LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 05-20-2003, 02:26 AM   #1
chuck77
Member
 
Registered: Nov 2001
Location: singapore
Posts: 120

Rep: Reputation: 15
Networking/ pix firewall issue.


Wonder if anyone can help.

My LAN comprises fo the internal, DMZ and external zones.
This are controlled by pix 515 firewall. In the internal zone, we have router(64k lease line) to another company(A). If i were to allow the company(A) to ftp into one of our LAN server, how can i secured our server for ftp access only from company(A) ??

Right now, pix firewall is only able to secure access for DMZ and external zone. Because the router is in the internal zone and connect to company(A) via lease line. Wouldn't access via ftp allows company(A) to access all our internal servers ?? Pls advise.

 
Old 05-21-2003, 02:50 PM   #2
tarballedtux
Member
 
Registered: Aug 2001
Location: Off the coast of Madadascar
Posts: 498

Rep: Reputation: 30
Simple make an iptables script like this.



#!/bin/bash
echo "Setting up IP Tables: /etc/iptables"

modprobe ip_tables
modprobe ip_conntrack

# Flush Rules, get rid of any user-defined chains, zero counters:
iptables -F
iptables -F -t nat
iptables -X
iptables -Z

# Set policies for all pre-defined chains:
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP

iptables -A INPUT -p tcp –dport 21,20 -s <company A IP(s)> -j ACCEPT
iptables -A OUTPUT -p tcp -s <company A IP(s)> -j ACCEPT


Just fill in the appropriate IPs or range of IPs. Thats should work but it is not ultra secure. So your mileage may vary.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Open port in Cisco PIX firewall aisalen Linux - General 8 12-15-2005 06:51 PM
PIX firewall MAC address trebek Linux - Networking 2 08-12-2005 05:36 PM
Windows Networking Router or Firewall Issue? Daniel Linux - Networking 1 02-13-2004 01:29 PM
networking issue illkunundrum Linux - Newbie 1 09-27-2003 11:14 PM
Im running syslogd. I also have my PIX firewall logs being written to my linux syslog adamrau Linux - Security 2 12-19-2001 01:38 PM


All times are GMT -5. The time now is 06:54 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration