Re: shorewall & iptables

From: Kevin (nobody_at_tex.kom)
Date: 06/18/03


Date: Wed, 18 Jun 2003 17:45:56 GMT

In article <pan.2003.06.17.18.33.38.289946@spamgourmet.com>,
 Walter Mautner <ihatespam.15.eatallspam@spamgourmet.com> writes:
> On Tue, 17 Jun 2003 17:26:28 +0000, Kevin wrote:
> > How can I specify an iptables rule like this with shorewall?
> >
> > iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
> >
> You can only specify the overall behavior in
> /etc/shorewall/shorewall.conf, with a "ALLOWRELATED=yes",
> which results in the following rules on top of each chain:
> ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED

I've got that in my shorewall.conf. Yes, NFS needs extra ports
opened up even though I've got portmap and nfs services open.
Earlier someone suggested the above iptables (not shorewall) rule
to let NFS communicate fine on the 37XXX ports that it needs.

Thanks....

-- 
Unless otherwise noted, the statements herein reflect my personal
opinions and not those of any organization with which I may be affiliated.


Relevant Pages

  • shorewall & iptables
    ... How can I specify an iptables rule like this with shorewall? ... opinions and not those of any organization with which I may be affiliated. ...
    (comp.os.linux.security)
  • Re: I cant see my web-server ...
    ... and not really that the firewall is the problem ... grep 80` may help us determine what the issue is. ... I'm not quite clear what happens if one adds an iptables rule ... after shorewall has started. ...
    (comp.os.linux.networking)