Re: [gentoo-user] iptables help

- Original Message - From: gabriel [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, September 01, 2003 2:57 PM Subject: Re: [gentoo-user] iptables help NO! that will pretty much negate the use of a firewall alltogether! where are you droping/rejecting packets? basically your

Re: [gentoo-user] iptables help

- Original Message - From: gabriel [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, September 01, 2003 2:57 PM Subject: Re: [gentoo-user] iptables help NO! that will pretty much negate the use of a firewall alltogether! where are you droping/rejecting packets? basically your

RE: [gentoo-user] iptables help

: [gentoo-user] iptables help I'm trying to create a firewall using iptables. I want it to drop incoming packets except to ports 22, 25, and 80 unless the source address is 192.168.254.x. I'm asking before I do this because I'm accessing the computer remotely right now and I don't want to cut myself

Re: [gentoo-user] iptables help

should this not be the second line line ? first the echo 1 /proc/sys/net/ipv4/ip_forward then all the drop statements and then the allow rules ? Patrick On Mon, 01 Sep 2003 12:23:38 -0500 Andrew Gaffney [EMAIL PROTECTED] wrote: iptables -P INPUT DROP -- Do you know what a Vulcan mind

Re: [gentoo-user] iptables help

Patrick Marquetecken wrote: should this not be the second line line ? first the echo 1 /proc/sys/net/ipv4/ip_forward then all the drop statements and then the allow rules ? I will probably move the DROP policy line back towards the top. I did it this way so I could be sure I didn't lock

Re: [gentoo-user] iptables help

On September 1, 2003 01:23 pm, Andrew Gaffney wrote: Based on replies on this list and another, I have come up with the following iptables rules that work for me: echo 1 /proc/sys/net/ipv4/ip_forward iptables -P INPUT ACCEPT iptables -F INPUT iptables -P OUTPUT ACCEPT

Re: [gentoo-user] iptables help

gabriel wrote: On September 1, 2003 01:23 pm, Andrew Gaffney wrote: Based on replies on this list and another, I have come up with the following iptables rules that work for me: echo 1 /proc/sys/net/ipv4/ip_forward iptables -P INPUT ACCEPT iptables -F INPUT iptables -P OUTPUT

Re: [gentoo-user] iptables help

-flags SYB,RST,RST,ACK SYN -j ACCEPT On August 29, 2003 01:41 pm, Andrew Gaffney wrote: Andrew Dacey wrote: - Original Message - From: Andrew Gaffney [EMAIL PROTECTED] To: Gentoo User [EMAIL PROTECTED] Sent: Friday, August 29, 2003 12:47 PM Subject: [gentoo-user] iptables help

Re: [gentoo-user] iptables help

On Fri, 29 Aug 2003 10:47:59 -0500 Andrew Gaffney [EMAIL PROTECTED] wrote: I'm trying to create a firewall using iptables. I want it to drop incoming packets except to ports 22, 25, and 80 unless the source address is 192.168.254.x. I'm asking before I do this because I'm accessing the

Re: [gentoo-user] iptables help

On Fri, 29 Aug 2003 20:52:42 +0200 Peter Eis [EMAIL PROTECTED] wrote: Why hazzle with iptables? I'd rather recommend using shorewall (emerge shorewall). It's much easier to configure and has as lot features you'll probably want. Peter Andrew Gaffney wrote: I'm trying to create a

Re: [gentoo-user] iptables help

On Friday 29 August 2003 20:12, Andrew Gaffney wrote: Rudmer van Dijk wrote: On Friday 29 August 2003 19:21, Andrew Gaffney wrote: Andrew Gaffney wrote: iptables -A INPUT -s 192.168.254.0/24 -p all -j ACCEPT iptables -A INPUT -p tcp --dport 22 -j ACCEPT iptables -A INPUT -p tcp --dport 25

[gentoo-user] iptables help

I'm trying to create a firewall using iptables. I want it to drop incoming packets except to ports 22, 25, and 80 unless the source address is 192.168.254.x. I'm asking before I do this because I'm accessing the computer remotely right now and I don't want to cut myself off from it. I'm

