[plug] configing iptables
bob
bob at contact.omen.com.au
Sat Jul 20 17:03:24 WST 2002
Ok, I "think" I'm getting my head around iptables :). I still have some
Q's though so hopefully you guys can give me some hints. BTW, I've tried
a bunch of rule scripting tools but they either don't do what I want or
are broken for debian so I'm trying to do this by hand.
OK, given that everything on eth0 (192.168.0.0/24) is trusted, is it
safe to do the following (and/or will it do what I expect)?
iptables -A INPUT -i eth0 -p all -j ACCEPT
iptables -A OUTPUT -o eth0 -p all -j ACCEPT
... bunch of rules about services and ppp0 followed by...
iptables -A INPUT -p all -s 192.168.0.0/16 -i ppp0 -j DROP
iptables -A INPUT -i ppp0 DROP
ie, everything on eth0 is ok and anything arriving on ppp0 purporting to
be 192.168... is to be dropped and everything else .
Is that ok? or is there a better way of doing what I want.
Thanks.
--
bob
Cave canem...te necet lingendo.
More information about the plug
mailing list