On Sunday 18 July 2004 6:39 pm, Payal Rathod wrote: > I do not have access to that machine till tomorrow. But I have copied the > firewall script at http://payal.staticky.com/fw2.txt I do not understand how you can connect through this ruleset to TCP port 10000 from anywhere. I look forward to the ruleset listing with packet counters. Please make sure you also post the following information: 1. The IP address of the machine you are connecting *from* to TCP port 10000. 2. The IP address of the machine you are connecting *to* on TCP port 10000. 3. The network info for each subnet connected to the firewall. (By the way, there is a problem, probably unimportant, but worth correcting anyway, with the "-s 10.10.10.0/255.0.0.0" in your ruleset. The address should not contain more 1-bits than the netmask, therefore this should either be "-s 10.10.10.0/255.255.255.0" or else "-s 10.0.0.0/255.0.0.0", depending on which netmask is correct for your subnet.) Regards, Antony. -- These clients are often infected by viruses or other malware and need to be fixed. If not, the user at that client needs to be fixed... - Henrik Nordstrom, on Squid users' mailing list Please reply to the list; please don't CC me.
