If you want a firewall, urpmi shorewall or look at gshield or something else to do this stuff for you.
If you want to learn netfilter & iptables, I can highly recommend "Policy Routing Using Linux" by Matthew Marsh, see Amazon or similar. You probably have something else matching above those rules which is stopping them from processing. On Tue, 2003-08-12 at 20:07, Thomas Gamble wrote: > I have been trying to get iptables set up on my gateway machine, but it isn't > working like I think it should. I have the following entry in the > rc.firewall script to block incoming SYN packets: > > EXT_IF="ppp0" > IPTABLES="//sbin/iptables" > $IPTABLES -A INPUT -i $EXT_IF -p tcp ! --syn -j ACCEPT > > yet ethereal shows these getting through: > > Source port: 1302 (1302) > Destination port: 135 (135) > Sequence number: 2684291305 > Header length: 28 bytes > Flags: 0x0002 (SYN) > 0... .... = Congestion Window Reduced (CWR): Not set > .0.. .... = ECN-Echo: Not set > ..0. .... = Urgent: Not set > ...0 .... = Acknowledgment: Not set > .... 0... = Push: Not set > .... .0.. = Reset: Not set > .... ..1. = Syn: Set > .... ...0 = Fin: Not set > > I also have the following: > > $IPTABLES -A FORWARD -i $EXT_IF -p tcp --dport 135 -s 0.0.0.0/0 -j DROP > > which should block packets detined for port 135, but also seems ineffective. > What might be the problem? The above is just a snippet from the rc.firewall > script. I can post it in its entirety if that would help. -- Jack Coates Monkeynoodle: A Scientific Venture...
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
