Hi everyone, I am running slackware 3.6(ipfwadm) and 7.0(ipchains) on different systems sl3.6 - 192.168.0.4, diald 0.16.5, ipfwadm, kernel v2.0.35 sl7.0 - 192.168.0.6, diald 0.99.2, ipchains, kernel v.2.2.13 I need some advice. I need to do the following to the clients' PC: 1) only allow clients to send/receive to/from local mail server 2) do not allow www browsing for certain clients. Will these statements do it? ipfwadm ******* /sbin/ipfwadm -F -p deny #Turn on the forwarding from 192.168.0.X /sbin/ipfwadm -F -a m -S 192.168.0.0/24 -D 0.0.0.0/0 # Allow email to go to the mail server (for everyone) /sbin/ipfwadm -F -a accept -b -P tcp -S 0.0.0.0/0 1024:65535 -D 192.168.0.4 25 # Reject Web connections to outside Web Server (from 192.168.0.250) /sbin/ipfwadm -F -a reject -b -P tcp -S 192.168.0.250 -D 0.0.0.0/0 80 1024:65535 ipchains ********* /sbin/ipchains -P forward DENY - Allow ip forwarding for your IP MASQ machines 192.168.0.0 /sbin/ipchains -A forward -s 192.168.0.0/24 -j MASQ # Allow email to go to the mail server (for everyone) /sbin/ipchains -A output -s 192.168.0.0/24 -d 192.168.0.6 25 -j ACCEPT # Reject Web connections to outside Web Server (from 192.168.0.250) /sbin/ipchains -A output -s 192.168.0.250 -d 0.0.0.0/0 80 -p tcp -j REJECT I would appreciate all the help I can get. Better still, if someone has any sample rules for the above or similar rules, please write to me at [EMAIL PROTECTED] Thanks in advance. *************************************************************** "What you get by achieving your goals is not as important as what you become by achieving your goals." Email : [EMAIL PROTECTED] Home Page : http://home.pacific.net.sg/~hkmun *************************************************************** - To unsubscribe from this list: send the line "unsubscribe linux-diald" in the body of a message to [EMAIL PROTECTED]
