to the config. You can get it = onto > the server using scp, if your server is running ssh. Then you can run = it > using /etc/init.d/firewall.rules to test. > > Once it is on the server, you can save it (like your whole config) = with > save-config, or write it directly on the floppy the way you have been. > > Yours, > Moray > > > ------------------------------------- > Moray McConnachie > IS Manager +44 1865 261 600 > Oxford Analytica http://www.oxan.com > > -----Original Message----- > From: Moray McConnachie > Sent: 06 June 2006 15:34 > To: 'dev...@li...' > Subject: RE: [Devil-Linux-discuss] fw question > > Yes, just run the rules using /etc/init.d/firewall.rules. > > M. > > > ------------------------------------- > Moray McConnachie > IS Manager +44 1865 261 600 > Oxford Analytica http://www.oxan.com > > -----Original Message----- > From: dev...@li... > [mailto:dev...@li...] On Behalf = Of > gro...@un... > Sent: 06 June 2006 15:30 > To: dev...@li... > Subject: [Devil-Linux-discuss] fw question > > Hi all! > I'm a really new user in DL world so I apologize if this is a dumb = question. > I configured it to use as a firewall with fwbuilder to generate rules. > I=B4ve installed fwbuilder in another machine which I use to compile = the rules > and update /etc/init.d/firewall.rules in the floppy. Then I reboot the > firewall so it loads the new configuration. The question is: is there = a way I > can reload the firewall's rules avoiding a reboot? > Thank you very much > > Gustavo > > --------------------------------------------------------- > Este mensaje ha sido enviado desde WebMail UNR usando IMP > > > > _______________________________________________ > Devil-linux-discuss mailing list > Dev...@li... > https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss > > > > > > _______________________________________________ > Devil-linux-discuss mailing list > Dev...@li... > https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss > --------------------------------------------------------- Este mensaje ha sido enviado desde WebMail UNR usando IMP _______________________________________________ Devil-linux-discuss mailing list Dev...@li... https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss |
|
From: Matthew H. <mat...@va...> - 2006-06-06 16:33:13
|
Ignore me, im being an idiot. -----Original Message----- From: dev...@li... = [mailto:dev...@li...] On Behalf Of = gro...@un... Sent: 06 June 2006 17:20 To: dev...@li... Subject: Re: [Devil-Linux-discuss] fw question Hi Moray. I had already tried that, but when I run /etc/init.d/firewall.rules = there's a message that says "iproute not found" and the rules aren't reloaded. I = don't know why but when I reboot this doesn't happen and the script runs = normally. Next is part of the script where I think the mistake must be in: LSMOD=3D"sbin/lsmod" MODPROBE=3D"sbin/modprobe" IPTABLES=3D"usr/sbin/iptables" IPTABLES_RESTORE=3D"usr/sbin/iptables-restore" IP=3D"usr/sbin/ip" LOGGER=3D"usr/bin/logger" if $IP link ls >/dev/null 2>&1; then echo; else echo "iproute not found" exit 1 fi echo 1 > /proc/sys/net/ipv4/conf/all/accept_redirects echo 30 > /proc/sys/net/ipv4/tcp_fin_timeout echo 1800 > /proc/sys/net/ipv4/tcp_keepalive_intvl I checked all the routes (specially usr/bin/ip) and they are correct = (besides, it works fine when I reboot, as I said). Something important I ommited before: the machine running DL boots from = a CD and loads etc.tar.bz2 from the floppy drive, it has no hard drive. Any clues? Thanks Gustavo Mensaje citado por Moray McConnachie <mmc...@ox...>: > Sorry, my mistake, didn't quite read it correctly. I see that you are > updating the copy on the floppy (presumably in the archive file). Best = would > be to update the file on the server first (before updating on the = floppy), > then you can test it before you save it to the config. You can get it = onto > the server using scp, if your server is running ssh. Then you can run = it > using /etc/init.d/firewall.rules to test. > > Once it is on the server, you can save it (like your whole config) = with > save-config, or write it directly on the floppy the way you have been. > > Yours, > Moray > > > ------------------------------------- > Moray McConnachie > IS Manager +44 1865 261 600 > Oxford Analytica http://www.oxan.com > > -----Original Message----- > From: Moray McConnachie > Sent: 06 June 2006 15:34 > To: 'dev...@li...' > Subject: RE: [Devil-Linux-discuss] fw question > > Yes, just run the rules using /etc/init.d/firewall.rules. > > M. > > > ------------------------------------- > Moray McConnachie > IS Manager +44 1865 261 600 > Oxford Analytica http://www.oxan.com > > -----Original Message----- > From: dev...@li... > [mailto:dev...@li...] On Behalf = Of > gro...@un... > Sent: 06 June 2006 15:30 > To: dev...@li... > Subject: [Devil-Linux-discuss] fw question > > Hi all! > I'm a really new user in DL world so I apologize if this is a dumb = question. > I configured it to use as a firewall with fwbuilder to generate rules. > I=B4ve installed fwbuilder in another machine which I use to compile = the rules > and update /etc/init.d/firewall.rules in the floppy. Then I reboot the > firewall so it loads the new configuration. The question is: is there = a way I > can reload the firewall's rules avoiding a reboot? > Thank you very much > > Gustavo > > --------------------------------------------------------- > Este mensaje ha sido enviado desde WebMail UNR usando IMP > > > > _______________________________________________ > Devil-linux-discuss mailing list > Dev...@li... > https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss > > > > > > _______________________________________________ > Devil-linux-discuss mailing list > Dev...@li... > https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss > --------------------------------------------------------- Este mensaje ha sido enviado desde WebMail UNR usando IMP _______________________________________________ Devil-linux-discuss mailing list Dev...@li... https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss |
|
From: <gro...@un...> - 2006-06-06 16:20:30
|
Hi Moray. I had already tried that, but when I run /etc/init.d/firewall.rules there= 's a message that says "iproute not found" and the rules aren't reloaded. I do= n't know why but when I reboot this doesn't happen and the script runs normal= ly. Next is part of the script where I think the mistake must be in: LSMOD=3D"sbin/lsmod" MODPROBE=3D"sbin/modprobe" IPTABLES=3D"usr/sbin/iptables" IPTABLES_RESTORE=3D"usr/sbin/iptables-restore" IP=3D"usr/sbin/ip" LOGGER=3D"usr/bin/logger" if $IP link ls >/dev/null 2>&1; then echo; else echo "iproute not found" exit 1 fi echo 1 > /proc/sys/net/ipv4/conf/all/accept_redirects echo 30 > /proc/sys/net/ipv4/tcp_fin_timeout echo 1800 > /proc/sys/net/ipv4/tcp_keepalive_intvl I checked all the routes (specially usr/bin/ip) and they are correct (bes= ides, it works fine when I reboot, as I said). Something important I ommited before: the machine running DL boots from a= CD and loads etc.tar.bz2 from the floppy drive, it has no hard drive. Any clues? Thanks Gustavo Mensaje citado por Moray McConnachie <mmc...@ox...>: > Sorry, my mistake, didn't quite read it correctly. I see that you are > updating the copy on the floppy (presumably in the archive file). Best = would > be to update the file on the server first (before updating on the flopp= y), > then you can test it before you save it to the config. You can get it o= nto > the server using scp, if your server is running ssh. Then you can run i= t > using /etc/init.d/firewall.rules to test. > > Once it is on the server, you can save it (like your whole config) with > save-config, or write it directly on the floppy the way you have been. > > Yours, > Moray > > > ------------------------------------- > Moray McConnachie > IS Manager +44 1865 261 600 > Oxford Analytica http://www.oxan.com > > -----Original Message----- > From: Moray McConnachie > Sent: 06 June 2006 15:34 > To: 'dev...@li...' > Subject: RE: [Devil-Linux-discuss] fw question > > Yes, just run the rules using /etc/init.d/firewall.rules. > > M. > > > ------------------------------------- > Moray McConnachie > IS Manager +44 1865 261 600 > Oxford Analytica http://www.oxan.com > > -----Original Message----- > From: dev...@li... > [mailto:dev...@li...] On Behalf Of > gro...@un... > Sent: 06 June 2006 15:30 > To: dev...@li... > Subject: [Devil-Linux-discuss] fw question > > Hi all! > I'm a really new user in DL world so I apologize if this is a dumb ques= tion. > I configured it to use as a firewall with fwbuilder to generate rules. > I=B4ve installed fwbuilder in another machine which I use to compile th= e rules > and update /etc/init.d/firewall.rules in the floppy. Then I reboot the > firewall so it loads the new configuration. The question is: is there a= way I > can reload the firewall's rules avoiding a reboot? > Thank you very much > > Gustavo > > --------------------------------------------------------- > Este mensaje ha sido enviado desde WebMail UNR usando IMP > > > > _______________________________________________ > Devil-linux-discuss mailing list > Dev...@li... > https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss > > > > > > _______________________________________________ > Devil-linux-discuss mailing list > Dev...@li... > https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss > --------------------------------------------------------- Este mensaje ha sido enviado desde WebMail UNR usando IMP |
|
From: Moray M. <mmc...@ox...> - 2006-06-06 16:32:58
|
