On Friday 20 Sep 2002 1:05 am, Nikolai wrote:
> I have setup the following rules for my ipchains:
> :input ACCEPT
> :forward DENY
> :output ACCEPT
I like to do
:input DENY
:forward DENY
:output DENY
and then add rules for legitimate traffic, but pros and cons have been
discussed before I'm sure.
> -A input -j DENY -p all -l -s 127.0.0.0/8 -i eth0 -d 0.0.0.0/0
DENY everything from 127* address range on ALL protocols
> -A input -i eth0 -s 0/0 -d 0/0 -p tcp -y -j DENY -l
DENY everything on eth0 for tcp protocol.
I can see no rule to DENY ICMP on eth0 for any IP address.
> I did an online-based scan at scan.sygate.com and everything appears to
> be 'blocked' except ICMP service on port 8.
-A input -i eth0 -s 0/0 -d 0/0 -p icmp -l -j DENY
I think.
You might also want to add
-A input -i eth0 -s 0/0 -d 0/0 -p udp -l -j DENY
to block UDP protocols connections. I'm assuming your eth0 interface doesn't
have a 127.0.0.0/24 address - that is the loopback normally.
Mike
--
_______________________________________________________________________
"In their capacity as a tool, computers will be but a ripple on the
surface of our culture. In their capacity as intellectual challenge,
they are without precedent in the cultural history of mankind."
Edsger Wybe Dijkstra on Computers
