Hello all, I'm running debian 3.0r1 stable with all security and usual updates. I was running a firewall wich is send with this e-mail as attachment. It was running fine, but recently my hdd died and recovery was to expensive and not necessary because I had a backup. I installed debian again, did all updates and I wanted to load the firewall, but when I load this one, my remote login hangs, I can't ping my server anymore and my network isn't working anymore, but the script has runned fine before. What is the problem? At this moment ipmasq is also installed to keep my network running, this is conflicting, I know but I don't know anything else. Can someone point me in the right direction? I'm using linux/debian from november 2002, so my knowledge is very small. HTH, Willem-Jan Meijer Netherlands Windows: Where do you want to go today? MacOS: Where do you want to be tomorrow? Linux: Are you coming or what?
echo -n "IPTables Firewall." IPTABLES="/sbin/iptables" #FLUSH echo -n "Flush all tables." $IPTABLES --flush echo -n "." $IPTABLES --table nat --flush echo -n "." $IPTABLES --delete-chain echo -n "." $IPTABLES --table nat --delete-chain echo ". done" echo -n " Setting up masquerading rules." # Set up IPFORWARDing and Masquerading $IPTABLES --table nat --append POSTROUTING --out-interface eth1 -j MASQUERADE echo -n "." $IPTABLES --append FORWARD --in-interface eth1 -j ACCEPT echo ". done" echo -n "Setting rules for loopback device." # Allow loopback access. $IPTABLES -A INPUT -i lo -p all -j ACCEPT echo -n "." $IPTABLES -A OUTPUT -o lo -p all -j ACCEPT echo -n "." echo -n "Setting rules for eth0 device." # accept established connections $IPTABLES -A INPUT -i eht0 -m state --state ESTABLISHED,RELATED -j ACCEPT echo -n "." #$IPTABLES -A INPUT -p tcp --tcp-option ! 2 -j REJECT --reject-with tcp-reset #echo -n "." $IPTABLES -A INPUT -p tcp -i eth0 --dport 21 -j ACCEPT echo -n "." $IPTABLES -A INPUT -p udp -i eth0 --dport 21 -j ACCEPT echo -n "." $IPTABLES -A INPUT -p tcp -i eth0 --dport 22 -j ACCEPT echo -n "." $IPTABLES -A INPUT -p udp -i eth0 --dport 22 -j ACCEPT echo -n "." $IPTABLES -A INPUT -p tcp -i eth0 --dport 25 -j ACCEPT echo -n "." $IPTABLES -A INPUT -p udp -i eth0 --dport 25 -j ACCEPT echo -n "." $IPTABLES -A INPUT -p tcp -i eth0 --dport 80 -j ACCEPT echo -n "." $IPTABLES -A INPUT -p udp -i eth0 --dport 80 -j ACCEPT echo -n "." $IPTABLES -A INPUT -p tcp -i eth0 --dport 110 -j ACCEPT echo -n "." $IPTABLES -A INPUT -p udp -i eth0 --dport 110 -j ACCEPT echo -n "." $IPTABLES -A INPUT -p tcp -i eth0 --dport 65500:65535 -j ACCEPT echo -n "." $IPTABLES -A INPUT -p udp -i eth0 --dport 65500:65535 -j ACCEPT echo -n "." $IPTABLES -A INPUT -p icmp -i eth0 -j ACCEPT echo ". done" echo -n " Setting rules for eth1 device." # Accept all incoming connections $IPTABLES -A INPUT -i eth1 -p all -j ACCEPT echo ". done" echo -n " Drop all other connection attempts." $IPTABLES -P INPUT DROP echo ". done"
