[pmfirewall] changing $OUTERIF to ppp0 fails to work

From: mjbjr@beaudesign.com
Date: Sun Jun 10 2001 - 01:39:45 PDT

• Previous message: Fred A. Miller: "[pmfirewall] OT, but GOOD! Doonsbury comic is about Windows vs. Linux"

I've had some mail problems (unrelated to pmfirewall problems), and I
don't believe this message made it. If this is the second time you're
seeing this, my appologies. I didn't find it in the mail archives.

Date: Tue, 22 May 2001 23:36:51 -0700 (PDT)
From: mjbjr@beaudesign.com
To: pmfirewall@pointman.org
Subject: changing $OUTERIF to ppp0 fails to work

[pmfirewall-1.1.4 on very updated rh6.1/6.2]

I've been using pmfirewall for some time, and have had no problems.

Recently, I needed to make a temporary change from DSL to dialup as my
internet interface ($OUTERIF). So, I edited 'pmfirewall.conf' and changed
$OUTERIF:
            OUTERIF=ppp0

When I make this change and (re)start pmfirewall, the firewall blocks
everything coming in (I can see pings going out and returning, but they
don't make it past the firewall).

If I:

    ./pmfirewall stop
    ./pmfirewall masqstart

Everything works as it should, except, of course, I don't have any
firewall.

I've grep'd all the pmfirewall files for 'OUTERIF', and there aren't any
suprises.

Here's some output:

[root@localhost pmfirewall]# ./pmfirewall start
Starting PMFirewall: Done!

Internal: eth0 192.168.cc.dd/255.255.255.0
External: ppp0 207.211.cc.ddd/255.255.255.255

[root@localhost pmfirewall]# ./pmfirewall masqstart

Starting IP Masquerading: Done!

Internal: eth0 192.168.45.10/255.255.255.0
External: ppp0 207.211.63.135/255.255.255.255

I've only added a few of my own rules to the default files, to deny some
packets from suspect sites at the head of the INPUT rules.

Do I need to make some other changes other than to OUTERIF in
pmfirewall.conf to get pmfirewall to work with pppx?

And what if its ppp1 or ppp2?
Do I have to check which ppp# I have after each successful connection and
go into 'pmfirewall.conf'
and manually change OUTERIF?

Thank you for any help with this matter.

-- 
                            - Martin J. Brown, Jr. -
                            - mjbjr@beaudesign.com -
    PGP Public Key ID: 0xCED9BD8A  Key Server: http://www.keyserver.net/en/
****************************************************************************
* To UNSUBSCRIBE from the list, send a message with "unsubscribe pmfirewall"
* in the message body to majordomo@pointman.org. Please direct other
* questions, comments, or problems to pmfirewall-owner@pointman.org.
*
*           Need answers fast? Check the list archive located at:
*             http://www.pointman.org/PMFirewall/list-archive/
*

• Previous message: Fred A. Miller: "[pmfirewall] OT, but GOOD! Doonsbury comic is about Windows vs. Linux"

This archive was generated by hypermail 2b29 : Sun Jun 10 2001 - 02:41:43 PDT