config firewall for internal http and httos
Hi
I have to do the following on a LINUX firewall using iptables:
"Provide access through the firewall to the webserver from address on the internal network using http and https. I then need to block access through the firewall from all other sources and to all other ports."
Having investigated this, I am so what confused as to how to configure the firewall to do this. I have founf two options, but am not sure what it is:
iptables -A FORWARD -m state --state ESTABLISHED, RELATED, -j accept
iptables -A FORWARD -p tcp --dport443 -j accept
iptables -A FORWARD -j log
iptables -A FORWARD -j drop
OR it is this:
iptables -A INPUT -i $ETHERNET -p tcp -d $MYIP --dport 80 -j ACCEPT
iptables -A OUTPUT -o $ETHERNET -p tcp -s $MYIP --sport 80 ! --syn -j ACCEPY
iptables -A INPUT -i $ETHERNET -p tcp -d $MYIP --dport 22 -s $MYNET -j ACCEPT
iptables -A OUTPUT -o $ETHERNET -p tcp -s $MYIP --sport 22 -d $MYNET ! --syn -j ACCEPT
Can someone help me? I am new to this and am confused what the difference is. - but I only want to enable internal traffic, not external.
I look forward to some replies
Dales79
|