Ipchains Woes

トップ ページ
添付ファイル:
Eメールのメッセージ
+ (text/plain)
このメッセージを削除
このメッセージに返信
著者: Steve Holmes
日付:  
題目: Ipchains Woes
OK, I can lynx to other sites and I can ping along as I use numeric ip
addresses. Here is the test firewall script I am currently using when I
do this. BTW, ports 53 (both udp and tcp) do not yield me any thing. I
use a regular name server at 24.221.30.3.
------------------
#!/bin/sh
# Firewall testing script

ipchains -P input DENY
ipchains -P forward DENY
ipchains -P output ACCEPT

ipchains -A forward -s 192.168.1.0/24 -i eth1 -j MASQ
ipchains -A input -i lo -j ACCEPT
ipchains -A input -i eth0 -j ACCEPT
ipchains -A input -p tcp ! -y --dport 1024:65535 -j ACCEPT
ipchains -A input -p icmp -j ACCEPT