[zorp-hu] policy gond
Barina Tamas
tamas.barina@hlc.hu
Fri, 26 Apr 2002 16:17:51 +0200
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Sziasztok.
Itt egy konfig, de amikor megprobalom elinditani, akkor alszall. Egy
kicsit hosszu leszek bocsi.
Ez teszi a logba:
Apr 26 16:13:09 fwall zorp-full[2976]: Zone(saps): inbound
service=WD_sap
Apr 26 16:13:09 fwall zorp-full[2976]: Zone(hosting-place): outbound
service=DW_ftp
Apr 26 16:13:09 fwall zorp-full[2976]: (zorp/nosession): Changing
process capabilities; caps='= cap_net_bind_service+ep
cap_net_admin+p'
Apr 26 16:13:09 fwall zorp-full[2976]: (zorp/nosession): Changing
process capabilities; caps='= cap_net_bind_service,cap_net_admin+ep'
Apr 26 16:13:09 fwall zorp-full[2976]: bind(): failed due to: Address
already in use.
Apr 26 16:13:09 fwall zorp-full[2976]: (zorp/nosession): Resetting
process capabilities; caps='= cap_net_bind_service,cap_net_admin+p'
Apr 26 16:13:09 fwall zorp-full[2978]: (zorp/nosession): Traceback
(innermost last):
Apr 26 16:13:09 fwall zorp-full[2978]: (zorp/nosession): File
"/etc/zorp/policy.py", line 189, in init
Apr 26 16:13:09 fwall zorp-full[2978]: (zorp/nosession):
Listener(SockAddrInet("192.168.64.3", 50021), "DW_ftp")
Apr 26 16:13:09 fwall zorp-full[2978]: (zorp/nosession): File
"/usr/share/zorp/pylib/Zorp/Listener.py", line 176, in __init__
Apr 26 16:13:09 fwall zorp-full[2978]: (zorp/nosession):
SimpleListen.__init__(self, bindto, backlog=backlog)
Apr 26 16:13:09 fwall zorp-full[2978]: (zorp/nosession): File
"/usr/share/zorp/pylib/Zorp/Listener.py", line 68, in __init__
Apr 26 16:13:09 fwall zorp-full[2978]: (zorp/nosession):
self.listen = Listen(bindto, self.accepted, accept_one, backlog)
Apr 26 16:13:09 fwall zorp-full[2978]: (zorp/nosession): IOError:
Error binding to interface
Apr 26 16:13:09 fwall zorp-full[2976]: (zorp/nosession): Error
initializing policy
Apr 26 16:13:09 fwall zorp-full[2976]: zorp version 1.4.0rc18 going
down.
Es a config:
# firewall internal network: 192.168.64.0/24
# firewall internal interface: 212.108.226.242
# firewall dmz interface: 192.168.64.3
#
# WD = from World to DMZ
# DW = from DMZ to World
from Zorp.Core import *
from Zorp.Http import *
from Zorp.Plug import *
from Zorp.Ftp import *
Zorp.firewall_name = 'zorp@fwall'
InetZone("local", "127.0.0.0/8",
inbound_services=["*"],
outbound_services=[]),
InetZone("dmznet", "192.168.64.0/24",
inbound_services=["WD_ntp"],
outbound_services=["DW_irc","DW_webmin"]),
InetZone("mails", "212.108.226.244",
inbound_services=["WD_webmin","WD_pop","WD_imap","WD_smtp","WD_http"],
outbound_services=["DW_pop","DW_smtp"]),
InetZone("webs", "212.108.226.245",
inbound_services=["WD_http","WD_ftp","WD_dns"],
outbound_services=["DW_dns"]),
InetZone("wtest", "212.108.226.250",
inbound_services=["WD_http","WD_ssh","WD_ftp","WD_imap","WD_cvs","WD_m
ysql","WD_pop3"],
outbound_services=[]),
InetZone("dev", "212.108.226.246",
inbound_services=["WD_http","WD_ssh","WD_ftp","WD_imap","WD_cvs","WD_m
ysql","WD_pop3"],
outbound_services=[]),
InetZone("saps", "212.108.226.251",
inbound_services=["WD_http","WD_ssh","WD_ftp","WD_sap"],
outbound_services=[]),
InetZone("hosting-place", "195.228.254.145",
inbound_services=[],
outbound_services=["DW_ftp"]),
InetZone("internet", "0.0.0.0/0",
inbound_services=[],
outbound_services=[])
InetZone("outnet", "212.108.226.0/24",
inbound_services=[],
outbound_services=[])
class WD_ftp(FtpProxy):
def config(self):
FtpProxy.config(self)
self.transparent_mode = TRUE
class DW_ftp(FtpProxy):
def config(self):
FtpProxy.config(self)
self.transparent_mode = TRUE
class WD_http(PlugProxy):
def config(self):
pass
class DW_http(PlugProxy):
def config(self):
pass
class WD_ssh(PlugProxy):
def config(self):
pass
class DW_ssh(PlugProxy):
def config(self):
pass
class WD_smtp(PlugProxy):
def config(self):
pass
class DW_smtp(PlugProxy):
def config(self):
pass
class WD_imap(PlugProxy):
def config(self):
pass
class DW_imap(PlugProxy):
def config(self):
pass
class DW_irc(PlugProxy):
def config(self):
pass
class WD_pop3(PlugProxy):
def config(self):
pass
class DW_pop3(PlugProxy):
def config(self):
pass
class WD_webmin(PlugProxy):
def config(self):
pass
class DW_webmin(PlugProxy):
def config(self):
pass
class WD_cvs(PlugProxy):
def config(self):
pass
class DW_cvs(PlugProxy):
def config(self):
pass
class WD_mysql(PlugProxy):
def config(self):
pass
class DW_mysql(PlugProxy):
def config(self):
pass
class WD_ntp(PlugProxy):
def config(self):
pass
class DW_ntp(PlugProxy):
def config(self):
pass
class WD_sap(PlugProxy):
def config(self):
pass
class DW_sap(PlugProxy):
def config(self):
pass
class WD_dns(PlugProxy):
def config(self):
pass
class DW_dns(PlugProxy):
def config(self):
pass
def init(name):
Service("WD_ftp", WD_ftp, router=TransparentRouter())
Service("WD_ssh", WD_ssh, router=TransparentRouter())
Service("WD_smtp", WD_smtp, router=TransparentRouter())
Service("WD_imap", WD_imap, router=TransparentRouter())
Service("WD_webmin", WD_webmin, router=TransparentRouter())
Service("WD_pop3", WD_pop3, router=TransparentRouter())
Service("WD_http", WD_http, router=TransparentRouter())
Service("WD_dns", WD_dns, router=TransparentRouter())
Service("WD_mysql", WD_mysql, router=TransparentRouter())
Service("WD_cvs", WD_cvs, router=TransparentRouter())
Service("WD_ntp", WD_ntp, router=TransparentRouter())
Service("WD_sap", WD_sap, router=TransparentRouter())
Service("DW_ftp", DW_ftp, router=TransparentRouter())
Service("DW_ssh", DW_ssh, router=TransparentRouter())
Service("DW_sap", DW_sap, router=TransparentRouter())
Service("DW_ntp", DW_ntp, router=TransparentRouter())
Service("DW_cvs", DW_cvs, router=TransparentRouter())
Service("DW_mysql", DW_mysql, router=TransparentRouter())
Service("DW_dns", DW_dns, router=TransparentRouter())
Service("DW_http", DW_http, router=TransparentRouter())
Service("DW_pop3", DW_pop3, router=TransparentRouter())
Service("DW_webmin", DW_webmin, router=TransparentRouter())
Service("DW_imap", DW_imap, router=TransparentRouter())
Service("DW_irc", DW_irc, router=TransparentRouter())
Service("DW_smtp", DW_smtp, router=TransparentRouter())
Listener(SockAddrInet("192.168.64.3", 50021), "DW_ftp")
Listener(SockAddrInet("192.168.64.3", 50022), "DW_ssh")
Listener(SockAddrInet("192.168.64.3", 50025), "DW_smtp")
Listener(SockAddrInet("192.168.64.3", 56667), "DW_irc")
Listener(SockAddrInet("192.168.64.3", 51000), "DW_webmin")
Listener(SockAddrInet("192.168.64.3", 50110), "DW_pop3")
Listener(SockAddrInet("192.168.64.3", 50053), "DW_dns")
Listener(SockAddrInet("212.108.226.242", 50021), "WD_ftp")
Listener(SockAddrInet("212.108.226.242", 50022), "WD_ssh")
Listener(SockAddrInet("212.108.226.242", 50025), "WD_smtp")
Listener(SockAddrInet("212.108.226.242", 50143), "WD_imap")
Listener(SockAddrInet("212.108.226.242", 51000), "WD_webmin")
Listener(SockAddrInet("212.108.226.242", 50110), "WD_pop3")
Listener(SockAddrInet("212.108.226.242", 50080), "WD_http")
Listener(SockAddrInet("212.108.226.242", 50053), "WD_dns")
Listener(SockAddrInet("212.108.226.242", 52401), "WD_cvs")
Listener(SockAddrInet("212.108.226.242", 53306), "WD_mysql")
Listener(SockAddrInet("212.108.226.242", 51123), "WD_ntp")
Listener(SockAddrInet("212.108.226.242", 53200), "WD_sap")
Barina Tamás
+ 36 30 250 3863
- -------------------------------------
1123 Budapest, Alkotás út 39/C
Tel.: +36 1 457 7690
Fax: +36 1 457 7699
PGP KeyID: 0xAC43C74F Fingerprint: 11AE 0464 7428 3DD8 470D 9A51
DD55 AB3B AC43 C74F
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>
iQA/AwUBPMlhi91VqzusQ8dPEQKYCACfXdPreCrw54LJKRurjUXWoksCX38AoPLC
BfD//VrASmOSmZNXulvFdvpM
=OW3U
-----END PGP SIGNATURE-----