Well here are some problems ive been having with a script im attempting to implicate as a firewall.
first the variables..which appear to be fine but here they are for better understanding. #!/bin/sh INTERNET="eth0" # internet connected interface LOOPBACK_INTERFACE="lo" # l00p back0r IPADDR="not.giving.out.on.the.mailing.list" # your ip address MY_ISP="not.giving.out.on.the.mailing.list/22" # your isp adress range LOOPBACK="127.0.0.0/8" # l00p0r adress range CLASS_A="10.0.0.0/8" # Class a private networks CLASS_B="172.16.0.0/12" # Class b private networks CLASS_C="192.168.0.0/16" # Class c private networks CLASS_D_MULTICAST="224.0.0.0/4" # Class d multicast networks CLASS_E_RESERVED_NET="240.0.0.0/5" # Class e reserved addresses BROADCAST_SRC="0.0.0.0" # broadcast source address BROADCAST_DEST="255.255.255.255" # Broadcast destiantion adress PRIVPORTS="0:1023" # well-known privaledged port range UNPRIVPORTS="1024:65535" # unprivileged port range NAMESERVER="not.giving.out.on.the.mailing.list" # dns XWINDOW_PORTS="6000:6063" NFS_PORT="2049" POP_SERVER="not.giving.out.on.mailing.list." SOCKS_PORT="1080" OPENWINDOWS_PORT="2000" SQUID_PORT="3128" LOCKD_PORT="4045" SSH_PORTS="1020:65535" DHCP_SERVER="not.giving.out.on.mailing.list" #this rule has a syntax problem #Bad argument `1024:65535' #iptables -A OUTPUT -o $INTERNET -p tcp \ # -s $IPADRR --sport $UNPRIVPORTS \ # -d $NAMESERVER --dport 53 -j ACCEPT #these rules have syntax problems #Bad argument `53' #iptables -A OUTPUT -o $INTERNET -p udp \ # -s $IPADRR --sport 53 \ # -d $NAMESERVER --dport 53 -j ACCEPT #iptables -A INPUT -i $INTERNET -p udp \ # -s $NAMESERVER --sport 53 \ # -d $IPADRR --dport 53 -j ACCEPT #this rule has a syntax problem #Bad argument `1024:65535' #iptables -A OUTPUT -o $INTERNET -p tcp \ # -s $IPADRR --sport $UNPRIVPORTS \ # --dport 113 -j ACCEPT #these two rules have syntax problems Bad argument `1024:65535' #iptables -A OUTPUT -o $INTERNET -p tcp \ # -s $IPADRR --sport $UNPRIVPORTS \ # -d $POP_SERVER --dport 110 -j ACCEPT #iptables -A INPUT -i $INTERNET -p tcp ! --syn \ # -s $POP_SERVER --sport 110 \ # -d $IPADRR --dport $UNPRIVPORTS -j ACCEPT #both rules have a syntax error of Bad arguement '22' #iptables -A OUTPUT -o $INTERNET -p tcp \ # -s $IPADDR --sport $SSH_PORTS\ # -dport 22 -j ACCEPT #iptables -A INPUT -i $INTERNET -p tcp ! --syn \ # -sport 22 \ # -d $IPADDR --dport $SSH_PORTS -j ACCEPT #syntax error cant use -D with -A #iptables -A OUTPUT -o $INTERNET -p udp \ # -s $IPADDR --sport 68 \ # -D $DHCP_SERVER --dport 67 -j ACCEPT #syntax error Bad arguement '67' #iptables -A INPUT -i $INTERNET -p udp \ # -s $DHCP_SERVER --sport 67 \ # -d $IPADDR --dport 68 -j ACCEPT -- -Ross -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
