phpgroupware-users
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Phpgroupware-users] SME Server and phpGW Daytime

From: Hsing-Foo Wang
Subject: RE: [Phpgroupware-users] SME Server and phpGW Daytime
Date: Thu, 8 Aug 2002 18:46:34 +0200 
Thank you Tony!

Regards,
Hsing-Foo

> -----Oorspronkelijk bericht-----
> Van: address@hidden 
> [mailto:address@hidden Namens Tony Howden
> Verzonden: donderdag 8 augustus 2002 8:50
> Aan: address@hidden
> Onderwerp: [Phpgroupware-users] SME Server and phpGW Daytime
> 
> 
> Hi All
> 
> I know this only relates to those of you using both sme-server
> (www.e-smith.org) and phpgw but following the recent 
> discussions on the daytime issue, I decided to fix the 
> ipchains rather than disable the daytime process in phpgw. So 
> heres a mini howto for those that can use it.
> 
> Why use this How-To ?
> 
> You are using phpgroupware with Daytime query (RC4)
> You are using SME-server 5.5
> A check of messages should show denylog lines for port 13 
> from 129.6.15.28:13 which indicates that the daytime test is 
> being denied and is slowing down the phpgw page responses 
> (verify this with tail -f /var/log/messages running while 
> opening phpgw pages
> 
> You want to allow phpgw to get the daytime response and speed 
> up the page responses.
> 
> Steps to open port 13 for access
> 
> #1 In the custom template directory for masq we create a new 
> code snippet, make the appropriate directory path first if it 
> doesn't exist already (most likely it doesn't)
> 
> /etc/e-smith/templates-custom/etc/rc.d/init.d/masq
> 
> #2. copy the file 35DenyLowPorts from the main template 
> directory as 35AllowDaytime (all the following is one command 
> line) or simply copy the file example from step #3, whichever 
> is easier
> 
> cp /etc/e-smith/templates/etc/rc.d/init.d/masq/35DenyLowPorts 
> /etc/e- smith/templates-custom/etc/rc.d/init.d/masq/35AllowDaytime
> 
> #3. Edit the file (I use mcedit but you can use pico or whatever)
> 
> mcedit 
> /etc/e-smith/templates-custom/etc/rc.d/init.d/masq/35AllowDaytime
> 
> change the four lines that to swap :19 for 13 (no colon) and 
> 'denylog' at the end of each line to 'accept' and the title 
> to indicate the change of purpose from denying lowports.
> 
> Delete the second pair of lines for the destination port ( -d 
> ) and in the end it should look like
> 
> {   # Permit Daytime Queries
> }
>     /sbin/ipchains --append input -p TCP -s 0/0 13 -i 
> $OUTERIF -j ACCEPT
>     /sbin/ipchains --append input -p UDP -s 0/0 13 -i 
> $OUTERIF -j ACCEPT
> 
> Save the file and quit the editor
> 
> #4. Reload the masq template with
> 
>  /sbin/e-smith/expand-template /etc/rc.d/init.d/masq
> 
> #5. Restart the firewall with
> 
> service masq restart
> 
> Finally, if you were monitoring the messages file
> (using tail -f /var/log/messages) then after the restart of 
> the firewall you should see no more entries for the port 13 message.
> 
> cheers
> Tony
> 
> 
> _______________________________________________
> Phpgroupware-users mailing list
> address@hidden 
> http://mail.gnu.org/mailman/listinfo/phpgroupw> are-users
>
reply via email to
[Prev in Thread] Current Thread [Next in Thread]