/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! /* ALSO: Don't quote this header. It makes you look lame :-) */
Chuck PUP Payne wrote: > Hi, > > I have been using IP Chains for sometime now, but I have run into a problem > with my last install SuSE 7.3. I have been able to set up a rule to block a > group of addresses, but since install SuSE 7.2 my rules no longer work. > Before the upgrade we have set up that 192.168.0.X could get out on the > net. We had set up 192.168.1.X so they couldn't access the net. Now both > addresses can get out. Has something change that allows anyone out? > > Here the script I was running; > > > #! /bin/sh > # > ### This flushes all ipchains rules. > # > /sbin/ipchains -F > > # > ### THIS US UP BOOK RULES > # > /sbin/ipchains -P forward DENY > /sbin/ipchains -P input ACCEPT > /sbin/ipchains -P output ACCEPT > # > ### ALLOW ACCESS > # > /sbin/ipchains -A input 192.168.0.0/24 -j ACCEPT > # > ### BLOCK ACCESS > # > /sbin/ipchains -A output 192.168.1.0/24 -j REJECT > # > ### This is the net device that MASQ > # > /sbin/ipchains -A forward -s 192.168.0.0/24 -i eth0 -j MASQ > > > This has been the script that we run for two years with no problems. Has > something change in IP Chains? > > Thanks, > > Chuck Payne nothing has changed in ipchains but yuor new suse distribution has a newer kernel? if it has a 2.4 kernel, then you may have to reconfigure it to support ipchains (rather than iptables) and recompile it. btw, why don't you block those addresses for incoming packets? raf _______________________________________________ Masq maillist - [EMAIL PROTECTED] Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES UNSUBSCRIBING! or email to [EMAIL PROTECTED] PLEASE read the HOWTO and search the archives before posting. You can start your search at http://www.indyramp.com/masq/ Please keep general linux/unix/pc/internet questions off the list.
