Ipchains Woes

Top Page
This message is part of the following thread:
M-\the complete thread tree sorted by date
M.MSteve Holmes at <-
M\MPatrick Fleming EA at ->
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: Craig White
Date:  
Subject: Ipchains Woes
On Wed, 2002-02-27 at 05:57, Steve Holmes wrote:
> OK, I can lynx to other sites and I can ping along as I use numeric ip
> addresses. Here is the test firewall script I am currently using when I
> do this. BTW, ports 53 (both udp and tcp) do not yield me any thing. I
> use a regular name server at 24.221.30.3.
> ------------------
> #!/bin/sh
> # Firewall testing script
>
> ipchains -P input DENY
> ipchains -P forward DENY
> ipchains -P output ACCEPT
>
> ipchains -A forward -s 192.168.1.0/24 -i eth1 -j MASQ
> ipchains -A input -i lo -j ACCEPT
> ipchains -A input -i eth0 -j ACCEPT
> ipchains -A input -p tcp ! -y --dport 1024:65535 -j ACCEPT
> ipchains -A input -p icmp -j ACCEPT
>
----
OK from firewall box - what is result of
ipchains -L
ping -c 4 24.221.30.3
ping -c 4 24.221.30.4
cat /etc/resolv.conf
cat /etc/sysconfig/network
route -n

or if this makes it easier

ipchains -L > /tmp/test
ping -c 4 24.221.30.3 >> /tmp/test
ping -c 4 24.221.30.4 >> /tmp/test
cat /etc/resolv.conf >> /tmp/test
cat /etc/sysconfig/network >> /tmp/test
route -n >> /tmp/test
mail <your_email_address> < /tmp/test

and then forward this on to the list

Craig


This message was posted to the following mailing lists:
Plug Discuss
Mailing List Info | Nearby Messages		<-Ipchains WoesIpchains Woes->
Some Mailing List Archive administrated by UnconfiguredLurker (version 2.3)