firewalling
Hi,
I set up a unix machine (PowerMac 7200 with Debian) to do masquerading so
that we can share our cable modem.
As I don't really know what I am doing, I was delighted to find that just
installing everything made it work. However, I'd like to improve things a
bit and I don't know how.
I tried reading the HOWTOs but I don't really understand them.
This is the firewall set-up at the moment
TheRouter:~# ipchains -L
Chain input (policy DENY):
target prot opt source destination ports
ACCEPT all ------ anywhere anywhere n/a
DENY all ----l- 127.0.0.0/8 anywhere n/a
ACCEPT all ------ localnet/24 anywhere n/a
DENY all ----l- localnet/24 anywhere n/a
ACCEPT all ------ anywhere
pc-62-30-226-80-ki.blueyonder.co.uk n/a
ACCEPT all ------ anywhere 255.255.255.255 n/a
DENY all ----l- anywhere anywhere n/a
Chain forward (policy DENY):
target prot opt source destination ports
MASQ all ------ localnet/24 anywhere n/a
DENY all ----l- anywhere anywhere n/a
Chain output (policy DENY):
target prot opt source destination ports
ACCEPT all ------ anywhere anywhere n/a
ACCEPT all ------ anywhere localnet/24 n/a
ACCEPT !tcp ------ anywhere BASE-ADDRESS.MCAST.NET/4 any
-> any
DENY all ----l- anywhere localnet/24 n/a
ACCEPT all ------ pc-62-30-226-80-ki.blueyonder.co.uk anywhere
n/a
ACCEPT all ------ 255.255.255.255 anywhere n/a
DENY all ----l- anywhere anywhere n/a
Is it possible to let through incoming connections so that FTP and Gnutella
will work?
Thanks for reading,
Richard.
--
Richard Barraclough
richard@sigma.ndo.co.uk
(PGP public key available on request)
Reply to: