My firewall needs often change, in in an effort to make a easily felaxable firewall, i went tith the following format.
Chains like "DO_SSHD" find ssh traffic from valid hosts, then -j jumps it to anouther chain called "SSH_RULE"
i can then turn ON of OFF SSf with a simply comman...
iptables -F SSH_RULE
iptables -A SSH_RULE -j DROP
i do the same for Samba / FTP and HTTP servers.
there are 2 trusted Ip address ranges.. my university x.243.0.0/16 and the local network.
Iptables accepts x.243.0.0/16, and traffic from university is allowde through... however when i write the rule....
iptables -A DO_FTPD -p tcp --dport ftp -s 192.168.1.0/8 -j FTP_RULE
whn i look at the rile with "iptables -vL" the rule has changed to
0 0 FTP_RULE tcp -- any any 192.0.0.0/8 anywhere tcp dpt:ftp
the WRONG ip range.
why is iptables doing this ? how should i specify all IP's in my home network (between 192.168.1.X ???)
i cant work it out, this is driving me mad !
incase its important, im running a freshly compiled Gentoo on the MAD64 platform, with kernel gentoo-2.6.9-r14.