Re: Getting Tftp to run with this Rule set

All of lore.kernel.org
 help / color / mirror / Atom feed

From: /dev/rob0 <rob0@gmx.co.uk>
To: netfilter@lists.netfilter.org
Subject: Re: Getting Tftp to run with this Rule set
Date: Thu, 11 Aug 2005 12:37:12 -0500	[thread overview]
Message-ID: <200508111237.12648.rob0@gmx.co.uk> (raw)
In-Reply-To: <42FB4FB2.5020904@us.ibm.com>

On Thursday 2005-August-11 08:16, Ralph Blach wrote:
> I have a Fedora 3 core 86_64 box running with this rule set as
> generated by the fedora firewall bring up.  Eth1 is a trusted

I haven't seen it recently, but I know that older versions of Fedora 
(and Red Hat) default firewalls are utterly useless. If you want to 
learn iptables yourself, fine; if not, look on freshmeat for something 
better. Just about anything you might find is probably better.

At this time I don't have something specific I can recommend. Before I 
learned iptables I used MonMotha's, but that's too complicated for my 
liking.

> What rule set do I add so that ports on eth1 above 1024 will be
> accessable on eth1 and tftp will work?

Wrong question. Use stateful inspection as described in the Packet 
Filtering HOWTO. The ipchains-style approach of opening high ports is a 
terrible idea, completely unnecessary with iptables.

I could answer your question, but I won't. It is documented in the 
manual, of course.

> Here is the rule set
> /etc/rc.d/init.d/iptables status

No, that's not. It doesn't tell us much at all. iptables-save(8) output 
is far more useful.
-- 
    mail to this address is discarded unless "/dev/rob0"
    or "not-spam" is in Subject: header

next prev parent reply	other threads:[~2005-08-11 17:37 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-08-11 13:16 Getting Tftp to run with this Rule set Ralph Blach
2005-08-11 17:37 ` /dev/rob0 [this message]
2005-08-11 17:52   ` Can someone recommend a good simple firewall script? /dev/rob0
2005-08-11 18:00     ` Tom Eastep
2005-08-11 19:06     ` Anthony DiSante

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=200508111237.12648.rob0@gmx.co.uk \
    --to=rob0@gmx.co.uk \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.