Re: Iptable doesn't work

From: Colin McKinnon (
Date: 12/27/01

  • Next message: Todd Knarr: "Re: Read a file with only execute permission?"

    From: "Colin McKinnon" <>
    Date: Thu, 27 Dec 2001 13:03:26 -0000

    Baruah <> wrote in message
    > There are several computers(1....N) connected to the SERVER.
    > I'm trying to put iptables instead of ipchains in my SERVER.
    > On the SERVER I'm running Squid as a proxy server.
    > Now, I want some computers to access internet and some don't.The
    > pc's belonging to the persons who have an account in the proxy are to
    > be allowed to go through.So, I tried the below configuration in my
    > iptables to avoid Ip-Spoofing inside my own network.
    > *filter
    > :INPUT ACCEPT [255:28806]
    > :FORWARD DROP [0:0]
    > :OUTPUT ACCEPT [13:972]

    Use the redirection / access controls in squid - much easier - also you
    won't have to rewrite your rules every time the firewall / network changes.

    If your sure that your users are smart enough to spoof an ip address but
    dumb enough not change the MAC address too, then try arpwatch.



    Relevant Pages

    • Re: NIS client couldnt log in
      ... >> off iptables, the client bound to the server and all the yptools ... and ypbind in broadcast mode (ypcat and ypwhich would ... >> work at all if i specified the server). ... Further, ypbind uses the ...
    • Static IP w/ PPPoe xDSL Firewall
      ... iptables -F -t nat ... # Kill malformed XMAS packets ... # Refuse incoming packets pretending to be from the external address. ... # server/client to server query or response ...
    • Need help configuring IPtables w/ DMZ, 2 LAN, and INET
      ... I am desperately in need of assistance in configuring an IPtables ... firewall on a Red Hat Linux 9.0 server. ... Chain FORWARD ... tcp dpt:25 flags:0x16/0x02 ...
    • Re: Modprobe question
      ... >> Made some minor changes to iptables and did a restart. ... >> modprobe seems to be doing something but I can't tell what. ... >> course the server seems to be running fine. ...
    • connection lost when scanned with nmap - iptables
      ... The iptables script applied to the NIC is shown below. ... the web server or ssh into the server when I do this scan. ... echo 2> $f ... # Refuse packets claiming to be from a Class A private network. ...