I have made a simple firewall script ... it's very basic but it's working .. I have tried some others .. but I'm doing somethin' wrong ... and I'm goin' back to my script ...
Here it is :
Code:
#!/bin/sh
INTERNET="eth1"
LAN="eth0"
iptables -A INPUT -j ACCEPT
iptables -A OUTPUT -j ACCEPT
iptables -A FORWARD -j ACCEPT
iptables -t nat -A POSTROUTING -j MASQUERADE -o $INTERNET -s 192.168.0.2 -d 0/0
iptables -t nat -A POSTROUTING -j MASQUERADE -o $INTERNET -s 192.168.0.3 -d 0/0
iptables -t nat -A POSTROUTING -j MASQUERADE -o $INTERNET -s 192.168.0.100 -d 0/0
iptables -t nat -A POSTROUTING -j MASQUERADE -o $INTERNET -s 192.168.0.101 -d 0/0
iptables -A FORWARD -d 192.168.0.0/255.255.255.0 -j ACCEPT
iptables -A FORWARD -s 192.168.0.2 -j ACCEPT
iptables -A FORWARD -s 192.168.0.3 -j ACCEPT
iptables -A FORWARD -s 192.168.0.100 -j ACCEPT
iptables -A FORWARD -s 192.168.0.101 -j ACCEPT
It's gettin' internet from eth1 and it's sharing it to 4 computers on my local network . The server is Slackware. Kernel 2.4.26. I think it's time to upgrade my firewall. I want also to drop some packets and denie some ports. Cause the network is gettin' bigger. But my knowledge is very poor and every time I brake somethin' . My question is is the script above right ... and what should I upgrade ... Thank you in advance
Regards: Alex
