From owner-freebsd-security Sat Apr 28 8:11:21 2001 Delivered-To: freebsd-security@freebsd.org Received: from threat.tjhsst.edu (threat.tjhsst.edu [198.38.16.9]) by hub.freebsd.org (Postfix) with ESMTP id 478CA37B424; Sat, 28 Apr 2001 08:11:12 -0700 (PDT) (envelope-from abarros@threat.tjhsst.edu) Received: (from abarros@localhost) by threat.tjhsst.edu (8.11.3/8.11.3) id f3SF01S25523; Sat, 28 Apr 2001 11:00:01 -0400 Date: Sat, 28 Apr 2001 11:00:01 -0400 From: Andrew Barros To: Maciuszonek Artur Cc: freebsd-questions@FreeBSD.ORG, freebsd-security@FreeBSD.ORG Subject: Re: outlook express, ipx and ftp :) Message-ID: <20010428110000.I24869@tjhsst.edu> Mail-Followup-To: Maciuszonek Artur , freebsd-questions@FreeBSD.ORG, freebsd-security@FreeBSD.ORG References: <001a01c0cfac$361bf3e0$0a036d18@ivideon.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="7IgncvKP0CVPV/ZZ" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <001a01c0cfac$361bf3e0$0a036d18@ivideon.com>; from ummacius@cc.UManitoba.CA on Sat, Apr 28, 2001 at 01:26:50AM -0500 X-Operating-System: Linux threat.tjhsst.edu 2.2.17 X-I-Graduate-In: 57.2020486111111 days Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org --7IgncvKP0CVPV/ZZ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable I'm going to take a stab, and guess that you are using Road Runner. When they install Road Runner for you, they set the default search domain to your local rr domain (mine is cox.rr.com). Your news server's name isn't re= ally=20 "news" its "news.cox.rr.com" (replace cox with your local rr affiliate).=20 -ajb On Sat, Apr 28, 2001 at 01:26:50AM -0500, Maciuszonek Artur wrote: ->Well I have read and read, searched and searched but I guess it's time to ->consult the experts :) ->please reply to me directly for I am not subscribed to this group. -> ->Here is the dillema: I have set up a firewall/router and have recompiled ->the kernel for ipfw and natd. ->Here is my current setup: -> ->=3D> cable modem =3D> ep1(external nic 24.109.xxx.xxx) -> **router/firewall** -> ep0(internal nic192.168.xxx.xxx) -> <=3D> HUB -> <=3D> 192.168.xxx.xxx Computer(Win ME) -> <=3D> 192.168.xxx.xxx Laptop (Win 2000) -> ->What I am having problems with is that on the main computer on the subnet= I ->am unable to use Outlook express to view newsgroups. ->I can suft the web, download files, I can use napster, ICQ. I have read = the ->man pages for ipfw but I'm still at a loss. -> ->The error message I receive is: -> ->Server cannot be found: ->Configuration: -> Account: news -> Server: news -> Protocol: NNTP -> Port: 119 -> Secure(SSL): 0 -> Code: 800ccc0d -> ->I added the line in the rc.firewall.current ( see below ) after the rule = for ->ssh (port 22) but without any ->luck. ->$fwcmd add allow tcp from any 119 to any 119 setup ->I have looked through /etc/protocols but none are listed for NNTP......:( -> ->I also would like to be able to let IPX thought the firewall to the outsi= de ->and let it back in. ->again there is no listing for IPX in /etc/protocols :( ->The same goes for acess to an ftp server that in on the main computer in = the ->internal subnet. ->The server is on port 27015. Again I have tried to use -> ->add allow tcp from any 27015 to any 27015 setup ->add allow ipx-in-ip from any to any setup -> ->and again no luck. ->I have also modified -># Stop spoofing of your internal network range -> $fwcmd add deny log ip from $inwr to any in via $oif -> ->>From deny to allow in order for the internal network to be able to acess ->the ->outside. Does this pose any ->security issues? -> ->Hmm sorry about the lengthy e-mail but I hope someone will help me tackle ->this problem. -> --=20 Andrew Barros PGP Key Fingerprint: D3B8 0800 C45A 143E 5CF0 E112 0A1B AB36 B655 1FB8 --7IgncvKP0CVPV/ZZ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.3 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE66trwChurNrZVH7gRAs86AJ99qAsEAEu+9EPC7uiThZ1CT8wiRgCcDki1 O5Jny6xcfEX2XvTzVSW2LgI= =D/8e -----END PGP SIGNATURE----- --7IgncvKP0CVPV/ZZ-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message