On Wed, Apr 18, 2001 at 03:17:33PM +0200, HGS: Buchleitner Martin wrote: > hi ! > > i got my pppd running. > i found many about iptables, but i did not find something about input / > output chains. > > how may i set the policies ? > how may i set these chains from ipchains to iptables ? > > ipchains -A input -i ppp0 -p tcp -s $DNSSERVER 53 -d $IPADDR 1024-65535 > -j ACCEPT > ipchains -A output -i ppp0 -p tcp -s $IPADDR 1024-65535 -d $DNSSERVER 53 > -j ACCEPT >
iptables -A INPUT -i ppp0 -p tcp -s $DNSSERVER --sport 53 -d $IPADDR --dport 1024: -j ACCEPT iptables -A OUTPUT -o ppp0 -p tcp -s $IPADDR --sport 1024: -d $DNSSERVER --dport 53 -j ACCEPT You need the multiport patch, from patch-o-matic (available in the iptables source, by typing "make patch-o-matic"), applied and enabled for this to work. There is good documentation available at: http://netfilter.samba.org/unreliable-guides/ Hope this helps! :) d -- Daniel Stone Linux Kernel Developer [EMAIL PROTECTED] -----BEGIN GEEK CODE BLOCK----- Version: 3.1 G!>CS d s++:- a---- C++ ULS++++$>B P---- L+++>++++ E+(joe)>+++ W++ N->++ !o K? w++(--) O---- M- V-- PS+++ PE- Y PGP>++ t--- 5-- X- R- tv-(!) b+++ DI+++ D+ G e->++ h!(+) r+(%) y? UF++ ------END GEEK CODE BLOCK------
