Atentie! Nu ma pricep! Cineva mi-a pus cineva in firewall_ul meus asta:
#din exterior icmp e mai limitat ca sa evite ping flood si alte rahaturi $IPT -A INPUT -p icmp -m limit --limit 20/m -i $EXTERNAL_INTERFACE -j ACCEPT $IPT -A INPUT -i $EXTERNAL_INTERFACE -p icmp -s $ANYWHERE --icmp-type 0 -d $IPADDR1 -j ACCEPT $IPT -A INPUT -i $EXTERNAL_INTERFACE -p icmp -s $ANYWHERE --icmp-type 3 -d $IPADDR1 -j ACCEPT $IPT -A INPUT -i $EXTERNAL_INTERFACE -p icmp -s $ANYWHERE --icmp-type 4 -d $IPADDR1 -j ACCEPT $IPT -A INPUT -i $EXTERNAL_INTERFACE -p icmp -s $ANYWHERE --icmp-type 11 -d $IPADDR1 -j ACCEPT $IPT -A INPUT -i $EXTERNAL_INTERFACE -p icmp -s $ANYWHERE --icmp-type 12 -d $IPADDR1 -j ACCEPT $IPT -A INPUT -i $EXTERNAL_INTERFACE -p icmp -s $ANYWHERE --icmp-type fragmentation-needed -d $IPADDR1 -j ACCEPT $IPT -A INPUT -i $EXTERNAL_INTERFACE -p icmp -s $ANYWHERE --icmp-type time-exceeded -d $IPADDR1 -j ACCEPT $IPT -A INPUT -i $EXTERNAL_INTERFACE -p icmp -d $IPADDR1 -j DROP $IPT -A OUTPUT -o $EXTERNAL_INTERFACE -p icmp -s $IPADDR1 --icmp-type 4 -d $ANYWHERE -j ACCEPT $IPT -A OUTPUT -o $EXTERNAL_INTERFACE -p icmp -s $IPADDR1 --icmp-type 8 -d $ANYWHERE -j ACCEPT $IPT -A OUTPUT -o $EXTERNAL_INTERFACE -p icmp -s $IPADDR1 --icmp-type 12 -d $ANYWHERE -j ACCEPT $IPT -A OUTPUT -o $EXTERNAL_INTERFACE -p icmp -s $IPADDR1 --icmp-type fragmentation-needed -d $ANYWHERE -j ACCEPT $IPT -A OUTPUT -o $EXTERNAL_INTERFACE -p icmp -s $IPADDR1 --icmp-type time-exceeded -d $ANYWHERE -j ACCEPT $IPT -A OUTPUT -o $EXTERNAL_INTERFACE -p icmp -m limit --limit 30/m -s $IPADDR1 --icmp-type echo-reply -d $ANYWHERE -j ACCEPT $IPT -A OUTPUT -o $EXTERNAL_INTERFACE -p icmp -s $IPADDR1 -j DROP Intrebare: Reprezinta aceasta o solutie la problema dumneavoastra? (sunt si eu curios daca o tzin degeaba) --- Detalii despre listele noastre de mail: http://www.lug.ro/
