On Wednesday 10 April 2002 11:55 am, Raimund E. A. Eimann wrote: > What would be the simplest (and probably most insecure) ruleset? I could > try to use that and work my way back step by step to a secure system.
iptables -A INPUT -j ACCEPT iptables -A OUTPUT -j ACCEPT iptables -A FORWARD -j ACCEPT Probably useful to put BEFORE those rules some logging as well, so you can see what's coming in and out: iptables -A INPUT -j LOG --log-prefix Inbound iptables -A OUTPUT -j LOG --log-prefix Outbound iptables -A FORWARD -j LOG --log-prefix Forwarding Try to keep your traffic through the box to a minimum with this sort of logging, though - otherwise you won't see the wood for the trees.... PS: As another thought, can you put another box on either the internal or external network of the firewall, and run tcpdump / ethereal etc to see what packets are going out, and what packets are coming back ? Antony.
