In article ,
Paul Heinlein wrote:
> On Tue, 16 Jun 2020, Leroy Tennison wrote:
>
> > I have a gateway machine (currently Centos 7 with IPV4 only) with two
> > NICs. One is connected to the internet, the other to an internal
> > network (10.0.0.0/24) of mixed hardware (windows7, android tablets,
> At 03:47 PM 6/16/2020, Kenneth Porter wrote:
>>The rule is in the wrong chain. The INPUT chain affects packets that
>>terminate at the same machine. You want to block packets that will
>>be passed on to the Internet, so your rule needs to be in the
>>FORWARD chain. (The OUTPUT chain affects packe
--On Tuesday, June 16, 2020 5:20 PM -0700 david wrote:
If someone can suggest a firewall-cmd equivalent, it would be nice.
Alas, firewalld is targeted at end nodes and doesn't really provide much
facility for routers. Its big advantage there is in setting up a reasonable
default firewall fo
At 03:47 PM 6/16/2020, Kenneth Porter wrote:
The rule is in the wrong chain. The INPUT chain affects packets that
terminate at the same machine. You want to block packets that will
be passed on to the Internet, so your rule needs to be in the
FORWARD chain. (The OUTPUT chain affects packets tha
The rule is in the wrong chain. The INPUT chain affects packets that
terminate at the same machine. You want to block packets that will be
passed on to the Internet, so your rule needs to be in the FORWARD chain.
(The OUTPUT chain affects packets that originate at your machine.)
Here's a nice
On Tue, 16 Jun 2020, Leroy Tennison wrote:
I have a gateway machine (currently Centos 7 with IPV4 only) with two
NICs. One is connected to the internet, the other to an internal
network (10.0.0.0/24) of mixed hardware (windows7, android tablets,
android phones, linux boxes) using NAT. I wish t
On Tue, Jun 16, 2020 at 1:26 PM david wrote:
>
> ... I'm assuming
> that your advice about LAN represents the internal network because on
> most routers, it is, and WAN is the internet connection.
>
>
>
yeah, LAN == Local Area Network, WAN == Wide Area Network, generally
meaning the internet.
At 12:30 PM 6/16/2020, John Pierce wrote:
On Tue, Jun 16, 2020 at 12:26 PM david wrote:
>
> Examples of what I've tried, and then tested. None of them stopped
> an outgoing SSH from an internal system.
>
>iptables -I INPUT -p tcp --dport 22 -s 10.0.0.0/24 -j DROP
>iptables -I INPUT -p
entries
will likely be an order of magnitude greater than the actual packet count.
From: CentOS on behalf of david
Sent: Tuesday, June 16, 2020 2:21 PM
To: CentOS mailing list
Subject: [EXTERNAL] [CentOS] firewall help request
CAUTION: This email originated from
On Tue, Jun 16, 2020 at 12:26 PM david wrote:
>
> Examples of what I've tried, and then tested. None of them stopped
> an outgoing SSH from an internal system.
>
>iptables -I INPUT -p tcp --dport 22 -s 10.0.0.0/24 -j DROP
>iptables -I INPUT -p tcp --dport 22 -s 10.0.0.0/24 -j DROP
>
>
>
Folks
I'm struggling with my firewall settings, and would appreciate some help.
I have a gateway machine (currently Centos 7 with IPV4 only) with two
NICs. One is connected to the internet, the other to an internal
network (10.0.0.0/24) of mixed hardware (windows7, android tablets,
android p
11 matches
Mail list logo
