Hi This is not an answer to your problems :) but might help to make your setup slightly more secure.
On Wed, Jul 18, 2001 at 07:45:44PM -0600, Stefan Srdic wrote: [snip] > # Load IPTables module (s) > > depmod -a > modprobe ip_tables > > #Clear the table, delete user defined chains, prep for a new ruleset. > > iptables -F > iptables -X > iptables -P INPUT ACCEPT > iptables -P FORWARD ACCEPT > iptables -P OUTPUT ACCEPT [snip] At this point your box is wide open. If your network interfaces are up at this point, you are not blocking anything. i.e. there is a small window of opportunity for someone to do something nasty. You might consider doing this sort of thing: # Set policy to DROP iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT DROP # Clear out old rules iptables -F iptables -X # Each line of the script up to here closes the firewall more # than it was before the script started running. # At this point, fw is completely closed. # Specify the rules you want iptables -A blah blah blah [...] # Right at the end, set policy to what you really want (or leave # this out if you want your policy to be DROP anyway.) iptables -P INPUT ACCEPT iptables -P FORWARD ACCEPT iptables -P OUTPUT ACCEPT Hope that helps. -- Michael Wood | Tel: +27 21 762 0276 | http://www.kingsley.co.za/ [EMAIL PROTECTED] | Fax: +27 21 761 9930 | Kingsley Technologies
