Re: 2 nic setup for firewall machine
On Wednesday 12 February 2003 00:22, Jason McCarty wrote:
[...]
> > $IPT -A FORWARD -i $INTIF -o $EXTIF -p tcp --dport 80 -j ACCEPT
[...]
> > $IPT -A FORWARD -i $INTIF -o $EXTIF -p tcp --dport 8080 -j ACCEPT
> > $IPT -A FORWARD -i $INTIF -o $EXTIF -p tcp --dport 8080 -j ACCEPT
[...]
You might want to also add a rule with "--dport 443" here for https:// type
connections. Also the --dport 8080 rule is duplicated.
Also, I remommend the multiport option there:
$IPT -A FORWARD -i $INTIF -o $EXTIF -p tcp -m multiport --dport 80,8080,443
would allow all connections to commonly used http/https ports. Much easier to
read than a multitude of rules.
Regards,
Sven Müller
- IT - Network&Infrastructure -
--
* Heinrich Berndes Haushaltstechnik GmbH & Co KG
* Wiebelsheidestrasse 55, 59757 Arnsberg, Germany
* Phone: +49 2932 475-282 / FAX: -325
* http://www.berndes.com
Reply to: