antken wrote: [...] > my first question is: > how can i change the rules in the current chains to let all traffic in > and > out ? ( i know this is dangerous but i am just messing on a test > machine )
ipchains -F input && ipchains -P input ACCEPT ipchains -F output && ipchains -P output ACCEPT ipchains -F forward && ipchains -P forward ACCEPT will flush them and change the default policy to ACCEPT for everything! You say that you're using the floppy image and that you also appreciate the danger but if you do this DON'T have anything open on the internal network, disconnect the cable or have a strong firewall in place. But a strong firewall is what you're after isn't it? - so it's disconnect then. > second question: > does any one know of a getting started with ipchains for dummies type > guide I'll do a quick edit as Eric's answered this, but in addition to the HowTo look at the FAQ as it should have a lot of good links http://www.linuxsecurity.com/docs/colsfaq.html and you can learn from this - create a firewall and see how it's laid out - reverse engineer it so to speak. http://www.linux-firewall-tools.com/linux/ > third question: > how would i go about letting a particular port both in and out, for > example port 1111 ? ipchains -A input -l -i eth0 -p tcp -s 0/0 -d 0/0 1111 -j ACCEPT ipchains -A output -l -i eth0 -p tcp -s 0/0 1111 -d 0/0 -j ACCEPT The position of the rule in the chain is also important, visit the read me with a stiff drink and all will be revealed, maybe two drinks. -- Cheers Glenn http://members.optushome.com.au/graybeard/linux/netboot.html _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
