Honeypots mailing list archives
Re: rc.firewall script problems
From: "Earl Sammons" <esammons () hush com>
Date: Sun, 27 Mar 2005 17:51:05 -0800
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Craig, Ok, now that we are all on the same page.... The honeywall CDROM will run just fine under VMWare if thats what you are running... As lance mentioned the rc.firewall that was on www.honeynet.org was specifically written for older kernel/iptables versions than you are running. You may be able to modify what you have and make it work by: - - dissable checks for modules (since you're running a monilithic kernel) - - man iptalbes and look for the "physdev" section Beyond that, if you can wait, the new Honeywall cDROm will hit the street in May. It will have a new and improved "rc.firewall" that should work for you. good luck. Earl On Sat, 26 Mar 2005 23:38:43 -0800 Craig Holmes <leusent () absolut intellihost ca> wrote:
Please ignore my last message, I sent it out prematurely! Earl Sammons & Jesse Morgan: Thanks for the advice for deploying a regular host firewall, however in this case I am trying to deploy a "honeywall". Eth0 is a connection between my honeypot and my firewall computer and Eth1 is a WAN connection. I want to limit the activity to and from the honeypot. On Sunday 27 March 2005 00:06, Lance Spitzner wrote:I've pulled the script from our website. We simply don't havetheresources to maintain both a CDROM version and standalone. Ifyou areinterested in Honeywall technology, and want to use our tools,yourbest bet is to go with our Honeywall CDROM(s).Thanks for clearing that up. My honeywall is not a dedicated machine, so I cannot (easily) boot up the honeywall CD. Is my only option to write my own firewall from scratch? If so, will iptables continue to be picky with the -i interface command? Thanks for your help, Craig -- KMail: 1.7.2 Linux Weltall 2.6.11.3 #3 Thu Mar 17 19:03:09 EST 2005 i686 AMD Athlon(TM) XP 2500+ AuthenticAMD GNU/Linux
-----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.4 wkYEARECAAYFAkJHY4QACgkQk7+e+4lPSm1krgCeOKUdBLnNle/dC8vr/4dJ1eVOpnkA oLSHLsoOejZ00uUD2WiBv9nnUX/7 =swos -----END PGP SIGNATURE-----
Current thread:
- rc.firewall script problems Craig Holmes (Mar 26)
- Re: rc.firewall script problems Lance Spitzner (Mar 27)
- Message not available
- Re: rc.firewall script problems Craig Holmes (Mar 27)
- Re: rc.firewall script problems Aaron G. Wade (Mar 28)
- <Possible follow-ups>
- Re: rc.firewall script problems Earl Sammons (Mar 26)
- Re: rc.firewall script problems Jesse Morgan (Mar 27)
- Re: rc.firewall script problems Earl Sammons (Mar 27)
- Re: rc.firewall script problems Craig Holmes (Mar 28)