ipchains help
Just started playing with IPCHAINS and I'm having trouble getting it
configured...
Basically, I want to DENY just about everything on the ppp0 from the
outside, but I need enough to let the following services work:
* Dynamically assigned nameservers
* Outbound SMTP to my ISP
* Inbound POP3 from my ISP using fetchmail
* Outbound ftp, telnet, www/https, timeserver (chronyd), whois,
nslookup, news (read/post), ssh, cvs
I deny input/output/forward, then allow everything between localhost and
localhost, specify ppp-out on output for ppp0 and ppp-in on input for
ppp0. Then I start specifying the outbound services, then inbound. My
biggest problems are domain name server rules, subsequent failure to
resolve outbound email server, and generally knowing what input/output
ports to leave open for data connections (high ports mostly, I guess).
Thanks in advance...
--
+----------------------------------------------------+
| Eric G. Miller egm2@jps.net |
| GnuPG public key: http://www.jps.net/egm2/gpg.asc |
+----------------------------------------------------+
Reply to: