Beats me. What is $LIMIT? But anyway, do you have to make your script so complicated?
Ramin On Wed, Feb 27, 2002 at 11:20:50PM +0100, Torben Nielsen wrote: > Below I have tried to copy the relevant things out of my filters. The rule should >drop every thing except > packets to my internal network. > > # Abbreviation for the iptables program: > I=/usr/local/sbin/iptables > > ALLINTNETWORK="10.0.0.0" # The 10.0.0.0/8 network > ALLINTNETMASK="255.0.0.0" > ALLINTNET="$ALLINTNETWORK/$ALLINTNETMASK" > > > INTIF="eth0" > > > $I -A if-LogDrop-int $LIMIT -j LOG --log-prefix "Bad input packet, internal: " > $I -A if-LogDrop-int -j DROP > > $I -A if-LogDrop -i $INTIF -j if-LogDrop-int > > $I -A i-int -s $ALLINTNET -j ACCEPT > $I -A i-int -j if-LogDrop > > $I -A INPUT -i $INTIF -j i-int
