Mark,
I've sent you a template of some lp-gw rules. Hopefully that will do the
trick for you.
Let me know how things go.
Thanks,
Meenoo
--
Gauntlet Firewall Technical Support
gauntlet-support @
tis .
com
NOTE: If I had any opinions they wouldn't be that of my employer.
On Sat, 26 Jul 1997, Mark A. Crother wrote:
>
> Hi,
>
> I am running Gauntlet 3.2 on BSD/OS 2.0.1. I cannot get the ! @
#$% lp-gw
> to work. My netperm-table for lp-gw looks like..
>
> #
> # lp-gw rules:
> # -----------
> #lp-gw: permit-destination <inside-printer-host>
> lp-gw: permit-hosts 141.102.205.36 -policy untrusted
> lp-gw: permit-destination 141.102.28.23
> lp-gw: deny-destination *
> #lp-gw: client <outside> -printer <outside-queue-name>
> lp-gw: client 141.102.205.36 -printer lp
> #lp-gw: printer <outside-queue-name> -host <inside-host> -printer <inside-queue>
> lp-gw: printer sp1 -host 141.102.28.23 -printer lp
>
> policy-untrusted: permit-proxy lp-gw
>
>
> where 141.102.205.36 is the client host on a untrusted perimeter. Its
> print queue is sp1 defined as
>
> sp1:\
> :lp=/var/spool/lpd:\
> :sd=/var/spool/lpd:\
> :rm=stop:\
> :rp=lp:\
> :sh=:\
> :lf=/var/spool/art.log
>
> The error messages are...
>
> Jul 26 16:44:25 stop lp-gw[1024]: deny host=mentor.ssd.bna.boeing.com/141.102.205.36 use of proxy by policy ''
> Jul 26 16:44:25 stop lp-gw[1024]: error or denial connecting client host=mentor.ssd.bna.boeing.com/141.102.205.36, reset client lp daemon
>
> Any help at all would be GREATLY appreciated....
>
> Thanks...
>
> --
> Mark Crother crotherm @
roses .
bna .
boeing .
com
> Boeing North American (BNA)
> Space Systems Division (SSD) All opinions are mine.
>
References:
|
|
