[Search for users] [Overall Top Noters] [List of all Conferences] [Download this site]

Conference noted::seal

Title:SEAL
Moderator:GALVIA::SMITH
Created:Mon Mar 21 1994
Last Modified:Fri Jun 06 1997
Last Successful Update:Fri Jun 06 1997
Number of topics:1989
Total number of notes:8209

1724.0. "questions" by EEMELI::EINAMO () Tue Jan 21 1997 03:01

T.RTitleUserPersonal
Name		DateLines
1724.1Pseudo-answers!GALVIA::SMITHTue Jan 21 1997 04:5720
1724.2QUICHE::PITTAlph a ha is better than no VAX!Wed Jan 22 1997 05:4126
1724.3thanksEEMELI::EINAMOWed Jan 22 1997 06:0230
1724.4QUICHE::PITTAlph a ha is better than no VAX!Wed Jan 22 1997 06:2149
1724.5understoodEEMELI::EINAMOFri Jan 24 1997 01:2917
Hi

Mark you are right !


1234 pkts 45.11 %hits 0 drops
=>

1234 pkts = number of ip pkts prosessed
45.11% = hitrate to screend.rule base that it kees in memory
0 drops = screend has not dropped any pkts ... it will start dropping pkts if
           it has too mutch job to do

The customer screend.conf has more that one rule in it


Marko
1724.6nntp.aclEEMELI::EINAMOThu Jan 30 1997 12:1433
Hi 

Ran into problems with nntp.acl

I did add user group called out-news
via GUI
...
#user group 'out-news' (internal)
group grp854372554.2811 is
[email protected];

I did Edit nntp.acl

# cat nntp.acl
#AUTOMATICALLY GENERATED: DO NOT EDIT!
authentication "none";
include "/usr/dfws/config/customgrps.acl";
allow grp854372554.2811 * relay;
allow [email protected] nntp news.kolumbus.fi:119;


It dont work with out the last line where I implisite allow the user
and that's not what we are looking for

gxd.log
Jan 30 18:49:47 fwoulu nntp[23085]: Log: CONNECT: connect from client rytilahti.
oulu.pvo.fi/193.***.101.150
Jan 30 18:49:47 fwoulu nntp[23085]: Log: MESSAGE: Target 'pinta.kolumbus.fi:119'
 will additionally be acl checked as IP:port '193.229.0.40:119'
Jan 30 18:49:47 fwoulu nntp[23085]: Event: EVENTMSG: event denydflt detected fro
m host rytilahti.oulu.pvo.fi/193.XXX.101.150
Jan 30 18:49:47 fwoulu nntp[23085]: Log: ACLDENY: user unknown not authorized fo
r nntp to pinta.kolumbus.fi/193.229.0.40, port 119
1724.7syntax wrongQUICHE::PITTAlph a ha is better than no VAX!Tue Feb 04 1997 09:0111
    You want the following in nntp.acl:
    
#AUTOMATICALLY GENERATED: DO NOT EDIT!
authentication "none";
include "/usr/dfws/config/customgrps.acl";
allow grp854372554.2811 nntp news.kolumbus.fi:119;
    
    ... and it works.  (Note: it might not work without the comment in the
    first line ... ??? ;-))
    
    T