Supposedly the new 2.4 Kernel has a compatablity mode that kicks in
automatically and uses the old ip-chains syntax.
-Steve Wolfe
Devdas Bhagat wrote:
> On Mon, 23 Apr 2001, Paty spewed into the ether:
>
> > Hi, i need information about Firewalls to RedHat 7.0, i don't know
> > how i can to configure the firewall in Linux RedHat 7.0.
> Get pmfirewall, or bastille Linux, and use those to configure your
> firewall.
> man ipchains, read the ipchains howto at Linuxdoc.org.
> Come back with specific questions, if you have any.
>
> (A simple firewall for a host with one nic: # is the root prompt, ; is a
> comment)
>
> ;Set all policies to deny, now the machine is effectively off the
> ;network
> #/sbin/ipchains -P input DENY
> #sbin/ipchains -P forward DENY
> #/sbin/ipchains -P output DENY
>
> ;This machine can accept connections only for www
> #/sbin/ipchains -s 0/0 1024: -d <your_machine_ip> 80 -p tcp -j ACCEPT
>
> ;ICMP should be allowed, stopping it breaks too many things
> #/sbin/ipchains -p icmp -j ACCEPT ;From any to any
>
> ;Deny everything else and log
> #/sbin/ipchains -s 0/0 -d <your_machine_ip> -l -j DENY
>
> Devdas Bhagat
> --
> I know how to do SPECIAL EFFECTS!!
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
