 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
Hello, I am trying to implent rules in the INPUT chain, to block all outside connections to the GW or LAN hosts. My LAN uses the 10.x.x.x scheme. The GW is the Masquerading host. I want my LAN hosts to connect to the Internet. This is what I did, $ ipchains -A input -s 10.0.0.1 0: -p TCP -j ACCEPT At the end of the chain, if I add, $ipchains -A input -s 0.0.0.0/0 0: -p TCP DENY #to reject all other hosts my systems cannot access the Internet. If I delete the DENY rule, then my hosts can connect to the Internet. However, I want to block outside access to my LAN. I want to block even "ping" and "traceroute" requests from the outside. How can I achieve this? If someone, has implemented the chain rules, for a similar setup, I would appreciate you sharing your rules (with fake addresses). Thank you. Subba Rao subb3 at ibm.net ============================================================== Disclaimer - I question and speak for myself. http://pws.prserv.net/truemax/ ______________________________________________________________ - Subcription/unsubscription/info requests: send e-mail with "subscribe", "unsubscribe", or "info" on the first line of the message body to discuss-request at blu.org (Subject line is ignored).
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