Is it possible you are not running the script as root? Also, it's = probably just a typo in your mail, but you wrote in your email = "specially usr/bin/ip", and the script says /usr/sbin/ip... ? M. -------------------------------------=20 Moray McConnachie IS Manager +44 1865 261 600 Oxford Analytica http://www.oxan.com -----Original Message----- From: dev...@li... = [mailto:dev...@li...] On Behalf Of = gro...@un... Sent: 06 June 2006 17:20 To: dev...@li... Subject: Re: [Devil-Linux-discuss] fw question Hi Moray. I had already tried that, but when I run /etc/init.d/firewall.rules = there's a message that says "iproute not found" and the rules aren't = reloaded. I don't know why but when I reboot this doesn't happen and the = script runs normally. Next is part of the script where I think the mistake must be in: LSMOD=3D"sbin/lsmod" MODPROBE=3D"sbin/modprobe" IPTABLES=3D"usr/sbin/iptables" IPTABLES_RESTORE=3D"usr/sbin/iptables-restore" IP=3D"usr/sbin/ip" LOGGER=3D"usr/bin/logger" if $IP link ls >/dev/null 2>&1; then echo; else echo "iproute not found" exit 1 fi echo 1 > /proc/sys/net/ipv4/conf/all/accept_redirects echo 30 > /proc/sys/net/ipv4/tcp_fin_timeout echo 1800 > /proc/sys/net/ipv4/tcp_keepalive_intvl I checked all the routes (specially usr/bin/ip) and they are correct = (besides, it works fine when I reboot, as I said). Something important I ommited before: the machine running DL boots from = a CD and loads etc.tar.bz2 from the floppy drive, it has no hard drive. Any clues? Thanks Gustavo Mensaje citado por Moray McConnachie <mmc...@ox...>: > Sorry, my mistake, didn't quite read it correctly. I see that you are=20 > updating the copy on the floppy (presumably in the archive file). Best = > would be to update the file on the server first (before updating on=20 > the floppy), then you can test it before you save it to the config.=20 > You can get it onto the server using scp, if your server is running=20 > ssh. Then you can run it using /etc/init.d/firewall.rules to test. > > Once it is on the server, you can save it (like your whole config)=20 > with save-config, or write it directly on the floppy the way you have = been. > > Yours, > Moray > > > ------------------------------------- > Moray McConnachie > IS Manager +44 1865 261 600 > Oxford Analytica http://www.oxan.com > > -----Original Message----- > From: Moray McConnachie > Sent: 06 June 2006 15:34 > To: 'dev...@li...' > Subject: RE: [Devil-Linux-discuss] fw question > > Yes, just run the rules using /etc/init.d/firewall.rules. > > M. > > > ------------------------------------- > Moray McConnachie > IS Manager +44 1865 261 600 > Oxford Analytica http://www.oxan.com > > -----Original Message----- > From: dev...@li... > [mailto:dev...@li...] On Behalf=20 > Of gro...@un... > Sent: 06 June 2006 15:30 > To: dev...@li... > Subject: [Devil-Linux-discuss] fw question > > Hi all! > I'm a really new user in DL world so I apologize if this is a dumb = question. > I configured it to use as a firewall with fwbuilder to generate rules. > I=B4ve installed fwbuilder in another machine which I use to compile = the=20 > rules and update /etc/init.d/firewall.rules in the floppy. Then I=20 > reboot the firewall so it loads the new configuration. The question=20 > is: is there a way I can reload the firewall's rules avoiding a = reboot? > Thank you very much > > Gustavo > > --------------------------------------------------------- > Este mensaje ha sido enviado desde WebMail UNR usando IMP > > > > _______________________________________________ > Devil-linux-discuss mailing list > Dev...@li... > https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss > > > > > > _______________________________________________ > Devil-linux-discuss mailing list > Dev...@li... > https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss > --------------------------------------------------------- Este mensaje ha sido enviado desde WebMail UNR usando IMP _______________________________________________ Devil-linux-discuss mailing list Dev...@li... https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss =20 |
|
From: Dick M. <di...@li...> - 2006-06-06 16:35:44
|
gro...@un... wrote: > Hi Moray. > I had already tried that, but when I run /etc/init.d/firewall.rules there's a > message that says "iproute not found" and the rules aren't reloaded. I don't > know why but when I reboot this doesn't happen and the script runs normally. > Next is part of the script where I think the mistake must be in: > > LSMOD="sbin/lsmod" > MODPROBE="sbin/modprobe" > IPTABLES="usr/sbin/iptables" > IPTABLES_RESTORE="usr/sbin/iptables-restore" > IP="usr/sbin/ip" > LOGGER="usr/bin/logger" There's no leading '/' on your paths. You need to fix this in fwbuilder under, I think, OS options. Dick |
|
From: <gro...@un...> - 2006-06-06 16:56:37
|
That was exactly the problem! Thank you guys... Mensaje citado por Dick Middleton <di...@li...>: > gro...@un... wrote: > > Hi Moray. > > I had already tried that, but when I run /etc/init.d/firewall.rules t= here's > a > > message that says "iproute not found" and the rules aren't reloaded. = I > don't > > know why but when I reboot this doesn't happen and the script runs > normally. > > Next is part of the script where I think the mistake must be in: > > > > LSMOD=3D"sbin/lsmod" > > MODPROBE=3D"sbin/modprobe" > > IPTABLES=3D"usr/sbin/iptables" > > IPTABLES_RESTORE=3D"usr/sbin/iptables-restore" > > IP=3D"usr/sbin/ip" > > LOGGER=3D"usr/bin/logger" > > There's no leading '/' on your paths. You need to fix this in fwbuilde= r > under, I think, OS options. > > Dick > > > _______________________________________________ > Devil-linux-discuss mailing list > Dev...@li... > https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss > --------------------------------------------------------- Este mensaje ha sido enviado desde WebMail UNR usando IMP |
