LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 12-16-2002, 01:30 PM   #1
tarballed
Member
 
Registered: Jun 2002
Distribution: RH, FC, FreeBSD,OpenBSD
Posts: 326

Rep: Reputation: 30
IPTables examples?


Hello everyone.

I was curious if anyone could post a snippet of some IPTables examples?

Specifically, I wanted to see what the rules would like look for the following situation:

No outside access to my internal LAN. I have no web server, DNS server or email server. Just my LAN reaching the outside world to access email, DNS and web servers.

Also, the rules that would stop Ping, traceroute and NMAP requests.

I just want to get a feel of what the rules look like.

Thanks everyone.

I appreciate it.

tarballed
 
Old 12-16-2002, 02:25 PM   #2
indi
LQ Newbie
 
Registered: Dec 2002
Distribution: redhat
Posts: 14

Rep: Reputation: 0
why don't you browse http://www.shorewall.net/

You can avoid the complex iptable configuration. This tool will allow you to do the same with gerat ease.
 
Old 12-17-2002, 10:32 AM   #3
nastrand
LQ Newbie
 
Registered: Dec 2002
Location: Canada
Distribution: Slackware 9.0
Posts: 5

Rep: Reputation: 0
check out http://www.sns.ias.edu/~jns/security...les/rules.html
 
Old 12-20-2002, 01:57 PM   #5
tarballed
Member
 
Registered: Jun 2002
Distribution: RH, FC, FreeBSD,OpenBSD
Posts: 326

Original Poster
Rep: Reputation: 30
Just wanted to get some quick feedback on this NAT/MASQ setup...just want to see if I have this correct.

# MASQUERADE the connection (-j MASQUERADE).
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
# Turn on IP forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward

That about right? Using cable modem and receive my IP via DHCP.


THanks


Tarballed
 
Old 12-21-2002, 04:37 AM   #6
Grim Reaper
Member
 
Registered: Apr 2002
Distribution: Gentoo 2006.0 AMD64
Posts: 399

Rep: Reputation: 30
UnSpawn...could you please create a stick thread up the top of this forum thats closed with all your links in there...you've posted your huge list on security a few times, but i can't remember key words to search for, so to save time could you post them up the top...im going to slowly work my way thru them all, but im not going to save them to my machine, ill just come back to view them...also all these ones on IPTables, etc....

Pleaseeee
 
Old 12-23-2002, 02:17 PM   #7
Grim Reaper
Member
 
Registered: Apr 2002
Distribution: Gentoo 2006.0 AMD64
Posts: 399

Rep: Reputation: 30
any news?

Last edited by Grim Reaper; 12-26-2002 at 07:48 PM.
 
Old 12-27-2002, 10:07 AM   #8
peter_robb
Senior Member
 
Registered: Feb 2002
Location: Szczecin, Poland
Distribution: Gentoo, Debian
Posts: 2,458

Rep: Reputation: 47
You need to add
echo 1 > /proc/sys/net/ipv4/ip_dynaddr
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Can't compile QT tutorial examples Dravis Programming 12 01-13-2008 07:54 PM
Application examples of cdrdao satimis Linux From Scratch 2 09-25-2005 11:43 PM
Mass-Compile C++ examples Worstje Linux - Newbie 0 04-03-2004 04:54 AM
kernel compling examples deneme1984 Linux From Scratch 3 09-15-2003 03:51 AM
kde applet examples? sk8guitar Programming 1 07-13-2003 04:59 PM


All times are GMT -5. The time now is 05:12 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration