[ale] iptables rules
Stephan Uphoff
ups at tree.com
Wed Aug 4 15:20:04 EDT 2004
Repeat after me:
The INPUT chain is for a packet with the box itself as a destination
The OUTPUT chain is for locally generated packets
The FORWARD chain is for routed packages.
Routed packages will not go through the INPUT or OUTPUT chains.
This is different than it was with the old "ipchains".
/sbin/iptables -A FORWARD -p tcp -i ${PRIVATE} -s 192.168.254.0/24 -d
0.0.0.0/0 --dport 25 -j DROP
Stephan
> Here is one rule set:
> /sbin/iptables -A INPUT -p tcp -i ${PRIVATE} -s 192.168.254.0/24 -d
> 192.168.1.254/32 --dport 25 -j ALLOW
> /sbin/iptables -A INPUT -p tcp -i ${PRIVATE} -s 192.168.254.0/24 -d
> 0.0.0.0/0 --dport 25 -j DROP
>
>
> Should'nt the exception be before the rule?
>
>
> On Wed, 2004-08-04 at 14:45, Christopher Fowler wrote:
> > I have a machine on the network that I need to protect my bandwidth
> > from. This is a windows box and it is clear to me that it can not be
> > trusted.
> >
> > My firewall is 192.168.1.254 and I want it to be able to go to port 25
> > of that machine but not out the public interface. I also want to block
> > all outgoing ports other than 80.
> >
> > 2 Trojans were found on this machine and I think it has become a spam
> > box.
> >
More information about the Ale
mailing list