[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: access to icq

At 12:28 PM 6/27/01 +0700, Abu H R wrote:
>how can i disable ip forwading 

echo "0" /proc/sys/net/ipv4/ip_forward

and what's the benefit if i enable or disable
>ip forwarding

It affects whether the firewall will route or not. If you do NOT enable IP
forwarding, ONLY proxy'd traffic can go through the firewall. (In fact, in
this situation, even calling the host a firewall is a stretch; it's really
JUST a proxy server.)

>OR how can i change the forward chain

Change it by using the ipchains command appropriately. For general guidance
about using this command, turn to its man page or the Firewalling HowTo and
the Ipchains HowTo (at, for example, www.linuxdoc.org). 

>now my network have an abuser accessing to  something like
>[xxxxxxxxxxx.rr.com with port 1214 in outer side and one of the port from
>1024-65535 in intra side]. Even i block the port 1214 using http_access at
>squid, he still be able to use it

This description isn't really clear, but it sounds like he is simply
bypassing Squid and routing directly. The place to address this is either by
turning off IP forwarding -OR- modifying your ipchains ruleset (probably the
input chain, not the forward chain) but you've told us WAY too little about
your setup to get good, specific advice here.

>----- Original Message -----
>From: "Michael Wood" <wood@kingsley.co.za>
>To: <debian-firewall@lists.debian.org>
>Sent: Tuesday, June 26, 2001 7:00 PM
>Subject: Re: access to icq
>This may be so, but he will still have to disable IP forwarding
>or add some rules to his forward chain to stop people using the
>old ICQ protocol an bypassing Squid altogether.

------------------------------------"Never tell me the odds!"---
Ray Olszewski                                        -- Han Solo
Palo Alto, CA           	 	         ray@comarre.com        

Reply to: