iptables question.
I am setting up a new squid daemon to run on my server. I want to make sure that everyone inside my network can access squid but I want to make sure everyone on the internet is blocked.
eth0 is connected to my internal LAN via: 192.168.0.5/255.255.255.0 eth1 is connected to the internet via: 1.1.1.1/255.255.255.248 Squid listens on port 3124 So far I have the following script for my iptables. iptables -F iptables -t nat -F iptables -X iptables -P FORWARD DROP iptables -P INPUT DROP iptables -P OUTPUT ACCEPT iptables -A INPUT -p tcp --dport 3124 -j ACCEPT iptables -A INPUT -p tcp --dport 22 -j ACCEPT iptables -A INPUT -p tcp --dport 80 -j ACCEPT iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT Is this correct? Will this allow all my LAN users access to squid while blocking outward attempts from the net to my server? Thanks in advance! -Ash |
Please post your thread once and in only one forum. Posting a single thread in the most relevant forum will make it easier for members to help you and will keep the discussion in one place. This thread is closed because it is a duplicate of http://www.linuxquestions.org/questi...on-4175439380/.
|
All times are GMT -5. The time now is 02:22 AM. |