The Daily Static
  The Daily Static
UF Archives
Register
UF Membership
Ad Free Site
Postcards
Community
Geekfinder
UFie Gear
Advertise on UF
Forum Rules
& FAQ

Username

Password


Create a New Account

  
 

Back to UserFriendly Strip Comments Index
iptables, NAT & Packet Filtering by DMDx86 2002-06-14 06:47:51
Hello All,

I have just changed my server setup at home. I have a linux server serving out http, ftp, and a couple of other things through my cable modem. Previously, I connected through a Linksys router and forwarded the nessecary ports to the linux machine, and it worked fine.

Having some recent troubles with the Linksys crashing, I decided to shove an extra NIC into the linux machine and do IP Masquerade NAT through iptables. NAT through my network works fine. What I am trying to do is accomplish some basic firewalling without distrupting NAT connections.

eth0 is the internal network interface.
eth1 is the internet connected interface.

What I want to do is DROP any connections to my box on eth1 that are not going to ports I want to be accessible on eth1, but I want to ACCEPT connections to a specified set of TCP ports on eth1.
How would I go about this?
[ Reply ]
  Linux Firewalling by doc0292006-11-19 12:55:59
  In general... by talon07202002-06-14 07:31:24
  Clicky that should help (the howto) by Freakazoid2006-11-19 12:55:59
  Ask Bombadil in his diary by Radagast302006-11-19 12:55:59
  Here are example iptables commands... by allegory2002-06-14 07:48:48
    erm... by SD Maruko-kun2002-06-14 11:05:55
      thats what I get for writing comments in quickly.. (n/t) by allegory2002-06-14 11:30:25
  Thanks all by DMDx862002-06-14 09:31:16
    I'd take it back. by Blackbyrd22002-06-14 21:46:46

 

[Todays Cartoon Discussion] [News Index]

Come get yer ARS (Account Registration System) Source Code here!
All images, characters, content and text are copyrighted and trademarks of J.D. Frazer except where other ownership applies. Don't do bad things, we have lawyers.
UserFriendly.Org and its operators are not liable for comments or content posted by its visitors, and will cheerfully assist the lawful authorities in hunting down script-kiddies, spammers and other net scum. And if you're really bad, we'll call your mom. (We're not kidding, we've done it before.)