[ale] iptables rules
Chris Fowler
cfowler at outpostsentinel.com
Wed Aug 4 15:23:14 EDT 2004
On Wed, 2004-08-04 at 15:16, Stephan Uphoff wrote:
> Repeat after me:
> The INPUT chain is for a packet with the box itself as a destination
> The OUTPUT chain is for locally generated packets
> The FORWARD chain is for routed packages.
> Routed packages will not go through the INPUT or OUTPUT chains.
Thanks for that clarification.
>
> This is different than it was with the old "ipchains".
>
> /sbin/iptables -A FORWARD -p tcp -i ${PRIVATE} -s 192.168.254.0/24 -d
> 0.0.0.0/0 --dport 25 -j DROP
Yep. That is what I had to do.
>
> Stephan
>
>
> > Here is one rule set:
> > /sbin/iptables -A INPUT -p tcp -i ${PRIVATE} -s 192.168.254.0/24 -d
> > 192.168.1.254/32 --dport 25 -j ALLOW
> > /sbin/iptables -A INPUT -p tcp -i ${PRIVATE} -s 192.168.254.0/24 -d
> > 0.0.0.0/0 --dport 25 -j DROP
> >
> >
> > Should'nt the exception be before the rule?
> >
> >
> > On Wed, 2004-08-04 at 14:45, Christopher Fowler wrote:
> > > I have a machine on the network that I need to protect my bandwidth
> > > from. This is a windows box and it is clear to me that it can not be
> > > trusted.
> > >
> > > My firewall is 192.168.1.254 and I want it to be able to go to port 25
> > > of that machine but not out the public interface. I also want to block
> > > all outgoing ports other than 80.
> > >
> > > 2 Trojans were found on this machine and I think it has become a spam
> > > box.
> > >
>
More information about the Ale
mailing list