I have setup firewall rules on my linux box. The iptables script I have used is:
#!/bin/sh iptables -F iptables -P INPUT DROP iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -s 192.168.0.2/24 -i ppp0 -j DROP iptables -A INPUT -i eth0 -p icmp -j ACCEPT iptables -A INPUT -i eth0 -p tcp -j ACCEPT iptables -A INPUT -i eth0 -p udp --dport netbios-ns -j DROP iptables -A INPUT -i eth0 -p udp --dport netbios-dgm -j DROP iptables -A INPUT -i eth0 -p udp --dport bootps -j DROP iptables -A INPUT -i eth0 -p udp -j ACCEPT iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT #iptables -A INPUT -p tcp --dport auth -j REJECT --reject-with tcp-reset iptables -A INPUT -i ppp0 -p tcp -j REJECT iptables -A INPUT -i ppp0 -p udp -j DROP iptables -A INPUT -j LOG --log-level warning --log-prefix fw: # MASQUERADING iptables -t nat -P POSTROUTING DROP iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE My problem is that on my other machine on my small network I have setup a default rote to the linux box. The linux box has an ip 192.168.0.1 my other box has an ip 192.168.0.2. Now I can quite happily ping the linux box. However If I try to ping a box on the internet (my ISPs DNS server - this works from my linux box) I get 'Network unreachable'. So as a test I added the following iptables rule on my linux box: iptables -A INPUT -i eth0 -j LOG This results in all my pings to 192.168.0.1 being logged but not the ones to the DNS server. Any ideas would be much appreciated.... Thanks Claude
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
