Re: Re: ipchains / help
* louie miranda <louie@noc.chikka.com> [04-06-02 07:32]:
> Chain input (policy ACCEPT):
> target prot opt source destination ports
First of all you should set the policy to DENY or REJECT and then
permit only the protocols that you need. Then read something about
the different ICMP types.
For example:
To ping a host on the outside you have to accept outgoing ICMP packets type 8:
ipchains -A output -i $external interface -p icmp --icmp-type 8 -j ACCEPT
To receive an answer to your echo request permit type 0 "echo reply":
ipchains -A input -i $external interface -p icmp --icmp-type 0 -j ACCEPT
Jens
--
To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: