[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: iptables q:

On 25 Aug 2003 09:04:35 +0200, 
Tinus Nijmeijers <tinus@deephosting.com> wrote in message 

> I have this great shorewall-based iptables setup that I have screwed
> up and reading it I have to admit that I have no idea really where to
> begin. 
> (Started reading the iptables-tutorial but I'm als in a hurry here.)

..try the http://shorewall.net docs, they deal with shorewall.
> Could someone divulge how I do this:
> firewall
> eth0: internet
> eth1: internal net
> -allow anything from the internal net to the firewall
> -allow port 22 from the outside to the firewall
> -masquerade ONLY port 80 from internal to internet.
> everything else should be closed.
> thanks.
> tinus

..if you have a vacant old box handy, toss in ipcop(.org), 
10 minutes setup, similarly "colored" networks.

..if you have webmin(.com), hop into its "Linux Firewall" 
module to save the current rules as is, and work from there.

..or, use webmin's shorewall module.

..med vennlig hilsen = with Kind Regards from Arnt... ;-)
...with a number of polar bear hunters in his ancestry...
  Scenarios always come in sets of three: 
  best case, worst case, and just in case.

Reply to: