[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

RE: Problems with IP tables firewall (DNS and what the heck is this WinME box doing)


Why starting from scratch ?

Here is a link for a complete firewall script:

I am using it and it is working well. 



-----Original Message-----
From: Ehren Wilson [mailto:ewilson@echostar.ca] 
Sent: Wednesday, June 06, 2001 5:40 PM
To: debian-firewall@lists.debian.org
Subject: Problems with IP tables firewall (DNS and what the heck is this
WinME box doing)


I upgraded my kernel to 2.4.5 yesterday and decided to switch from using
a very loose ip chains script that was really only for masquarading to a
fairly tight ip tables setup.  As it stand all my services are working
but DNS, but DNS works when I query localhost or the internal 192 ip
(since these are both basically wide open on there respective
interfaces).  Here is what I currently have in my tcp_packets table for
port 53.
$IPTABLES -A tcp_packets -p TCP -s 0/0 --dport 53 -j allowed
and for UDP
$IPTABLES -A udpincoming_packets -p UDP -s 0/0 --source-port 53 -j
if any one has a clue please do lend it to me :)

My one other concern is that on my external interface one of the other
machines (a WinMe box) is hitting the broadcast ip of the external
network with UDP packets every few minutes, or seconds even, and causing
my logchecks to be mostly garbage but before I filter out the noise was
wondering if anyone had seen this before.

Jun  6 08:07:20 twitch kernel: IPT INPUT packet died: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:xx:xx:xx:xx:xx:xx:xx:00 SRC=xx.xxx.xx.121
DST=xx.xxx.xx.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=6667 PROTO=UDP
SPT=138 DPT=138 LEN=209 </snip>

My Linux box is xx.xxx.xx.120.  Oh well thanks for any advice/help.


To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact

Reply to: