At 10:59 AM 6/1/00 , Duncan Hill wrote:
>I'm trying to work out the rules that will allow outside connections
>to only connect to ports 22 and 80, while still allowing the internal
>network full access. Unfortunately, the internal network is NOT one
>of the network numbers assigned for LANs.
>
>Has anyone got a basic rule or three that I can springboard off of?
>Or are more details needed?
Hal Burgiss has an example file (but not like your setup) and links here:
http://personal.sdf.bellsouth.net/sdf/h/b/hburgiss/linux/ipchains.html
I think you're going to have a difficult time telling local traffic from
Internet traffic originating in the same namespace on your
machine. Someone must have set up a pretty froogy ipchains firewall on the
gateway computer. Maybe he/she could help you? Better yet, get this admin
to implement the local/Internet chains on this firewall where you can
leverage the interface to tell if the IP is local or remote.
-Alan
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
