Hi,
I would like to have this FreeRadius box on the Internet so a few of my
NAS devices can access it no matter where they are. I understand port
1812 and 1813 udp must be opened. I am looking for some example
IPTABLES (fedora core) entries that would enable UDP access to
FreeRadius.
I would really recommend that you simply read the iptables documentation
before throwing rules aroundbut anyway, are your NAS's in static address
locations? if so, you could throw something like this into your
/etc/sysconfig/iptables file:
-A INPUT -p udp -s xxx.xxx.xxx.xxx --dport 1812 -i eth0 -j ACCEPT
-A INPUT -p udp -s xxx.xxx.xxx.xxx --dport 1813 -i eth0 -j ACCEPT
-A INPUT -p udp -s xxx.xxx.xxx.xxx --dport 1814 -i eth0 -j ACCEPT
..then, at the end, have the catch-all
-A INPUT -i eth0 -j REJECT
assuming that eth0 is your world facing interface...
1812/1813 and 1814 covers control, auth, proxying and accounting.
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html