Repeat the Process Until You Resolve the Problem

Previous page
Table of content
Next page


If none of this works, start over from the beginning. Maybe you're trying to solve the wrong problem. For example, you think it's the DNS that is preventing correct lookups for a website, but really it's the client's DNS settings. Perhaps you have the IP hard-coded into your /etc/hosts fileor maybe you're logging into the wrong box. When all else fails, go back to the beginning.

Finding the Answers or...Why Search Engines Are Your Friend

Sometimes the solution is as close as your fingertips. When in doubt, look it up and save yourself a lot of time, energy, and headache. One great tool the Internet has brought us all is the concept of search engines. Before spending a great deal of time on a problem, try looking it up in a search engine first. It's amazing how often the problem you have encountered has been run into by dozens of folks before, and someone has taken the time to document the solution fully on a mailing list or website. While researching this book, we found that with most of the Linux firewall mailing lists, the vast majority of problems users reported had been answered many times before on that same mailing list, only months earlier. We're not going to expand on the finer points of mailing list etiquettethat's not our point here. The point here is that before you waste your time asking someone for the answer, try looking for it via a search engine.

Websites

As the old saying goes, read the friendly manual. Sometimes the problem is as simple as not understanding the syntax of the command or how to use the command or tool correctly. Before spending a lot of time pulling your hair out, make sure you know that you're using your firewall correctly by checking the documentation or examples online. Some useful sites are the netfilter website, some firewall guru sites, and when all else fails, try our website (www.gotroot.com). If you have some favorite sites that help you with your problems, go there. Never be afraid to look for help elsewhere, but when posting to mailing lists or forums, it's usually good etiquette to check mailing list and forum archives first to see if anyone else has asked this question before and if they received an answer. Besides, it will save you time to look at it as opposed to waiting for an answer. Further, if someone already answered the question you are about to ask, try that information first before you ask the same question again. You may find yourself "shunned" by some of the more outspoken members of the list or forum if you waste the community's time. This is not to discourage you from asking "dumb" questions. The worst that can happen is no one answers, but if you want to be taken seriously in the future, check the archives first. No matter what, if the information is already in the archives, as we already said, you will have saved yourself a lot of time by not having to ask and wait for an answer!

  • http://netfilter.org/ This is the netfilter website, which obviously is the home for all that is netfilter.

  • http://iptables-tutorial.frozentux.net/ This site is probably the most fantastic tutorial about using iptables. It's very direct and straightforward and is constantly being updated. We cannot recommend this tutorial enough.

  • http://www.Linuxguruz.com/iptables/ Your one-stop shop for the iptables/netfilter "cheat sheet." This site contains numerous, well documented iptables scripts for all manner of configurations.

  • http://www.gotroot.com Our one-stop shop for all things sysadmin related, from firewalls to system management. Our website includes all the tools in this book, along with example firewall scripts, forums, mailing lists, RFCs, and anything else our users and readers ask us to cover.

  • http://lists.netfilter.org/mailman/listinfo This is the main mailing list for all things netfilter related and its archives. Although the archive is not searchable directly, the archives are downloadable.

  • http://marc.theaimsgroup.com/ The mother load of mailing lists. MARC stands for Mailing list ARChives, and it's a huge database of hundreds of mailing lists, including the netfilter lists, which are searchable even within the body of messages posted to the list. By far this is one of the most powerful tools on the Net for technical mailing lists, and we cannot recommend this site highly enough.


    Previous page
    Table of content
    Next page
    Troubleshooting Linux Firewalls
    Troubleshooting Linux Firewalls
    ISBN: 321227239
    EAN: N/A
    Year: 2004
    Pages: 169
    BUY ON AMAZON
    CompTIA Project+ Study Guide: Exam PK0-003
    Identifying and Managing Project Risk: Essential Tools for Failure-Proofing Your Project
    Software Configuration Management
    Snort Cookbook
    Cisco ASA: All-in-One Firewall, IPS, and VPN Adaptive Security Appliance
    Quartz Job Scheduling Framework: Building Open Source Enterprise Applications
    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net
    Privacy policy