Am Sonntag, 7. Juli 2002 00:03 schrieb Antony Stone: > What are the logging rules on your firewall ?
[....] $IPTABLES -P INPUT DROP $IPTABLES -F INPUT $IPTABLES -P OUTPUT ACCEPT $IPTABLES -F OUTPUT $IPTABLES -P FORWARD DROP $IPTABLES -F FORWARD $IPTABLES -t nat -F #Allow only existing and related to INPUT $IPTABLES -A INPUT -i $EXTIF -m state --state ESTABLISHED,RELATED -j ACCEPT #Allow int. LAN to access firewall $IPTABLES -A INPUT -i $INTIF -j ACCEPT #Allow ADSL modem to talk to firewall (authentication) $IPTABLES -A INPUT -i eth0 -s 10.0.0.138 -d 10.0.0.150 -j ACCEPT #Allow loopback $IPTABLES -A INPUT -i lo -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT #Log the rest $IPTABLES -A INPUT -j LOG #FWD: Allow all connections OUT and only existing and related ones IN $IPTABLES -A FORWARD -i $EXTIF -o $INTIF -m state --state ESTABLISHED,RELATED -j ACCEPT $IPTABLES -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT $IPTABLES -A FORWARD -j LOG #Enable masquerading $IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE The thing is that I get those log entries only at that specific page (stud4.tuwien.ac.at)... Regards, Patrick
