On Sat, 8 Jan 2000, Pat Hayden wrote:

> This is a question that I have regarding some of the "strong" rules for
> IPCHAINS.  I have configured MASQ and strong filtering rules.
BUT...what do
> the following rules do?  They are recommended, but I'm unclear as to
their
> purpose.  Could someone shed some light on it for me?  (these are cut
from
> the trinityos document):
> 
> 1.
> # Reject outgoing traffic to the local net from the remote interface,
> # stuffed routing; deny & log
> /sbin/ipchains -A output -j REJECT -i $EXTIF -s $UNIVERSE -d $INTLAN
> $LOGGING

Sure..
This one rejects any output traffic arriving on external interface 
from anywhere to your internal ips and logs anything that attempts to.
 
> 2.
> # Remote interface, claiming to be local machines, IP spoofing, get lost
&
> log
> /sbin/ipchains -A input -j REJECT -i $EXTIF -s $INTLAN -d $UNIVERSE
$LOGGING

This one rejects any input to your machine that arrives via external
interface from anywhere that claims to be from a machine on your internal
network and logs anything that attempts to.


Hope that helps...


Michael Cummings



-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]

Reply via email to