hai to all
I am learning( newbie ) to setup firewall in my home for that i have selected four system(sys1,sys2....sys4) for testing .I have
configured sys2 to act as a firewall with two NIC. sys3 and sys4 are inside the firewall . sys1 is not connected to firewall for
testing purpose.
the IP assignments are follows :
sys1 : ( fedora, not connected to firewall i am thinking, But i am not sure )
IP : 192.168.2.1 ,
gateway : blank
dns1 : blank
dns2 : blank
..................................
sys2
firewall ,IPTABLES )
eth0 192.168.2.2 ( private IP for local lan )
eth1 192.168.0.2 ( public IP form ISP --just for example )
gateway :192.168.0.1
dns1:202.56.230.5
dns2:202.56.230.6
..................................
sys 3: ( fedora, connected to firewall i am thinking, But i am not sure )
IP : 192.168.2.3 ,
gateway : 192.168.2.2 ( sys2 eth0)
dns1 : blank
dns2 : blank
...................................
sys 4 : ( fedora, connected to firewall i am thinking, But i am not sure )
IP : 192.168.2.4 ,
gateway : 192.168.2.2 ( sys2 eth0)
dns1 : blank
dns2 : blank
ssh service runs in this box
...................................
then my iptables rules are as followes
iptables -F (to flush all the existing rules, then i saved and restarted iptables )
INPUT chain :
iptables -A INPUT -s 192.168.2.1 -d 192.168.2.4 -p TCP --dport 22 -j REJECT ( to block the ssh request to sys4 )
OUTPUT chain :
iptables -A INPUT -s 0/0 -d 192.168.2.4 -p ALL -j REJECT ( to block all the trusted and untrusted ports )
FORWARD chain :
blank
these are my exact rules, and not any other than these
every thing is saved and restarted
....................................
what happened is that sys1(not connected to firewall) can ssh to sys4(connected,inside firewall),since the rules are written
not to ssh form sys1 to sys4..
then I came to know whatever the request I give, It directly goes as sys1 --> sys4. Not as sys1-----> sys2(firewall)---> sys4 .and the
firewall is not filtering and processing anything for both inbound and outbound (i think it's my mistake some where). the requests are directly going inside without firewall..
please suggest me an idea for the firewall to process the request first, I don't know where i am making mistake ...
thanks in advance ..