Hi Joerg,
I don't quite understand your script (I'm not an expert though).
Something that worked very well for me can be found at
http://www.seligma.com/linux-user/firewalls/ .
For further information, see also http://www.netfilter.org/unreliable-guides/ .
On Tue, Oct 14, 2003 at 01:30:12PM +0200, Joerg Johannes wrote:
Hi everybody
I have configured my kernel with iptables enabled:
# IP: Netfilter Configuration
# CONFIG_IP_NF_CONNTRACK is not set
# CONFIG_IP_NF_QUEUE is not set
CONFIG_IP_NF_IPTABLES=y
CONFIG_IP_NF_MATCH_LIMIT=m
CONFIG_IP_NF_MATCH_MAC=m
CONFIG_IP_NF_MATCH_PKTTYPE=m
CONFIG_IP_NF_MATCH_MARK=m
CONFIG_IP_NF_MATCH_MULTIPORT=m
CONFIG_IP_NF_MATCH_TOS=m
CONFIG_IP_NF_MATCH_RECENT=m
CONFIG_IP_NF_MATCH_ECN=m
CONFIG_IP_NF_MATCH_DSCP=m
CONFIG_IP_NF_MATCH_AH_ESP=m
CONFIG_IP_NF_MATCH_LENGTH=m
CONFIG_IP_NF_MATCH_TTL=m
CONFIG_IP_NF_MATCH_TCPMSS=m
CONFIG_IP_NF_MATCH_UNCLEAN=m
CONFIG_IP_NF_MATCH_OWNER=m
CONFIG_IP_NF_FILTER=m
CONFIG_IP_NF_TARGET_REJECT=m
CONFIG_IP_NF_TARGET_MIRROR=m
CONFIG_IP_NF_MANGLE=m
CONFIG_IP_NF_TARGET_TOS=m
CONFIG_IP_NF_TARGET_ECN=m
CONFIG_IP_NF_TARGET_DSCP=m
CONFIG_IP_NF_TARGET_MARK=m
CONFIG_IP_NF_TARGET_LOG=m
CONFIG_IP_NF_TARGET_ULOG=m
CONFIG_IP_NF_TARGET_TCPMSS=m
CONFIG_IP_NF_ARPTABLES=m
CONFIG_IP_NF_ARPFILTER=m
CONFIG_IP_NF_ARP_MANGLE=m
Then I went to
http://www.lowth.com/LinWiz/1.09/PersonalFirewall/fw.pl/iptables
and accepted the default settings, downloaded the generated shell script
and ran it. Afterwards, I could not surf the web anymore, could not get
emails with pop / send with smtp = all the net was dead. I have
attached the script, maybe some experts can tell me what to do.
Thanks,
joerg
--
Gib GATES keine Chance!
Viele Grüße
--
Joachim Fahnenmüller
# Hi! I'm a .signature virus. Copy me into
# your ~/.signature to help me spread!
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]