Re: [gentoo-user] iptables help

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I'd suggest the second option, but be sure to change the policy to DROP _after_ you've set up rules to allow you access. - -Jason Martin On Fri, 29 Aug 2003, Andrew Gaffney wrote: I'm trying to create a firewall using iptables. I want it to drop

Re: [gentoo-user] iptables help

So I should do: iptables -A INPUT -s 192.168.254.0/24 -p all -j ACCEPT iptables -A INPUT -p tcp --dport 22 -j ACCEPT iptables -A INPUT -p tcp --dport 25 -j ACCEPT iptables -A INPUT -p tcp --dport 80 -j ACCEPT iptables -P INPUT DROP The first line would accept anything from any IP in the

Re: [gentoo-user] iptables help

At 29 August, 2003 Andrew Gaffney wrote: I'm trying to create a firewall using iptables. I want it to drop incoming packets except to ports 22, 25, and 80 unless the source address is 192.168.254.x. I'm asking before I do this because I'm accessing the computer remotely right now and I

Re: [gentoo-user] iptables help

- Original Message - From: Andrew Gaffney [EMAIL PROTECTED] To: Gentoo User [EMAIL PROTECTED] Sent: Friday, August 29, 2003 12:47 PM Subject: [gentoo-user] iptables help I'm trying to create a firewall using iptables. I want it to drop incoming packets except to ports 22, 25, and 80

Re: [gentoo-user] iptables help

Andrew Dacey wrote: - Original Message - From: Andrew Gaffney [EMAIL PROTECTED] To: Gentoo User [EMAIL PROTECTED] Sent: Friday, August 29, 2003 12:47 PM Subject: [gentoo-user] iptables help I'm trying to create a firewall using iptables. I want it to drop incoming packets except

Re: [gentoo-user] iptables help

Andrew Gaffney wrote: Andrew Dacey wrote: - Original Message - From: Andrew Gaffney [EMAIL PROTECTED] To: Gentoo User [EMAIL PROTECTED] Sent: Friday, August 29, 2003 12:47 PM Subject: [gentoo-user] iptables help I'm trying to create a firewall using iptables. I want it to drop

Re: [gentoo-user] iptables help

On Friday 29 August 2003 19:21, Andrew Gaffney wrote: Andrew Gaffney wrote: iptables -A INPUT -s 192.168.254.0/24 -p all -j ACCEPT iptables -A INPUT -p tcp --dport 22 -j ACCEPT iptables -A INPUT -p tcp --dport 25 -j ACCEPT iptables -A INPUT -p tcp --dport 80 -j ACCEPT iptables -A INPUT

Re: [gentoo-user] iptables help

Rudmer van Dijk wrote: On Friday 29 August 2003 19:21, Andrew Gaffney wrote: Andrew Gaffney wrote: iptables -A INPUT -s 192.168.254.0/24 -p all -j ACCEPT iptables -A INPUT -p tcp --dport 22 -j ACCEPT iptables -A INPUT -p tcp --dport 25 -j ACCEPT iptables -A INPUT -p tcp --dport 80 -j ACCEPT

[gentoo-user] Re: [gentoo-x86] [gentoo-user] iptables help

In all this mess remember to accept packets to lo from your box as well as posibly icmp errors $iptables -A INPUT -i lo -j ACCEPT #Established related will take care of the return packets $iptables -A INPUT -p ICMP --icmp-type 0 -j ACCEPT echo Accepting ECHO REPLYS $iptables -A INPUT -p

Re: [gentoo-user] iptables help

Why hazzle with iptables? I'd rather recommend using shorewall (emerge shorewall). It's much easier to configure and has as lot features you'll probably want. Peter Andrew Gaffney wrote: I'm trying to create a firewall using iptables. I want it to drop incoming packets except to ports 22, 25,

Re: [gentoo-user] iptables help

On Fri, Aug 29, 2003 at 08:52:42PM +0200, Peter Eis wrote: Why hazzle with iptables? I'd rather recommend using shorewall (emerge shorewall). It's much easier to configure and has as lot features you'll probably want. I'll second that. Shorewall works at a higher level of abstraction -

[gentoo-user] Iptables help

Hello, I am setting up a wireless network and am using gentoo with the hostap driver as a access point. I can both ping from and to the machine from a wireless device to the machine and from a wired device to the machine, but i can not ping from a wireless device to another wired device on the