Forwarding packets with Iptables
 

Hi,

I'm hopeing someone can help me create a nice iptables script? Basically I have a machine running snort and i have eth0 and eth1. I'm trying to use Iptables to basically put some security and forward all incoming traffic from eth0 and forward everything to eth1. If someone could point me in the right direction? I wanted to restrict as much access as possible only allowing ssh, www, vnc in and so on? can someone please help me? So far this is what I have...

# iptables configuration file

# module loading

/sbin/depmon -a

/sbin/modprobe ip_tables
/sbin/modprobe ip_conntrack
/sbin/modprobe iptable_filter
/sbin/modprobe iptable_mangle
/sbin/modprobe iptable_nat
/sbin/modprobe ipt_LOG
/sbin/modprobe ipt_limit
/sbin/modprobe ipt_state

#open ports for outbound established connections
$IPT -A OUTPUT -p tcp -s $NET -d 0/0 --destination-port 1:65535 -j ACCEPT
$IPT -A OUTPUT -p udp -s $NET -d 0/0 --destination-port 1:65535 -j ACCEPT

#Allow ssh and http
$IPT -t filter -A INPUT -p tcp -s 202.x.x.0/27 -d $NET --destination-port 22 -j ACCEPT
$IPT -t filter -A INPUT -p tcp -s 202.x.x.0/27 -d $NET --destination-port 80 -j ACCEPT

Hello Drunk :)

It looks like you basically want to let everything outbound and only 22(ssh) and 80(http) 5901(vnc)inbound. I don't really understand what you mean by "forward all incoming traffic from eth0 and forward everything to eth1", are you trying to set this box up as a router? If so I can help with that too, however this script doesn't do that.

hey =D

yea im rather new with iptables but anyways. Yeah basically I have a server running snort and I basically need to allow all incomming traffic with some restrictions like no ICMP, and such. I would like to also limit the ports that can be accessed with iptables. Like only ports 80, 22, and 5190 for vnc. I was thinking of taking all allowed traffic after that and forward everything to eth1 then from eth1 I would take the cable and put it into a swith? to forward everything else? do you think this will be fine?