Need HELP with Red Hat Linux 9 iptables firewall/router
From: Aleksandr Zingorenko (azingorenko_at_ucdavis.edu)
Date: 07/11/03
- Next message: Nico Kadel-Garcia: "Re: How can I prevent users from mounting FAT32 partition?"
- Previous message: James T. Dennis: "Re: security? ? ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 10 Jul 2003 17:08:59 -0700
I am having a problem with a firewall that is simply too strict.
Specifically, I am trying to configure an iptables firewall on Red Hat Linux
9 that protects the servers on our Windows 2000 network from hacker/cracker
attacks. So far, I have 2 Win2k machines behind this firewall, and each of
them has a private IP address. In addition, I configured the firewall to
use DNAT to map valid IP addresses to private ones for those two machines.
As a result, each machine can connect to the Internet and reach (ping) any
other machine on our network, behind the firewall or not. However, whenever
any machine NOT behind the firewall tries to reach any of these 2 machines,
it fails (the farthest a successful ping can go at this point is the
firewall's external interface) even though the policy of every chain in
every table is ACCEPT and only SNAT and DNAT rules are specified. Can
anyone tell me how I could fix this problem? I realize that a firewall
should keep "outsiders" out, but we have servers that we want to protect
from malicious code and yet allow employees in our department limited access
to them.
- Next message: Nico Kadel-Garcia: "Re: How can I prevent users from mounting FAT32 partition?"
- Previous message: James T. Dennis: "Re: security? ? ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
