[plug] cannot ping internet from desktops
Ryan
ryan at is.as.geeky.as
Thu Jul 31 14:24:05 WST 2003
> # set up log chain with prefixes for protocols
> $iptables -N LOG_DROP
> $iptables -A LOG_DROP -p tcp -j LOG --log-prefix "TCP drop: "
> --log-level=info
> $iptables -A LOG_DROP -p udp -j LOG --log-prefix "UDP drop: "
> --log-level=info
> $iptables -A LOG_DROP -p icmp -j LOG --log-prefix "ICMP drop: "
> --log-level=info
> $iptables -A LOG_DROP -f -m limit --limit 1/s -j LOG --log-prefix "FRAG
> drop: " --log-level=info
> $iptables -A LOG_DROP -j DROP
Yah, I should also add the other bit that missed the mouse cursor:
as the last things in the script:
$iptables -A INPUT -m limit --limit 1/minute -j LOG_DROP
$iptables -A OUTPUT -m limit --limit 1/minute -j LOG_DROP
optionally add appropriate '-[sd] [!] <blah>' to supress boring
internal stuff if not needed like I do.
Ryan
More information about the plug
mailing list