Hi Everybody: I need an advice from someone about what to do. I have a small lan and looking to connect it to the net through a LinkSys router using OpenWrt. The router comes with a built in rules that does everything. However, I'm a new to iptables, and therefore it would be good chance for me to be introduced to this tool. I need to delete all the built in rules and recteate them again from scratch in order to know what each of them does... I wrote a small script to excute and save my rules in. The router stopps responding when I excute the script, and I have to reboot it. All I need at this point is to disable any connection attempt from out side ($WAN) and enable everything on the ($LAN) side. Here's what I did so far. Can any one tell me what's next, or what I'm missing ?? #delete all the existing rules from all chains iptables -F INPUT iptables -F OUTPUT iptables -F FORWARD #set the default policy on the external interface not to accept anything iptables -P INPUT -i $WAN -j REJECT # dont let anything coming from outside iptables -P OUTPUT -i $WAN -j ACCEPT # let anything go out iptables -P FORWARD -i $WAN -j REJECT # dont forward anyhting from outside to inside ####################################### ## allow everyThign internally ####################################### iptables -f filter -A INPUT -i $LAN -j ACCEPT iptables -f filter -A INPUT -o $LAN -j ACCEPT iptable -A OUTPUT -i $LAN -j ACCEPT iptable -A OUTPUT -o $LAN -j ACCEPT ####forward internally through the br0 iptables -f filter -A FORWARD -i $LAN -j ACCEPT iptables -f filter -A FORWARD -o $LAN -j ACCEPT Thanx -- Mansour Al-Aqeel mansour77@xxxxxxxxxxx -- http://www.fastmail.fm - I mean, what is it about a decent email service?
