[TriLUG] IPTABLES rule help

jason at localhost.cerient.net jason at localhost.cerient.net
Mon Jul 14 14:33:01 EDT 2003


you can create a nice little single-machine firewall script at
www.morizot.net/firewall.  the generated script is fairly well commented,
you'll probably be able to figure out the necessary changes on your own. 
if not, feel free to email me the resulting file and i'll give you a hand
with the mods.  with iptables it's not enough to simply spit out a few
rules since the overall order of the rules counts, you have to know the
default policies, insert the required kernel modules, set a few network
stack parameters, etc.

jason

>
> Hi guys,
>
> Need a quick iptables rule help if you don't mind.
>
> Goal.
> Allow anything from 10.17.23. , 10.17.24 (both /25 subnets) and 10.32.8.
>  (a /23 subnet.)
>
> Deny everything inbound from outside of those 3 subnets except for SSH
> and  pings.
>
> I'd still like to be able to fwd X and anything outgoing to anywhere.
>
> Any pro's have a 3 or 4 line ruleset for that order?
>
> Thanks, bp
>
> --
> TriLUG mailing list        :
> http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ
> : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
> TriLUG PGP Keyring         : http://trilug.org/~chrish/trilug.asc






More information about the TriLUG mailing list