Rebecca wrote:
> i finally able to access the page. i added the 4th line on my chain
> rules.
>
> /sbin/ipchains -A input -p tcp -s 0.0.0.0/0 -d x.x.x.2 80 -l -j ACCEPT
> /sbin/ipchains -A input -p tcp -s 0.0.0.0/0 -d x.x.x.2 53 -l -j ACCEPT
> /sbin/ipchains -A input -p udp -s 0.0.0.0/0 -d x.x.x.2 53 -l -j ACCEPT
> /sbin/ipchains -A input -i eth0 -j ACCEPT
> /sbin/ipchains -A input -s 0.0.0.0/0 -l -j DENY
>
> i suspected that the DENY eth0 is causing the problem.
> i'd appreciate if you can give me a better set of rules that d above.
>
> browser(client)---- eth1--linux firewall--eth0---webserver
>
> 218=client
> 221=eth1
> 209=eth0
> 210=websvr
/sbin/ipchains -A input -i eth0 -p tcp -s 0.0.0.0/0 -d 202.163.229.210 80 -j ACCEPT
/sbin/ipchains -A input -i eth0 -p tcp -s 0.0.0.0/0 -d 202.163.229.210 53 -j ACCEPT
/sbin/ipchains -A input -i eth0 -p udp -s 0.0.0.0/0 -d 202.163.229.210 53 -j ACCEPT
/sbin/ipchains -A input -i eth0 -s 0.0.0.0/0 -j DENY
these are the rules at your *firewall box*.. my previous rules was only good at the
webserver box...
fooler.
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
