Hello Abu, It sounds to me like you're unclear on what that statement you executed did. If you follow the advice given earlier in this thread and set up a packet filter, it still won't work because you now have forwarding disabled. Then you'll write another email and they'll tell you to echo "1" > /proc/sys/net/ipv4/ip_forward, and it will start working again, but you still may not understand _why_... Following directions given elsewhere, you should be able to come up with a set of ipchains rules that will filter any traffic passing through your box. In order for the packet filter rules to accomplish anything at all, you'll need for there to be traffic running through the box to filter! That you noticed that someone was able to connect to icq before indicates that you (at least at one time) had your machine correctly set up to forward packets through it to the Internet. Other people on the list have correctly suggested that you should add a packet filter for security. I think the advice telling you "if you want to disallow access to icq, disable forwarding" was sort of like saying "if you don't want to get killed in a car accident, stay home." Sure, you can't connect to icq if you can't connected to the Internet. But there are other ways. There are safety belts. There are air bags. There are Volvos. You'll need to re-enable ip_forwarding, but make sure that you have fastened your seat belt (set up your firewall) correctly first. Also look at the files /etc/network/options and /etc/init.d/networking . When you echo "0" or "1" > /proc/sys/net/ipv4/ip_forward, you tell the kernel to disable or enable ipv4 forwarding, but in order to tell Debian that this machine will be doing this on a regular basis, you'll have to set it in /etc/network/options, and /etc/init.d/networking will read that file and notify the kernel appropriately on each boot. I may not have been much specific help, but I hope I persuade you to dig a little and understand what we're talking about when we say "forwarding" and "packet filter" and how to find out more about them. If I was wrong and you really do know what you're doing, I apologize for having assumed otherwise, and hopefully my words will help someone else on the list. Vineet * Abu H R (abu@nirwanalestari.com) [010628 12:23]: > I have tried using {echo "0" /proc/sys/net/ipv4/ip_forward} and after that i the abuser is stopped but it is also stop the other client to using outlook express. > > >
Attachment:
pgpXpSh1YoLpL.pgp
Description: PGP signature