Rony wrote: > Finally I was able to code the firewall exactly as it is intended to > operate. It was tough and I even tried to cheat by using Firestarter on > a live session and copy the resulting codes, but they turned out to be > even more complex than what I wanted. Even tried Shorewall but it did > not suit my purpose. I was almost giving up but finally got the wall up. > Now I have understood the main concepts and what goes to which table/chain. > Congratulations rony :-)
If you can, please put up detailed instructions/guidelines for other people. May be you can provide them with just your example. > In this setup, there are 15 machines in a LAN and except 4 senior users, > no one had internet access. However the company decided to get a remote > office setup at their website and everyone would pass on memos, to-dos, > jobs etc through it. Therefore net access had to be enabled but only to > that website. The 4 main users would still have to be allowed to go > anywhere on the net. > Just a thought: If that was the only requirement could it have been solved by proxy (e.g. squid) ? Thanks and Regards, Ranjeet Walunj -- http://mm.glug-bom.org/mailman/listinfo/linuxers

