 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
I guess that's it. Sorry. Chuck Young GTE Internetworking On Tue, 3 Aug 1999, Matthew Galster wrote: > Date: Tue, 3 Aug 1999 23:59:55 -0400 (EDT) > From: Matthew Galster <mattg at timesucker.ne.mediaone.net> > To: Chuck Young <cyoung at bbnplanet.com> > Cc: discuss at tarnhelm.blu.org > Subject: Re: Blocking Outside > > Umm, I see one for ipfwadm (as Jerry mentioned) but not for ipchains. Is it > hidden somewhere? > > MEG > > > > > Rumor has it that www.fwtk.org has an ipchains FAQ and example page. > > > > I haven't been there. See what you think. > > > > HTH, > > > > Chuck Young > > GTE Internetworking > > > > On Mon, 2 Aug 1999, Subba Rao wrote: > > > > > Date: Mon, 02 Aug 1999 08:48:29 -0400 (EDT) > > > From: Subba Rao <subb3 at ibm.net> > > > To: Boston Linux Users Group <discuss at Blu.Org> > > > Subject: Blocking Outside > > > > > > Hello, > > > > > > I am trying to implent rules in the INPUT chain, to block all outside connections to the GW or LAN hosts. > > > My LAN uses the 10.x.x.x scheme. The GW is the Masquerading host. I want my LAN hosts to connect > > > to the Internet. This is what I did, > > > > > > $ ipchains -A input -s 10.0.0.1 0: -p TCP -j ACCEPT > > > > > > At the end of the chain, if I add, > > > > > > $ipchains -A input -s 0.0.0.0/0 0: -p TCP DENY #to reject all other hosts > > > > > > my systems cannot access the Internet. If I delete the DENY rule, then my hosts can connect to the Internet. > > > However, I want to block outside access to my LAN. I want to block even "ping" and "traceroute" requests > > > from the outside. > > > > > > How can I achieve this? If someone, has implemented the chain rules, for a similar setup, I would appreciate > > > you sharing your rules (with fake addresses). > > > > > > Thank you. > > > > > > Subba Rao > > > subb3 at ibm.net > > > ============================================================== > > > Disclaimer - I question and speak for myself. > > > > > > http://pws.prserv.net/truemax/ > > > ______________________________________________________________ > > > > > > > > > - > > > Subcription/unsubscription/info requests: send e-mail with > > > "subscribe", "unsubscribe", or "info" on the first line of the > > > message body to discuss-request at blu.org (Subject line is ignored). > > > > > > > - > > Subcription/unsubscription/info requests: send e-mail with > > "subscribe", "unsubscribe", or "info" on the first line of the > > message body to discuss-request at blu.org (Subject line is ignored). > > > > - Subcription/unsubscription/info requests: send e-mail with "subscribe", "unsubscribe", or "info" on the first line of the message body to discuss-request at blu.org (Subject line is ignored).
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
