[ Date Index ][
Thread Index ]
[ <= Previous by date / thread ] [ Next by date / thread => ]
On Thursday 14 Aug 2003 8:38 pm, Jonathan Melhuish wrote: > On Wednesday 13 Aug 2003 11:01 pm, Mark Evans wrote: > iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE > > But "iptables -L" still doesn't list any rules :-( How come? Use : iptables -t nat -L You do need to add some rules to the main tables - you've no firewall on ppp at present! #! /bin/bash # from p175 Linux Security Basics # soon to be available in the not-yet-there LUG library for TABLE in filter nat mangle; do iptables -t $TABLE -F iptables -t $TABLE -X done iptables -t filter -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT for DNS in $(grep ^n /etc/resolv.conf|awk '{print $2}'); do iptables -t filter -A INPUT -p udp -s $DNS --source-port domain -j ACCEPT done iptables -t filter -A INPUT -p tcp -s 192.168.0.0/24 -j ACCEPT iptables -t filter -A INPUT -p icmp -s 192.168.0.0/24 -j ACCEPT iptables -t filter -A INPUT -p udp -s 192.168.0.0/24 -j ACCEPT iptables -N logdeny iptables -t filter -A logdeny -j LOG --log-level "info" --log-prefix "iptab: " iptables -t filter -A logdeny -j DROP iptables -t filter -A INPUT -i ! lo -m state --state NEW,INVALID -j logdeny iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE -- Neil Williams ============= http://www.codehelp.co.uk http://www.dclug.org.uk http://www.biglumber.com/x/web?qs=0x8801094A28BCB3E3
Attachment:
pgp00021.pgp
Description: signature