On Sat, 8 Jan 2000, Pat Hayden wrote:
> This is a question that I have regarding some of the "strong" rules for
> IPCHAINS. I have configured MASQ and strong filtering rules.
BUT...what do
> the following rules do? They are recommended, but I'm unclear as to
their
> purpose. Could someone shed some light on it for me? (these are cut
from
> the trinityos document):
>
> 1.
> # Reject outgoing traffic to the local net from the remote interface,
> # stuffed routing; deny & log
> /sbin/ipchains -A output -j REJECT -i $EXTIF -s $UNIVERSE -d $INTLAN
> $LOGGING
Sure..
This one rejects any output traffic arriving on external interface
from anywhere to your internal ips and logs anything that attempts to.
> 2.
> # Remote interface, claiming to be local machines, IP spoofing, get lost
&
> log
> /sbin/ipchains -A input -j REJECT -i $EXTIF -s $INTLAN -d $UNIVERSE
$LOGGING
This one rejects any input to your machine that arrives via external
interface from anywhere that claims to be from a machine on your internal
network and logs anything that attempts to.
Hope that helps...
Michael Cummings
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
