[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[K12OSN] Fedora 2 vs WB3 or RHE3 and old proxy by-pass prob



I've finally had a chance to move my twin mp box to Fedora 2. The system seems equally perky with the 2.6.5 kernel as the former Debian with a similar 2.6 kernel.

How many are now using the RHE3 or WB3 for K12LTSP?

Does anyone know how this new kernel will perform on a K12LTSP server? I routinely use my server at home to test things out before going to school...

Also, when the kernel image loads on the clients, is there any reason to think about moving along a new kernel based on the 2.6 line to the clients?

As the school year is coming to a close I'm looking to make some changes... Get rid of StarOffice7 for the default OO. Install Firefox instead of Mozilla, and install VariCad- that I just purchased an unlimited site licence for with free future updates!

The questions that I had about the IPCop/Mozilla proxy being bypassed have been solved by only allowing proxy traffic through a defined port in iptables. If anyone wants to know how I did this, please drop me a line. Oh, heck...scp /home2/ipcop-252/rc.local.proxy-252 jim home:
jim home's password:
rc.local.proxy-252 100% 3456 35.8MB/s 00:00
GREEN=eth0


# ports:
#       20,21           ftp
#       22              ssh
#       25              smtp
#       53              dns
#       80,443          web
#       123             ntpd
#       445             https: ipcop
#       11371           GNU GPG
#       445             IPCop external https connection

ALLOW_TCP_OUT="20 21 22 25 53 80 85 113 123 443 445 8800 11371"
ALLOW_UDP_OUT="20 21 22 25 53 80 85 123 443 445 8800"

for i in $ALLOW_TCP_OUT ; do
      /sbin/iptables -A CUSTOMFORWARD -i $GREEN -p tcp --dport $i -j ACCEPT
done

for i in $ALLOW_UDP_OUT ; do
      /sbin/iptables -A CUSTOMFORWARD -i $GREEN -p udp --dport $i -j ACCEPT
done

######## Second: These need to be open to allow outgoing
# data for specific incoming protocols

ALLOW_TCP_SOURCE="22 110 143"
ALLOW_UDP_SOURCE="22 110 143"

for i in $ALLOW_TCP_SOURCE ; do
      /sbin/iptables -A CUSTOMFORWARD -i $GREEN -p tcp --sport $i -j ACCEPT
done

for i in $ALLOW_UDP_SOURCE ; do
      /sbin/iptables -A CUSTOMFORWARD -i $GREEN -p udp --sport $i -j ACCEPT
done

Thanks to Richard Thomas for the above. This goes in rc.local.

Jim

_________________________________________________________________
Add photos to your e-mail with MSN Premium. Get 2 months FREE* http://join.msn.com/?pgmarket=en-ca&page=byoa/prem&xAPID=1994&DI=1034&SU=http://hotmail.com/enca&HL=Market_MSNIS_Taglines




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]