Firewall Rules ...
E. Lefty Kreouzis
lefty at fage.gr
Fri Oct 31 08:43:47 EET 1997
On 30-Oct-97 Jiannis Mitsos wrote:
>Loipon exoume to e3hs sxhma :
>
>--------- -----------------
>| cisco |---->|eth0 |
>--------- | Linux Box | ------------
> | eth1|------->| LAN |
> ----------------- ------------
>To Linux einai ousiastika mono gia firewall ( h kalytera prospa8ei na
>ginei firewall :-( ) Apo thn meria tou kernel einai ok ...
>exw 8esei ta e3hs rules :
>ipfwadm -F -p deny
>ipfwadm -F -f
^^^^^^^^^^^^^^^^^^^^^ Edv les na kane flush ta rules tou forwarding.
Me alla logia na jexasei to ipfwadm -F -p deny! To default nomizv oti
einai deny alla giakalo kai gia kako allaje ti dyo grammes metajy toys.
>ipfwadm -I -f
>ipfwadm -F -a accept -b -P tcp -S 0.0.0.0/0 1024:65535 -D
>ena.host.mesa_sto_lan 21
^^^^^
edv ueleis to port 20 kai 21,
20 einai ftp-data kai 21 einai to ftp.
>
>alla parolayta den mporw na kanw ftp apo ena allo diktyo sto
>ena.host.mesa_sto_lan gnwrizei kaneis tipota epi tou 8ematos ???
>kai epipleon epeidh den katalaba sto man ipfwadm to 1024:65535 ti
>akribws kanei ??
To 1024:65535 ennoei oti apo opoiodhpote port megalhtero h iso me to 1024
opoudhpote mhxanhmatos sto port 21 toy mhxanhmatos mesa sto lan.
>sto linux exw balei 3-4 static routes (tosa mhxanhmata
>exw sto LAN)
Den nomizv na einai problhma routing. Ektos kai an den exeis netmask
255.255.255.0 (Class C).
Lefterhs Kreoyzhs
E-Mail: E. Lefty Kreouzis <lefty at fage.gr>
Date: 31-Oct-97 Time:08:43:49
#include <stddisclaimer.h>
finger lefty at eratosthenes.fage.gr for PGP public key
--
====================================================================
Gia na mathete pos na xrisimopoiite ton majordomo, stilte e-mail
sto "majordomo at argos.hol.gr" me 1 grammi sto keimeno: help
Ta archives tis listas einai sto http://www.argos.hol.gr/lists
Gia opoiodipote problima stilte e-mail ston owner-linux-greek-users
====================================================================
More information about the Linux-greek-users
mailing list