You should check out the shorewall package ( http://shorewall.sourceforge.net/ ).
Shorewall is a script that sets up the netfilter firewall from a list of easier-to-understand rules and configuration files.
It also has some examples that may cut down your "time-to-internet" from the other computers on the network, and the defaults are probably better, security-wise, than anything you'll come up with on your own.
Lior
Guy Teverovsky wrote:
--=-X1DTPcYwJufIxwnwUEGL Content-Type: text/plain Content-Transfer-Encoding: 7bit
See attached the cut-down version of the script I use. It has port forwarding examples and a bunch of things I added.
Guy
On Mon, 2004-04-26 at 17:17, David Suna wrote:
Yes, the problem seems to be with the IPTABLES. I used the RedHat tool for setting up the IPTABLES but that didn't seem to work.
I found the instructions below to clear out and set up a simple table for maquerading.
iptables -F
iptables -t nat -F
iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -j MASQUERADE
Now I need to figure out how to add to this to include disabling any outside connections (while still allowing the machines on the LAN to use the services of the Linux box, i.e. telnet, http etc.).
Also, I need to figure out how to save this so that the
Thanks, David Suna.
On 26 Apr 2004 at 15:28, Shaul Karl <[EMAIL PROTECTED]> wrote:
On Mon, Apr 26, 2004 at 09:01:40AM +0000, david wrote:
I have all of that set up. Before I had ip_forward turned on theiptables (the firewall rules)?
packets didn't even go out on the Internet. Now they go out but with
the wrong IP address (i.e. they say they are coming from 192.168.0.4
instead of the IP address of my Internet connection).
David Suna
David's Consultants R.G.A Ltd
[EMAIL PROTECTED]
972-2-993-8613
=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
