Regole iptables corrette?

To: "debian-italian" <debian-italian@lists.debian.org>
Subject: Regole iptables corrette?
From: "wannabe.mail" <wannabe.mail@libero.it>
Date: Sat, 15 Oct 2005 17:44:15 +0200
Message-id: <[🔎] IOERPR$4E949F4CF9BF4C96851E3C86E2484518@libero.it>

Ciao, ho impostato cosi le regole del firewall iptables:
Il firewall ha 2 schede di rete, con ip 192.168.x.x al router e 10.1.x.x ad un pc collegato.

Ecco le regole

#!bin/bash
#
#iptables -P FORWARD DROP
iptables -F
iptables -Z
modprobe ip_tables
modprobe ip_conntrack
modprobe iptable_filter
modprobe iptable_nat
modprobe ip_conntrack
modprobe ipt_MASQUERADE
modprobe iptable_nat
modprobe ip_nat_ftp
echo 1 > /proc/sys/net/ipv4/ip_forward
#
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP

iptables -A INPUT -i eth0 -j ACCEPT
iptables -A OUTPUT -o eth0 -j ACCEPT
iptables -A POSTROUTING -t nat -j MASQUERADE
iptables -A FORWARD -s 10.1.1.2 -j ACCEPT
iptables -A FORWARD -d 10.1.1.2 -j ACCEPT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT

Secondo voi sono corrette?
Altra domanda: avendo impostato all'inizio
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP

Tutte quello che viene sotto non dovrebbe essere ignorato?

ciao

Reply to:

Follow-Ups:
- RE: Regole iptables corrette?
  - From: "Le0n_84 debianized" <le0n_84@hotmail.com>

Prev by Date: Re: apt-build e flag
Next by Date: Re: apt-build e flag
Previous by thread: Re: apt-build e flag
Next by thread: RE: Regole iptables corrette?
Index(es):
- Date
- Thread