sarge firewall
Hi gang,
I have just installed the latest version of 'Sarge' the install went very smooth, which I am pleased
about. Basically this is how I want my setup to be.
Internet <->cablemodem<->debain(web/email/ftp server)<->hub<->Windows
1). Run a small web/email/ ftp server from the debain box
2). Access the Internet from my windows box.
I've been looking for a simple firewall/NAT ruleset, so far this is what I have found.
(192.168.10.45 is the ip on eth0, 192.168.20.1 is the ip on eth1)
iptables -F
iptables -N FIREWALL
iptables -F FIREWALL
iptables -A INPUT -j FIREWALL
iptables -A FORWARD -j FIREWALL
iptables -A FIREWALL -p tcp -m tcp --dport 25 --syn -j ACCEPT
iptables -A FIREWALL -p tcp -m tcp -s 192.168.20.1/24 --dport 22 --syn -j ACCEPT
iptables -A FIREWALL -i lo -j ACCEPT
iptables -A FIREWALL -p udp -m udp --sport 53 -j ACCEPT
iptables -A FIREWALL -p tcp -m tcp --sport 53 -j ACCEPT
iptables -A FIREWALL -p udp -m udp --dport 123 -j ACCEPT
iptables -A FIREWALL -p udp -m udp --sport 6277 -j ACCEPT
iptables -A FIREWALL -p udp -m udp --sport 24441 -j ACCEPT
iptables -A FIREWALL -p tcp -m tcp --syn -j REJECT
iptables -A FIREWALL -p udp -m udp -j REJECT
iptables-save > /etc/firewall-rules
iptables-restore < /etc/firewall-rules
Can anyone tell me, if using the above ruleset, I can access the net using my windows computer via
the debian box? If not, what rules do I need to add.
Thanks
Kev
Reply to: