Firewall on router question

To: debian-firewall@lists.debian.org
Subject: Firewall on router question
From: Lars Schimmer <l.schimmer@cgv.tugraz.at>
Date: Mon, 19 Sep 2005 11:23:40 +0200
Message-id: <[🔎] 432E839C.8040708@cgv.tugraz.at>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi!

I've got some questions for understanding.
First I used ipchains on a router for a subnet. Easy going, ipchains
INPUT deny and allow for all IPs in the subnet worked great.
And the script was followed from top to bottom, e.g. first rule was
served first.

Now I setup a router with iptables, so I needed to use iptable FORWARD.
One big change: I need to setup 2 rules, one from outside to inside,
second form inside to outside, to use the net like I did with ipchains.
Second: could it be, that the forward target isn't followed top to
bottom in the script?
E.G. I've got 2 rules for dnetc in the top of the script, which allows
port 2046 access to all PCs in our subnet.
Later on I deny all access to one special PC. But on that PC I can't
update the distributed.net buffers at all...
Any hints?

Cya
Lars
- --
- -------------------------------------------------------------
TU Graz, Institut für ComputerGraphik & WissensVisualisierung
Tel.: +43 316 873-5405       E-Mail: l.schimmer@cgv.tugraz.at
PGP-Key-ID: 0xB87A0E03
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDLoOcVguzrLh6DgMRAjxVAKDa0UoE907/l1wiWuPHhWzmsZczWgCbBKCE
5vTKdp+gNc0Kb0cEIeDrbK4=
=Z7Tu
-----END PGP SIGNATURE-----

Reply to:

Follow-Ups:
- Re: Firewall on router question
  - From: Nathan Barham <nathan@sleepygeek.com>

Prev by Date: Re: how to control the ftp-data traffic
Next by Date: Re[1]: Приглашение - Английский Разговорный с преподавателями из С Ш А Stoller
Previous by thread: Re: how to control the ftp-data traffic
Next by thread: Re: Firewall on router question
Index(es):
- Date
- Thread