Hey ppl,
Its been a while since I last posted, I have made
my installations (iptables, ACID, MySQL) and everything is working fine on my
home network.
I have been working at a college campus with some
3,000 users and want to set up my machine with RH 8.0 and iptables to keep
unwanted recons. I only have one NIC (eth0) with the DHCP client obtaining my
machines ip configuration.The question that I have pertains to the chains. Would
the rules be written on the output chain for my
machine....example
iptables -A OUTPUT -o eth0 -j
ACCEPT # allowing all internal communications out
eth0
With this rule on the input
chain....example
iptables -A INPUT -m state --state
RELATED,ESTABLISHED -j ACCEPT # to allow internally initiated connections
back in
Of course any communications that I would want to
initiate to my machine from another source would require a rule on the input
chain, which brings me to another question, can I write a rule that will only
accept communications on the input chain from a machines mac address, and to
keep matters simplistic, set up a RELATED,ESTABLISH rule on the output chain so
that particular communication can go back out??
Could this be this simple? Or, does this get more
complicated than I realize?? By the way, all (input, output, forward) chain
policies will be set to drop.
Ppl, your input and insight will be, most
gratefully appreciated.
Thanks,
Tim Rodriguez
Network Security Student
|