Re: Portsentry tcpd and iptables question
Patrick Kirk(patrick@kirks.net) is reported to have said:
> Comments please - it seems to work but there may be obviuos gotchas I need
> to be aware of.
> Thanks.
>
> #!/bin/sh
>
> #Be secure, ish
> PATH=/sbin:$PATH; export PATH
>
> modprobe ip_conntrack
> modprobe ip_conntrack_ftp
> modprobe iptable_nat
>
> hostname=enterprise
> any="0.0.0.0/0.0.0.0"
>
> #Flush things
> iptables -F
> iptables -F -t nat
> iptables -F -t mangle
> iptables -X
At this point I setup the default policies.
# Default policies for packets addressed to or from this firewall
$IPTABLES -P FORWARD ACCEPT
$IPTABLES -P OUTPUT ACCEPT
$IPTABLES -P INPUT DROP
HTH
Wayne
--
The definition of an upgrade: Take old bugs out, put new ones in.
_______________________________________________________
Reply to: