[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Searching for an appropriate iptables script

On Fri, Feb 08, 2002 at 10:45:15PM -0500, Jeff Bonner wrote:
> Last but not least, it's difficult to gauge my success (or failure)
> because I can't use a machine *outside* the firewall to run nmap against
> this setup.  Yes, I do have another system with Linux, but it's not
> located right next to this one, where I could immediately make changes
> and observe results.  Perhaps in the near future I can run a dial-up for
> that purpose, though.

A simple minded solution could be:

1) unplug the firewall from the internet
2) swap the internal and external ip addresses in your firewall rules
   [ you do use env-vars in your firewall to point to the different
     interfaces, don't you :]
3) test from a local machine that is now seen by the firewall is
   belonging to the hostile internet

groetjes, carel

Reply to: