[nflug] speaking of firestarter
Cyber Source
peter at thecybersource.com
Tue Sep 26 12:24:30 EDT 2006
eric wrote:
> Does anyone know how to use firestarter for checking a user
>
> I want to only allow: ssh aCertainUser at mycomputer.net
>
> Thanks in advance,
> ERic
>
> eric wrote:
>
>
>> Have you viewed the Events tab? Click reload and you should see what's
>> happening.
>>
>> Frank Kumro wrote:
>>
>>
>>
>>
>>> I have firestarter installed on my local machine and i only have a
>>> older linksys router that goes to a switch for my network. The only
>>> change I made was adding port 4500 to firestarter and the linksys box.
>>> Also I cant seem to find any firewall logs in /var/log - where else
>>> could it be? As far as docs, nope.
>>>
>>> On 9/25/06, Bootz <eric at bootz.us> wrote:
>>>
>>>
>>>
>>>
>>>> check your firewall Frank. are you running firestarter or something
>>>> more elaborate... did you change anything with your firewall ...was it
>>>> upgraded automagically. Have you unplugged everything and restarted
>>>> ...have run dhcpclient??
>>>>
>>>> check your firewall logs ...firestarter is fun for watching events...
>>>>
>>>> Frank Kumro wrote:
>>>>
>>>>
>>>>
>>>>> More information...I can still connect to my firewall on my lan but I
>>>>> cannot get outside...looks like my dns is gone and here is the output
>>>>> of the vpnclient. Also I have allowed port 4500 access to my
>>>>> machine...
>>>>>
>>>>> **VPN OUTPUT***
>>>>> Authenticating user.
>>>>> Negotiating security policies.
>>>>> Securing communication channel.
>>>>>
>>>>> University at Buffalo
>>>>> VPN Concentrator
>>>>> 3 HOUR IDLE TIMER
>>>>> 24 HOUR MAX DURATION TIMER
>>>>>
>>>>> For your protection we monitor this system
>>>>> for unauthorized usage and abuse
>>>>>
>>>>> Do you wish to continue? (y/n): y
>>>>>
>>>>> Your VPN connection is secure.
>>>>>
>>>>> VPN tunnel information.
>>>>> Client address: 128.205.245.242
>>>>> Server address: 128.205.240.120
>>>>> Encryption: 128-bit AES
>>>>> Authentication: HMAC-SHA
>>>>> IP Compression: None
>>>>> NAT passthrough is active on port UDP 4500
>>>>> Local LAN Access is disabled
>>>>>
>>>>>
>>>>> On 9/25/06, Frank Kumro <fkumro at gmail.com> wrote:
>>>>>
>>>>>
>>>>>
>>>>>> For a little more information here is the output of /sbin/ifconfig
>>>>>> (UB section)
>>>>>>
>>>>>> cipsec0 Link encap:Ethernet HWaddr 00:0B:FC:F8:01:8F
>>>>>> inet addr:128.205.246.153 Mask:255.255.255.0
>>>>>> inet6 addr: fe80::20b:fcff:fef8:18f/64 Scope:Link
>>>>>> UP RUNNING NOARP MTU:1356 Metric:1
>>>>>> RX packets:0 errors:0 dropped:0 overruns:0 frame:0
>>>>>> TX packets:0 errors:0 dropped:10 overruns:0 carrier:0
>>>>>> collisions:0 txqueuelen:1000
>>>>>> RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
>>>>>>
>>>>>> a 128.205 is a UB address but it still kills all activity in/out :(
>>>>>>
>>>>>> On 9/25/06, pirrone <pirrone at localnet.com> wrote:
>>>>>>
>>>>>>
>>>>>>
>>>>>>> Frank Kumro wrote:
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>> I am running ubuntu 6.06 (2.6 kernel) and I have installed the
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>> vpn
>>>>
>>>>
>>>>
>>>>>>>> client from UB. It works and connects but when it does I no
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>> longer can
>>>>>>
>>>>>>
>>>>>>
>>>>>>>> use the internet and I am not connected to UB's even though it
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>> says I
>>>>>>
>>>>>>
>>>>>>
>>>>>>>> am...anyone have an ideas?
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>> Frank,
>>>>>>>
>>>>>>> I connect to my RedHat 8.0 server at school from my Fedora Core 3
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>> server
>>>>>>
>>>>>>
>>>>>>
>>>>>>> at home using pptp, modprobe ppp-compress-18, and route add -net
>>>>>>> 172.16.16.0 netmask 255.255.255.0 dev ppp1. Open the firewall
>>>>>>> (FireStarter for outgoing traffic on ppp1), pop up one of my
>>>>>>>
>>>>>>>
>>>>>>>
>>>> beloved
>>>>
>>>>
>>>>
>>>>>>> "invisible" Eterms (transparent, title-less, scroll-less,
>>>>>>>
>>>>>>>
>>>>>>>
>>>> frame-less)
>>>>
>>>>
>>>>
>>>>>>> floating ethereally above my stark FluxBox WM, and but right
>>>>>>>
>>>>>>>
>>>>>>>
>>>> into my
>>>>
>>>>
>>>>
>>>>>>> school server on its internal IP. In GKrellM I see the
>>>>>>>
>>>>>>>
>>>>>>>
>>>> appearance of
>>>>
>>>>
>>>>
>>>>>>> PPP1 in addition to the existing PPP0 when I run pptp and see the
>>>>>>> bi-directional traffic in both windows as I work to work and work
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>> to play.
>>>>>>
>>>>>>
>>>>>>
>>>>>>> Sorry, I have no ideas on solving your UB problem which may be
>>>>>>>
>>>>>>>
>>>>>>>
>>>> quite
>>>>
>>>>
>>>>
>>>>>>> unrelated to what I related above but everything is relative...
>>>>>>>
>>>>>>> Frank
>>>>>>> _______________________________________________
>>>>>>> nflug mailing list
>>>>>>> nflug at nflug.org
>>>>>>> http://www.nflug.org/mailman/listinfo/nflug
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>> --
>>>>>> Frank
>>>>>> Shenanigans!!
>>>>>> I do the voodoo that I do do with sudo!
>>>>>> http://www.syncoder.com
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>>
>>>> _______________________________________________
>>>> nflug mailing list
>>>> nflug at nflug.org
>>>> http://www.nflug.org/mailman/listinfo/nflug
>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>>
>> _______________________________________________
>> nflug mailing list
>> nflug at nflug.org
>> http://www.nflug.org/mailman/listinfo/nflug
>>
>>
>>
>
> _______________________________________________
> nflug mailing list
> nflug at nflug.org
> http://www.nflug.org/mailman/listinfo/nflug
>
>
I haven't used it in a while but I know you can create rules based on IP
and possibly MAC address.
_______________________________________________
nflug mailing list
nflug at nflug.org
http://www.nflug.org/mailman/listinfo/nflug
More information about the nflug
mailing list