iptables
v13 at priest.com
v13 at priest.com
Wed Nov 14 14:20:01 EET 2001
On Wednesday 14 November 2001 03:18, Dimitrios Tsimbidis wrote:
> "Kostas Liakakis" <kostas at skiathos.physics.auth.gr> wrote in message
> news:9sqrvn$ne2$1 at nic.grnet.gr...
> >
> > "Dimitrios Tsimbidis" <dtsimbid at otenet.gr> wrote in message
> > news:voups9.g68.ln at news.domain.tsimbi...
> > > Xrisimopoio to Suse 7.2
> > > -Xrisimopoio ta iptables kai eno i anafora tou "iptables -L" einai opos
> > > akribos exo zitisei kai opos akribos tha ithela, apo ekso fainomai me
> > > anixtes portes san na min eixa katholou firewall. Mipos prepei se kapoio
> > > sigekrimeno simeio tou boot na balo to scriptaki me tis parametrous tou
> > > iptables?
> >
> > An sta deinei me -L shmainei oti einai energa. An den kleinei tis portes
> pou
> > 0es, mallon kana la0aki exeis... Pes ti 0es na kaneis kai dei3e ti exeis
> > grapsei na doume.
>
>
> Edo exo to scriptaki mou...
>
> # TCP
> $IPTABLES -A FORWARD -m multiport -p tcp -d $OURNET --dport $TCPIN
> ! --tcp-flags SYN,ACK ACK -j ACCEPT -v
> $IPTABLES -A FORWARD -m multiport -p tcp -s $OURNET --sport $TCPIN
> ! --tcp-flags SYN,ACK ACK -j ACCEPT -v
>
> $IPTABLES -A FORWARD -m multiport -p tcp -i $WORLDDEV -d $OURNET --dport
> $TCPIN --syn -j ACCEPT -v
> $IPTABLES -A FORWARD -m multiport -p tcp -i $OURDEV -d $WORLDADDR --dport
> $TCPOUT --syn -j ACCEPT -v
Ap'oti blepo ta'xeis balei ola sto forward.. balta sto INPUT. H akoma
kalytera, spasta.. ftiakse px mia chain gia tcp kai meta sto input bale ena:
iptables -A INPUT -p tcp -i eth1 -j tbl-tcp
gia na einai kai ligo poio grygoro...
<<V13>>
More information about the Linux-greek-users
mailing list