Honeypots mailing list archives
Re: honeywall roo: rc.firewall questions
From: James Oliver <686f6e6579 () gmail com>
Date: Sat, 28 May 2005 10:57:47 +0200
Hi, Earl - thanks for your answer!
I'm going to "punt" (for the moment) on "A" but as far as "B" goes, we set things up so that by default: ALLOWED_TCP_OUT=22 25 43 80 443 ALLOWED_UDP_OUT=53 123 to support: SSH, SMTP, Whois, WWW, SSL, DNS, and NTP outbound. As long as you have configured management IP/Netmask/GW/DNS and have not otherwise undone the above yum update should work.
As far as I see in the comments in honeywall.conf ALLOWED_(TCP|UDP)_OUT should affect the honeypots. In the roo rc.firewall the iptables rules with ALLOWED_(TCP|UDP)_OUT affect the OUTPUT rule of the honeywall, and should therefore control the honeywall locally generated traffic (management interface). However, these rules are inside the ROACHMOTEL block (affecting the honeypots), so they don't get executed on my honeywall since I have enabled the ROACHMOTEL feature. Maybe this is why yum (or any other connection outbound from the honeywall itself) doesn't work. Has anybody enabled ROACHMOTEL and can still use yum? Thanks, James
Current thread:
- honeywall roo: rc.firewall questions James Oliver (May 26)
- Message not available
- Re: honeywall roo: rc.firewall questions Jocelyn Parker (May 28)
- Message not available
- <Possible follow-ups>
- Re: honeywall roo: rc.firewall questions Earl Sammons (May 27)
- Re: honeywall roo: rc.firewall questions James Oliver (May 28)
- Re: honeywall roo: rc.firewall questions Earl Sammons (May 29)
- Re: honeywall roo: rc.firewall questions Earl Sammons (May 29)