you can create a nice little single-machine firewall script at www.morizot.net/firewall. the generated script is fairly well commented, you'll probably be able to figure out the necessary changes on your own. if not, feel free to email me the resulting file and i'll give you a hand with the mods. with iptables it's not enough to simply spit out a few rules since the overall order of the rules counts, you have to know the default policies, insert the required kernel modules, set a few network stack parameters, etc.
jason > > Hi guys, > > Need a quick iptables rule help if you don't mind. > > Goal. > Allow anything from 10.17.23. , 10.17.24 (both /25 subnets) and 10.32.8. > (a /23 subnet.) > > Deny everything inbound from outside of those 3 subnets except for SSH > and pings. > > I'd still like to be able to fwd X and anything outgoing to anywhere. > > Any pro's have a 3 or 4 line ruleset for that order? > > Thanks, bp > > -- > TriLUG mailing list : > http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ > : http://trilug.org/faq/ > TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ > TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
