good morning, i�m trying to set up my redhat router a little bit more save, here is my actual setup.
# delete old rules iptables -F iptables -t nat -F # enable masquerading iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE # enable ip_forwarding echo 1 > /proc/sys/net/ipv4/ip_forward # set standard chain policies to DROP iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT DROP # set INPUT rules iptables -A INPUT -p tcp -s 192.168.1.0/24 -i eth0 --dport 22 -j ACCEPT # set FORWARD rules iptables -A FORWARD -s 192.168.1.0/24 -i eth0 -o ppp0 -j ACCEPT iptables -A FORWARD -d 192.168.1.0/24 -i ppp0 -o eth0 -j ACCEPT # set OUTPUT rules iptables -A OUTPUT -p tcp -d 192.168.1.0/24 -o eth0 --sport 22 -j ACCEPT All works fine but all traffic and all ports are able to use but that's not what i want. Now, i delete the FORWARD rules and changed it to: iptables -A FORWARD -s 192.168.1.0/24 -p tcp --dport 80 -i eth0 -o ppp0 -j ACCEPT iptables -A FORWARD -d 192.168.1.0/24 -p tcp --sport 80 -i ppp0 -o eth0 -j ACCEPT in hope to forward only http traffic but it dosn't work. can anyone help, please ? best wishes Daniel Krueger
