extending ipmasq?

To: "Firewallers" <debian-firewall@lists.debian.org>
Subject: extending ipmasq?
From: "Paul Tod Rieger" <prie@abl.com>
Date: Wed, 18 Jul 2001 02:12:18 -0400
Message-id: <[🔎] 00e801c10f50$992f51a0$0404a8c0@abl.com>

I'm using the default setup of potato's ipmasq package between my public
eth0 and private eth1 interfaces.  How to change it to deny a public service
to an unfriendly network?

I've looked through the files in /etc/ipmasq/rules, and I90external.def
looks about right for additions like:

$IPCHAINS -A input -j DENY -i $i \
   -l -p all -s $idiots --destination-port $port

(as I90external.rul).  But I'm never too sure about my script (or man
page)reading skills.

Is there a better way to do this?  Do I need to make changes elsewhere, too?
TIA!

Tod
abl.com

Reply to:

Follow-Ups:
- Summary: extending ipmasq?
  - From: "Paul Tod Rieger" <prie@abl.com>

Prev by Date: Re: Linksys, ipchains/iptables and Apache
Next by Date: Confusing Slow Connections
Previous by thread: Re: Linksys, ipchains/iptables and Apache
Next by thread: Summary: extending ipmasq?
Index(es):
- Date
- Thread