I'am a new be.. I want to configure a firewall between my local network and internet, I want to permet 123.45.67.2 to see a http web server. I write this script, please correct to me if there is some error. is this enough? Thanks echo 1 > /proc/sys/net /ipv4/ip_forward IPTABLES -F INPUT IPTABLES -F OUTPUT IPTABLES -F FORWARD IPTABLES -P INPUT DROP IPTABLES -P OUTPUT DROP IPTABLES -P FORWARD DROP Iptables ?A INPUT -i lo ?j ACCEPT Iptables ?A OUTPUT -o lo ?j ACCEPT iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o eth0 -j MASQUERADE iptables -A FORWARD -i eth1 ?o eth0 -p tcp -d 123.45.67.2 --destination-port 80 ?m state --state NEW,ESTABLISHED -j ACCEPT iptables -A FORWARD ?p tcp -i eth0 ?o eth0 ?-source-port 80 ?m state --state ESTABLISHED -j ACCEPT __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
