Re: Debian and IP Chains?
>doing some firewalling. I'm running 2.1.104 on my gateway, and I've played
>with ipfwcahins some.
ipchains :)
>2) Can someone share a recipe to allow incoming/outgoing ssh traffic. I
First, you have to allow traffic into the firewall:
# Any packets coming from your internal network is good
ipchains -A input -i eth0 -j ACCEPT
# next allow ssh port 22 through the ppp0 port
ipchains -A input -d <external-ip-of-firewall> 22 -j ACCEPT
That's it. You put both commands in your ppp-up script. I did this
successfully. In the ppp-in script there is a macro name for the ip
address of the ppp0 port, and you put that variable ($ipaddr ???) in place
of the <external-ip-of-firewall> and you are in good shape.
Then, in your ppp-down batch file, you put one command:
# kill the PPP0 port from a firewall standpoint
ipchains -A input -i ppp0 -j DENY
This ensures when you re-connect to the internet, or dial up server, the
firewall commands have been cleared and not duplicated. Otherwise if you
dial up, lose connect, and repeat 20 times (lousy ISP <G>), you end up with
a giant firewall table that doesn't do much. Just slows Linux down
unnecessarily.
Hope that helps. I'm slowly learning, and got this far :) I'm working on
port forwarding next.
Frederic Breitwieser
Bridgeport, CT 06606
Homebrew Automotive Website:
http://www.xephic.dynip.com/
Wanted - RWD Buick Flywheel that fits the 3.8L / 4.1L!
-
Reply to: