iptables -t filter -A INPUT -i ppp0 -m state --state
RELATED,ESTABLISHED --jump ACCEPT
> iptables -F INPUT
> iptables -F FORWARD
> iptables -F OUTPUT
>
> iptables -P INPUT DROP
> iptables -P FORWARD ACCEPT
> iptables -P OUTPUT ACCEPT
> iptables -t filter -A INPUT -i lo --jump ACCEPT
> iptables -t filter -A INPUT -i eth0 -m state --state
> RELATED,ESTABLISHED --jump ACCEPT
iptables -t filter -A INPUT -i ppp0 -m state --state RELATED,ESTABLISHED --jump ACCEPT
Spider wrote:
begin quote On Sat, 22 Nov 2003 21:33:32 -0600 "Chris" <[EMAIL PROTECTED]> wrote:
as a general rule of thumb it is best to run a firewall on all machines no mater what connection you use you are still at risk
A simple one that works reasonably is this :
iptables -F INPUT iptables -F FORWARD iptables -F OUTPUT
iptables -P INPUT DROP iptables -P FORWARD ACCEPT iptables -P OUTPUT ACCEPT iptables -t filter -A INPUT -i lo --jump ACCEPT iptables -t filter -A INPUT -i eth0 -m state --state RELATED,ESTABLISHED --jump ACCEPT
---- This will simply deny all incoming traffic that hasn't originated from the inside. Simple and easy.
//Spider
-- http://www.4-SMS.Com http://eShop.4-SMS.Com http://Mozilla.4-SMS.Com -*- If Linux doesn't have the solution, you have the wrong problem -*-
-- [EMAIL PROTECTED] mailing list