IPChains help
Hi,
What's wrong with the following ruleset that I can't do any DNS lookups from the firewallhost ?
$IPCHAINS -P input ACCEPT
$IPCHAINS -P forward ACCEPT
$IPCHAINS -P output ACCEPT
$IPCHAINS -F
$IPCHAINS -X
# input rules
$IPCHAINS -A input -s $localnet -d $localnet -j ACCEPT
$IPCHAINS -A input -s $Any -d $localnet -j DENY
$IPCHAINS -A input -p tcp -s $Any -d $firewallhost smtp -j ACCEPT
$IPCHAINS -A input -p tcp -s $Any -d $firewallhost ssmtp -j ACCEPT
$IPCHAINS -A input -p tcp -s $Any -d $firewallhost auth -j ACCEPT
$IPCHAINS -A input -p tcp -s $Any -d $firewallhost pop3s -j ACCEPT
$IPCHAINS -A input -p udp -s $Any -d $firewallhost pop3s -j ACCEPT
$IPCHAINS -A input -p tcp -s $Any -d $firewallhost imaps -j ACCEPT
$IPCHAINS -A input -p udp -s $Any -d $firewallhost imaps -j ACCEPT
$IPCHAINS -A input -p tcp -s $Any -d $firewallhost https -j ACCEPT
$IPCHAINS -A input -p udp -s $Any -d $firewallhost https -j ACCEPT
$IPCHAINS -A input -p udp -s $Any domain -d $Any 1024:65535 -j ACCEPT
$IPCHAINS -A input -p tcp -s $Any domain -d $Any 1024:65535 -j ACCEPT
# forward rules
# output rules
$IPCHAINS -A output -s $localnet -d $Any -j ACCEPT
Using Debian 2.2 and gfcc to configure ipchains.
Thanks,
Eugene van Zyl
Reply to: