Re: iptables ruleset
On Thu, 3 Jan 2002, Jeff wrote:
> Martin A. Hansen, 2002-Jan-03 17:52 +0100:
> >
> > hi
> >
> > im putting up iptables on a server using the default ruleset that comes when install ipmasq under debian woody.
> >
> > now im wondering if that ruleset represents a strong firewall or what?
> > i want my internal network masqed, but no targets in the rulesset shows any masq activity?
> >
> > heres the ruleset;
> >
> > root@homer:/home/maasha# iptables -L
>
> Martin,
>
> Please post the results of 'iptables -vL' which will give more
> details on the ruleset. There are things missing with the
> 'iptables -L' command.
>
> jc
>
> --
> Jeff Coppock Systems Engineer
> Diggin' Debian Admin and User
>
>
> --
> To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
ok, here goes:
root@willy:/home/maasha# iptables -vL
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
4221 259K ACCEPT all -- lo any anywhere anywhere
0 0 LOG all -- !lo any 127.0.0.0/8 anywhere LOG level warning
0 0 DROP all -- !lo any 127.0.0.0/8 anywhere
0 0 ACCEPT all -- eth0 any anywhere 255.255.255.255
4031 298K ACCEPT all -- eth0 any localnet/24 anywhere
0 0 ACCEPT !tcp -- eth0 any anywhere BASE-ADDRESS.MCAST.NET/4
0 0 LOG all -- tr0 any localnet/24 anywhere LOG level warning
0 0 DROP all -- tr0 any localnet/24 anywhere
720 239K ACCEPT all -- tr0 any anywhere 255.255.255.255
375 127K ACCEPT all -- tr0 any anywhere rhpc119-213.rh.dk
0 0 ACCEPT all -- tr0 any anywhere 130.226.255.255
0 0 LOG all -- any any anywhere anywhere LOG level warning
0 0 DROP all -- any any anywhere anywhere
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
6933 504K ACCEPT all -- eth0 tr0 localnet/24 anywhere
4860 1756K ACCEPT all -- tr0 eth0 anywhere localnet/24
0 0 LOG all -- any tr0 anywhere localnet/24 LOG level warning
0 0 DROP all -- any tr0 anywhere localnet/24
0 0 LOG all -- any any anywhere anywhere LOG level warning
0 0 DROP all -- any any anywhere anywhere
Chain OUTPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
4221 259K ACCEPT all -- any lo anywhere anywhere
0 0 ACCEPT all -- any eth0 anywhere 255.255.255.255
1883 487K ACCEPT all -- any eth0 anywhere localnet/24
0 0 ACCEPT !tcp -- any eth0 anywhere BASE-ADDRESS.MCAST.NET/4
0 0 LOG all -- any tr0 anywhere localnet/24 LOG level warning
0 0 DROP all -- any tr0 anywhere localnet/24
0 0 ACCEPT all -- any tr0 anywhere 255.255.255.255
379 25872 ACCEPT all -- any tr0 rhpc119-213.rh.dk anywhere
0 0 ACCEPT all -- any tr0 130.226.255.255 anywhere
0 0 LOG all -- any any anywhere anywhere LOG level warning
0 0 DROP all -- any any anywhere anywhere
root@willy:/home/maasha#
Reply to: