[Phpgroupware-users] SME Server and phpGW Daytime

phpgroupware-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Phpgroupware-users] SME Server and phpGW Daytime

From:	Tony Howden
Subject:	[Phpgroupware-users] SME Server and phpGW Daytime
Date:	Thu, 08 Aug 2002 06:50:17 +0000

Hi All

I know this only relates to those of you using both sme-server
(www.e-smith.org) and phpgw but following the recent discussions on the
daytime issue, I decided to fix the ipchains rather than disable the daytime
process in phpgw. So heres a mini howto for those that can use it.

Why use this How-To ?

You are using phpgroupware with Daytime query (RC4)
You are using SME-server 5.5
A check of messages should show denylog lines for port 13 from 129.6.15.28:13
which indicates that the daytime test is being denied and is slowing down the
phpgw page responses (verify this with tail -f /var/log/messages running
while opening phpgw pages

You want to allow phpgw to get the daytime response and speed up the page
responses.

Steps to open port 13 for access

#1 In the custom template directory for masq we create a new code snippet,
make the appropriate directory path first if it doesn't exist already (most
likely it doesn't)

/etc/e-smith/templates-custom/etc/rc.d/init.d/masq

#2. copy the file 35DenyLowPorts from the main template directory as
35AllowDaytime (all the following is one command line) or simply copy the
file example from step #3, whichever is easier

cp /etc/e-smith/templates/etc/rc.d/init.d/masq/35DenyLowPorts /etc/e-
smith/templates-custom/etc/rc.d/init.d/masq/35AllowDaytime

#3. Edit the file (I use mcedit but you can use pico or whatever)

mcedit /etc/e-smith/templates-custom/etc/rc.d/init.d/masq/35AllowDaytime

change the four lines that to swap :19 for 13 (no colon) and 'denylog' at the
end of each line to 'accept'
and the title to indicate the change of purpose from denying lowports.

Delete the second pair of lines for the destination port ( -d ) and in the
end it should look like

{   # Permit Daytime Queries
}
    /sbin/ipchains --append input -p TCP -s 0/0 13 -i $OUTERIF -j ACCEPT
    /sbin/ipchains --append input -p UDP -s 0/0 13 -i $OUTERIF -j ACCEPT

Save the file and quit the editor

#4. Reload the masq template with

 /sbin/e-smith/expand-template /etc/rc.d/init.d/masq

#5. Restart the firewall with

service masq restart

Finally, if you were monitoring the messages file
(using tail -f /var/log/messages) then after the restart of the firewall you
should see no more entries for the port 13 message.

cheers
Tony

[Prev in Thread]

Current Thread

[Next in Thread]

[Phpgroupware-users] SME Server and phpGW Daytime, Tony Howden <=
- RE: [Phpgroupware-users] SME Server and phpGW Daytime, Hsing-Foo Wang, 2002/08/08

Prev by Date: Re: [Phpgroupware-users] Problems with 9.14_RC4 installation
Next by Date: Re: [Phpgroupware-users] LDAP conf
Previous by thread: [Phpgroupware-users] Installation procedure gets stuck after creating header.inc.php
Next by thread: RE: [Phpgroupware-users] SME Server and phpGW Daytime
Index(es):
- Date
- Thread