Hello, albi wrote: > > Hello, > > I'm trying to help to setup a simple firewall for a box which serves > internet for a small office, the box only needs to give access from the > outside for ssh and smtp, samba should be blocked, and apart from that > people should of course be able to use the internet for browsing.
Are you using Masquerading to access internet from your intranet? Since it is a "small office", I guess the answer is yes. In this case, you cannot access you internal boxes from internet. You can try Port Forwarding but I am not sure it works and this will be more tricky to configure than ipchains. If you DO have real internet address, check the routing rules. > Can someone point me to a simple ipchains-setup which just does > block "everything" except ssh and smtp ? Did you check the ipchains HowTo? I think you could find what you want. Michel
