konfiguracia firehol + dsl usb modem microcom ad 2622 [vyřešeno]

[uf]

zdravim...ak nastavim firehol podla vseobecneho navodu nenacitam ani v opere ziadnu stranku..moj konfigurak teda vyzera nasledovne:

Kód: [Vybrat]

#
# $Id: client-all.conf,v 1.2 2002/12/31 15:44:34 ktsaou Exp $
#
# This configuration file will allow all requests originating from the
# local machine to be send through all network interfaces.
#
# No requests are allowed to come from the network. The host will be
# completely stealthed! It will not respond to anything, and it will
# not be pingable, although it will be able to originate anything
# (even pings to other hosts).
#

version 5

# Accept all client traffic on any interface
  interface any world
  client all accept

DEFAULT_CLIENT_PORTS="1024:65535"

interface eth+ internet src not "${UNROUTABLE_IPS}"
    policy drop
    protection strong 10/sec 10
    server ident reject with tcp-reset
    server ssh    accept
    server ping    accept
    client dhcp    accept
    client dns      accept
    client http     accept
    client https    accept
    client ftp      accept
    client ntp      accept
    client ssh      accept
    client cups    accept

UNMATCHED_INPUT_POLICY="DROP"
UNMATCHED_OUTPUT_POLICY="DROP"
FIREHOL_LOG_LEVEL=4musel som nechat client all accept co sa mi vsak nezda ako dobra volba lenze zatial jedine tak mozem surfovat po nete

tu je vypis ifconfig:

Kód: [Vybrat]

eth0      Link encap:Ethernet  HWaddr 00:0D:87:EC:1F:81
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
          Interrupt:177 Base address:0xdc00

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:652 errors:0 dropped:0 overruns:0 frame:0
          TX packets:652 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:19755 (19.2 KiB)  TX bytes:19755 (19.2 KiB)

nas0      Link encap:Ethernet  HWaddr 00:13:33:C1:48:35
          inet6 addr: fe80::213:33ff:fec1:4835/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1046 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1085 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:432412 (422.2 KiB)  TX bytes:208355 (203.4 KiB)

ppp0      Link encap:Point-to-Point Protocol
          inet addr:84.47.41.156  P-t-P:213.81.232.217  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1492  Metric:1
          RX packets:1028 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1059 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:3
          RX bytes:423226 (413.3 KiB)  TX bytes:173042 (168.9 KiB)

[LS]

V konfiguracnim souboru FireHOLu nahradte "interface eth+" za "interface ppp0".

Radky "interface any world" a "client all accept" muzete zase zakomentovat.

Pokud to stale nepujde, smazte src not "${UNROUTABLE_IPS}". Po kazde zmene konfigurace je nutne restartovat FireHOL.

[uf]

ide to..nemusel som mazat "src not "${UNROUTABLE_IPS}"

dakujem)


pri prezerani ifconfigu som natrafil na to ze MTU hodnotu mam nastavenu na 1492...podla odporucania mojho providera by som mtu hodnotu mal zmenit na 1452...netusim kde by som to mal editovat..

[uf]

ok..nasiel som si to v

/etc/ppp/options

stacilo odkomentovat polozku MTU a priradit hodnotu