Re: Any holes in this firewall script?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Jun 04, 2003 at 11:12:37AM +0530, Dharmendra.T wrote:
> Yes, but after that you are allowing everything from all the
> interfaces.  Which is not recommended to do so.
>

Eh?  Which rules allow everything from all interfaces?

I have the following, which only allow all packets with the right
IP address range from internal interface and lo:

$IPTABLES -A INPUT -p ALL -i $INTIF -s $INTLAN -j ACCEPT
$IPTABLES -A INPUT -p ALL -i $LOIF -s $LOIP -j ACCEPT
$IPTABLES -A INPUT -p ALL -i $LOIF -s $INTIP -j ACCEPT
$IPTABLES -A INPUT -p ALL -i $LOIF -s $EXTIP -j ACCEPT

Jun


[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux