extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-08-16 11:44:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

Shorewall-1.4.7a

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@774 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep
2003-10-21 22:22:44 +00:00
parent f6c8974bda
commit 7bb80bf3fe
16 changed files with 1112 additions and 1003 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
STABLE/documentation/FAQ.htm
View File

@ -173,7 +173,15 @@ only<b> from specific IP Addresses</b> on the internet?</a><br>
options in nmap</b> on or behind the firewall, I get "<b>operation not
permitted</b>". How can I use nmap with Shorewall?"</a><br>
<br>
<b>27. </b><a href="#faq27">I am compiling a <b>new kernel</b> for my
<b><span style="font-weight: bold;">26a.&nbsp; </span></b><a
href="#faq26a">When I try
to use the <span style="font-weight: bold;">"-O" option of nmap</span>
from the firewall system, I get "<span style="font-weight: bold;">operation
not permitted". </span>How to I allow this option?</a><b><span
style="font-weight: bold;"><a href="#faq26a"> </a><br>
<br>
</span>27. </b><a href="#faq27">I am compiling a <b>new kernel</b>
for my
firewall<b>.</b> What should I look out for?</a><br>
<br>
<b>28. </b><a href="#faq28">How do I use Shorewall as a <b>Bridging
@ -1079,13 +1087,22 @@ Shorewall</b> I am <b>running</b>?<br>
At the shell prompt, type:<br>
<br>
<font color="#009900"><b> /sbin/shorewall
version</b></font><br>
version<br>
</b></font>
<h4><a name="faq26"></a><b>26. </b>When I try to use any of the SYN
options in nmap on or behind the firewall, I get "operation not
permitted".
How can I use nmap with Shorewall?"</h4>
Edit /etc/shorewall/shorewall.conf and change "NEWNOTSYN=No" to
"NEWNOTSYN=Yes" then restart Shorewall.<br>
<br>
<h4><a name="faq26a"></a><b><span style="font-weight: bold;">26a.&nbsp;
</span></b>When I try to use the <span style="font-weight: bold;">"-O"
option of nmap</span> from the firewall system, I get "<span
style="font-weight: bold;">operation not permitted". </span>How to I
allow this option?</h4>
Add this command to your /etc/shorewall/start file:<br>
<pre style="margin-left: 40px;"><tt>run_iptables -D OUTPUT -p ! icmp -m state --state INVALID -j DROP</tt><br></pre>
<h4><a name="faq27">27. I'm compiling a new kernel for my firewall.
What
should I look out for?</a></h4>