[ Date Index ][
Thread Index ]
[ <= Previous by date / thread ] [ Next by date / thread => ]
On Thursday 14 Aug 2003 8:38 pm, Jonathan Melhuish wrote:
> On Wednesday 13 Aug 2003 11:01 pm, Mark Evans wrote:
> iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
>
> But "iptables -L" still doesn't list any rules :-( How come?
Use :
iptables -t nat -L
You do need to add some rules to the main tables - you've no firewall on ppp
at present!
#! /bin/bash
# from p175 Linux Security Basics
# soon to be available in the not-yet-there LUG library
for TABLE in filter nat mangle; do
iptables -t $TABLE -F
iptables -t $TABLE -X
done
iptables -t filter -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
for DNS in $(grep ^n /etc/resolv.conf|awk '{print $2}'); do
iptables -t filter -A INPUT -p udp -s $DNS --source-port domain -j
ACCEPT
done
iptables -t filter -A INPUT -p tcp -s 192.168.0.0/24 -j ACCEPT
iptables -t filter -A INPUT -p icmp -s 192.168.0.0/24 -j ACCEPT
iptables -t filter -A INPUT -p udp -s 192.168.0.0/24 -j ACCEPT
iptables -N logdeny
iptables -t filter -A logdeny -j LOG --log-level "info" --log-prefix "iptab: "
iptables -t filter -A logdeny -j DROP
iptables -t filter -A INPUT -i ! lo -m state --state NEW,INVALID -j logdeny
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
--
Neil Williams
=============
http://www.codehelp.co.uk
http://www.dclug.org.uk
http://www.biglumber.com/x/web?qs=0x8801094A28BCB3E3
Attachment:
pgp00021.pgp
Description: signature