thanks Meric. I'll try using iptables. what if i want to deny & log all incoming traffic to my eth0 and only allow specific port connections like smtp,http,ssh and imap? how do i specify port?
thanks, ina --- "Mara,Meric B" <[EMAIL PROTECTED]> wrote: > eto yung madaling paraan to do it. > (note: you can change the ethernet value kung saan mo gusto imasq > yung > network mo.) > > IPTABLES="/sbin/iptables" > > $IPTABLES -F INPUT > $IPTABLES -F OUTPUT > $IPTABLES -F FORWARD > > $IPTABLES -P INPUT DROP > $IPTABLES -P OUTPUT ACCEPT > $IPTABLES -P FORWARD ACCEPT > > #Enable IP FORWARDING > > echo 1 > /proc/sys/net/ipv4/ip_forward > > $IPTABLES -A INPUT -i lo -j ACCEPT > $IPTABLES -A INPUT -i eth0 -j ACCEPT > $IPTABLES -A INPUT -i eth1 -j ACCEPT > > $IPTABLES -t nat -A POSTROUTING -o eth0 -j MASQUERADE > > ========= > but if you you still want to use ipchains > > #iptables -F > #rmmod iptables > #service ipchains start > #chkconfig --level 35 ipchains on > > sana makatulong ito. > > meric > > ----- Original Message ----- > From: "Ina Patricia Lopez" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Tuesday, October 15, 2002 10:37 AM > Subject: Re: [plug] ipchains (masq) > > > > /sbin/iptables -L is working. I dont know how to use masq with > > iptables. Im just following these 3 lines for ipchains. > > > > echo 1 > /proc/sys/net/ipv4/ip_forward > > ipchains -P forward DENY > > ipchains -A forward -i ppp0 -j MASQ > > > > how to i unload iptables and load ipchains? > > > > thanks, > > ina patricia > > > > --- "Mara,Meric B" <[EMAIL PROTECTED]> wrote: > > > check if the IPTABLE is loaded in your kernel. > > > you must unload it first. > > > then insert IPCHAIN if that is what your prefer. > > > > > > but why not use IPTABLE? > > > > > > ----- Original Message ----- > > > From: "Ina Patricia Lopez" <[EMAIL PROTECTED]> > > > To: <[EMAIL PROTECTED]> > > > Sent: Tuesday, October 15, 2002 10:12 AM > > > Subject: [plug] ipchains (masq) > > > > > > > > > > Hi! > > > > I want to use ipchains for masquerading but im getting this > from > > > my > > > > linux box. How do i enable it? What do i need? > > > > > > > > thanks. > > > > inapatricia > > > > > > > > > > > > [root@IntraServ ]# /etc/rc.d/init.d/ipchains stop > > > > Flushing all chains: ipchains: Incompatible with this kernel > > > > [FAILED] > > > > Removing user defined chains: ipchains: Incompatible with this > > > kernel > > > > [FAILED] > > > > Resetting built-in chains to the default ACCEPT > policy:ipchains: > > > > Protocol not available > > > > [FAILED] > > > > [root@IntraServ ]# /etc/rc.d/init.d/ipchains start > > > > [root@IntraServ ]# /sbin/ipchains -L > > > > ipchains: Incompatible with this kernel > > > > [root@IntraServ ]# > > > > > > > > > > > > __________________________________________________ > > > > Do you Yahoo!? > > > > Faith Hill - Exclusive Performances, Videos & More > > > > http://faith.yahoo.com > > > > _ > > > > Philippine Linux Users Group. Web site and archives at > > > http://plug.linux.org.ph > > > > To leave: send "unsubscribe" in the body to > > > [EMAIL PROTECTED] > > > > > > > > Fully Searchable Archives With Friendly Web Interface at > > > http://marc.free.net.ph > > > > > > > > To subscribe to the Linux Newbies' List: send "subscribe" in > the > > > body to > > > [EMAIL PROTECTED] > > > > > > > > > > _ > > > Philippine Linux Users Group. Web site and archives at > > > http://plug.linux.org.ph > > > To leave: send "unsubscribe" in the body to > > > [EMAIL PROTECTED] > > > > > > Fully Searchable Archives With Friendly Web Interface at > > > http://marc.free.net.ph > > > > > > To subscribe to the Linux Newbies' List: send "subscribe" in the > body > > > to [EMAIL PROTECTED] > > > > > > __________________________________________________ > > Do you Yahoo!? > > Faith Hill - Exclusive Performances, Videos & More > > http://faith.yahoo.com > > _ > > Philippine Linux Users Group. Web site and archives at > http://plug.linux.org.ph > > To leave: send "unsubscribe" in the body to > [EMAIL PROTECTED] > > > > Fully Searchable Archives With Friendly Web Interface at > http://marc.free.net.ph > > > > To subscribe to the Linux Newbies' List: send "subscribe" in the > body to > [EMAIL PROTECTED] > > > > _ > Philippine Linux Users Group. Web site and archives at > http://plug.linux.org.ph > To leave: send "unsubscribe" in the body to > [EMAIL PROTECTED] > > Fully Searchable Archives With Friendly Web Interface at > http://marc.free.net.ph > > To subscribe to the Linux Newbies' List: send "subscribe" in the body > to [EMAIL PROTECTED] __________________________________________________ Do you Yahoo!? Faith Hill - Exclusive Performances, Videos & More http://faith.yahoo.com _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] Fully Searchable Archives With Friendly Web Interface at http://marc.free.net.ph To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
