Hi aeab,
> Von: aeab, sent: 31. 01. 2002 10:40
>
>
> hi...
> o great guru out there...
> i am doing website on A machine (linux), this website will
> link to a webpage
> on B machine..
>
> The problem is (what else..)..
> - i just want to let the user to browse to webpage on B
> machine only and
> only by accessing website on A machine first and following
> the link to B.
> No user can browse B machine simply by going to B, must go to A.
>
> -i was trying with ipchains...B (a.b.c.d) & A(e.f.g.h)
> ipchains -A input -p tcp -d a.b.c.d/255.255.255.255 80 -l -j DENY
> ipchains -A input -p tcp -s e.f.g.h/255.255.255.255 -d
> a.b.c.d/255.255.255.255 80 -l -j ACCEPT
>
> seems not working...
ipchains works like a normal script, just as a sequence of
commands. This means that the packets are testet against
the defined rules, starting with the first (in your script)
and ending with the last.
ipchains uses that rule, that matches first and "exits".
In your case, the "DENY" rules matches first. As you haven'tr
specified a "-s" (Source), it matches for all IPs.
So the following rule never will be executed if a.b.c.d:80 is
the destination (Target).
Just switch the rules: First the more specific allow and then
the deny rule. That should work.
Regards,
Carsten Cimander
>
> TQ
> infant......cy.
>
> --------------------------------------------------------------
> ----------
> To unsubscribe email security-discuss-request@linuxsecurity.com
> with "unsubscribe" in the subject of the message.
>
>
------------------------------------------------------------------------
To unsubscribe email security-discuss-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
