Hi people, i need some help with my firewall, I have 2 Nets, one 192.168.1.0 /255.255.255.0 for internal clients and other public 200.40.228.66/255.255.255.240 I need a firewall to bring connectivity to Internal Network and close all for outside access to my network only some ports are allow to acces. This is my plan but i have a problem because make a telnet and my server answer who is the problem???? Some rule is BAD and dont denied all i post my firewall down please HELP ME!!! iptables -P INPUT DROP iptables -P OUTPUT ACCEPT iptables -P FORWARD ACCEPT modprobe iptable_nat iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE echo 1 > /proc/sys/net/ipv4/ip_forward #iptables -A FORWARD -j ACCEPT -i eth0 -o eth0 -d 0/0 iptables -A FORWARD -j ACCEPT -s 192.168.1.0/255.255.255.0 -o eth0 -d 0/0 iptables -A FORWARD -j ACCEPT -s 200.40.228.64/255.255.255.240 -o eth0 -d 0/0 iptables -A FORWARD -i eth0 -m state --state NEW,INVALID -j DROP iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A INPUT -p tcp -m tcp --dport 25 --syn -j ACCEPT iptables -A INPUT -p tcp -m tcp --dport 80 --syn -j ACCEPT iptables -A INPUT -p tcp -m tcp --dport 22 --syn -j ACCEPT iptables -A INPUT -p tcp --dport 53 -j ACCEPT iptables -A INPUT -p udp --dport 53 -j ACCEPT iptables -A INPUT -p tcp -m tcp --dport 110 --syn -j ACCEPT iptables -A INPUT -p tcp -m tcp --dport 143 --syn -j ACCEPT iptables -A INPUT -p tcp -m tcp --dport 443 --syn -j ACCEPT iptables -A INPUT -p udp --sport 137 --dport 137 -j DROP -- Psyche-list mailing list Psyche-list@redhat.com https://listman.redhat.com/mailman/listinfo/psyche-list
