Assuming that eth0 is your internal interface, and eth1 is your public
interface, then to deny your internal packets from leaving your site, place
the following near the top of your ruleset, after you flush your rules, set
your default policies and do your spoofing checks:
ipchains -A output -i eth1 -S 192.168.0.0/16 -D 0/0 -j DENY -l
Cheers!
Jon
At 12:40 AM 3/16/00 -0600, Bryan Andersen wrote:
>Mikael Schmidt wrote:
> >
> > Hello,
> >
> > my ISP notified me a week ago that my internal ip, 192.168.1.1, is leaking
> > out on their net.
>what can I do to prevent this from
> > happening?
>I know for a while my home system was querying the DNS name servers for
>the names of 10.net addresses untill I setup my /etc/hosts files on all
>the machines I have with all the internal machine IP#/name pairings.
-----------------------------------------------------------------
Jon Earle (613) 612-0946 (Cell)
HUB Computer Consulting Inc. (613) 830-1499 (Office)
http://www.hubcc.ca 1-888-353-7272 (Within Canada/US)
"God does not subtract from one's alloted time on Earth,
those hours spent flying." --Unknown
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
