Re: Lack of IQ problem
From: glassgnost (dlindnerSPAMBLOCKED@socal.rr.com)Date: 08/16/02
- Next message: GR: "Re: Slow ShutDown Caused by New ZoneAlarm 3.0"
- Previous message: Lars M. Hansen: "Re: Need advice re (low end) firewall"
- In reply to: David: "Lack of IQ problem"
- Next in thread: Jaz: "Re: Lack of IQ problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: glassgnost <dlindnerSPAMBLOCKED@socal.rr.com> Date: Thu, 15 Aug 2002 22:13:52 GMT
David wrote:
> Hiya
>
> As the subject states.. my problem is not with ipchains it is my
> simple inability to crack ipchains and understand it fluently. I am
> really just trying to set up my own simple firewall and understand it.
> I have read countless faq's/tutorials/scripts and on a whole
> understand it all. But when putting it too practice Its been quite
> dire. Basicly I just simply can't find out where I am going wrong.
>
> I've tried for months and have put two entire days into getting this
> going but it just won't work. (sigh) I'm just dumb.
>
> I have
>
> One network ( eth0 192.168.0.0-255 (192.168.0.0/24))
> One dialup account ( ppp0 0/0 ?)
>
>
> Anyway I want ALL tcp/udp/etc.. traffic within the LAN to be
> completely untoutched. (I can set up spoofing rules after the basics
> are working..)
>
>
> I want masquerading for internet access to be unlimited.. (IE LAN
> boxes can run icq/gnutella/anything.. (like normal))
> but I only want people on the internet to be able to do a few thing to
> ppp0.
> Like echo-request/echo-reply/ssh/http
> and to be denied/rejected on all other ports.
>
> Basicly the only real result I have been able to get was Yes.. only
> allowing certain rules on the ppp0 worked but LAN<-MASQ->INTERNET was
> restriceted to what I set up on the ppp0.
>
> So basicly I want to try and work out how to allow full masquerading
> as default and deny all incomming connections from the internet exept
> ones I want. (I have tried many many script and hacked alot too.
>
> I really am desperate now I'm afraid. (So desperate and tired I'm just
> using google groups to post.. (now thats bad!)).
>
> Any constructive addvice (or full scripts if you're that way inclined
> ;-) ) is very welcome.
>
> Thankyou again.
>
> David
> -Just another idiot (for today at least)
Check out http://linux-firewall-tools.com/linux/firewall/index.html -
It'll get you started.
BTW, from your description it looks like you've closed all the inbound
unpriveleged ports.
-- Mystical Reverend Doktor glassgnost, Minister of Unnatural Selection -- dlindner (at) socal (dot) rr (dot) com -- Eternal Salvation or Triple Your Money Back! http://www.subgenius.com ...or kill me!Receiving a million dollars tax free will make you feel better than being flat broke and having a stomach ache. -- Dolph Sharp, "I'm O.K., You're Not So Hot"
- Next message: GR: "Re: Slow ShutDown Caused by New ZoneAlarm 3.0"
- Previous message: Lars M. Hansen: "Re: Need advice re (low end) firewall"
- In reply to: David: "Lack of IQ problem"
- Next in thread: Jaz: "Re: Lack of IQ problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
