Hello Menon, > I would like to configure the IPTables so that no new > connection can be established from outside to the Gateway. > > Network set up: Internet ---- ||eth1 |134.public-IP "Gateway" > 192.168.1.10 |eth0 ||----- inside I would suggest that you block all by default and then open the firewall with the rules you need. Something like (only fragments shown): $IPTABLES -P OUTPUT DROP $IPTABLES -P INPUT DROP $IPTABLES -P FORWARD DROP $IPTABLES -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT $IPTABLES -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT $IPTABLES -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT And then add the rules for allowed traffic. This way all not explicitly allowed is forbidden by default. -volker -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
