Ipchains Woes
Steve Holmes
plug-discuss@lists.plug.phoenix.az.us
Wed, 27 Feb 2002 05:57:27 -0700 (MST)
OK, I can lynx to other sites and I can ping along as I use numeric ip
addresses. Here is the test firewall script I am currently using when I
do this. BTW, ports 53 (both udp and tcp) do not yield me any thing. I
use a regular name server at 24.221.30.3.
------------------
#!/bin/sh
# Firewall testing script
ipchains -P input DENY
ipchains -P forward DENY
ipchains -P output ACCEPT
ipchains -A forward -s 192.168.1.0/24 -i eth1 -j MASQ
ipchains -A input -i lo -j ACCEPT
ipchains -A input -i eth0 -j ACCEPT
ipchains -A input -p tcp ! -y --dport 1024:65535 -j ACCEPT
ipchains -A input -p icmp -j ACCEPT