John,
Just from inspection, I see a number of possible problems with your
command line.
> /sbin/ipchains -A input -j ACCEPT -p tcp =s $ANYWHERE -d $INTERNAL_NET -I
> $EXTERNAL_ADDR \! -y $LOG
Those are:
- "=s" should be "-s"
- "-I" should be "-i"
- $EXTERNAL_ADDR should be $EXTERNAL_IF, which should be defined
to be something like "eth0" or "eth1"
--Elgin
>>>>> In
><[EMAIL PROTECTED]>
>
>>>>> "Farrell, John" <[EMAIL PROTECTED]> wrote:
> I have a question with the RedHat 6.1 Ipchains. I am having a
> problem allowing established connections to be accepted back into the
> firewall. Right now I have to Accept all input by default, which is not too
> desirable. My input line is looking like this:
>
> /sbin/ipchains -A input -j ACCEPT -p tcp =s $ANYWHERE -d $INTERNAL_NET -I
> $EXTERNAL_ADDR \! -y $LOG
>
> $ANYWHERE is 0.0.0.0/0
> $INTERNAL_NET is the internal network address range
> $EXTERNAL_ADDR is the address of the external NIC card on the
> firewall machine.
>
>
> -- John P.
> Farrell --
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
