On Thu, Aug 03, 2006 at 05:24:00PM -0700, Alan Dayley wrote:
> I haven't taken the time to understand iptables and now I need to write a
> few rules.
> 
> - Computer has 3 NICs: eth0 eth1 eth2
> - I want to add the rules to /etc/rc.d/rc.firewall.local
> - Rules are:
> -- drop everything from eth0 to eth1
> -- drop everything from eth1 to eth0
> -- allow everything from eth1 to eth2
> 
> Anyone have any sample rules to share that will speed my learning?  In
> other words, anyone want to write the rules for me?  ;^)

While it's not exactly coding, it sounds perfect for tonight's hackfest.

You might want to restate your policy more like:

- drop everything not explicitly allowed
- allow everything from eth1 to eth2
- (etc)

I.e., you should have a default policy of dropping, and the rest of the
rules allow things. It's safer and easier in the end.

-- 
Darrin Chandler            |  Phoenix BSD Users Group
dwchandler@stilyagin.com   |  http://bsd.phoenix.az.us/
http://www.stilyagin.com/  |
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change  you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss