[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[SLUG] Re: ip chains probSorry about blank subject trying New email prog :)

To: slug@nospam.slug.org.au
Subject: [SLUG] Re: ip chains probSorry about blank subject trying New email prog :)
From: maxattack@nospam.optushome.com.au
Date: Mon Jun 19 16:08:19 2000
Sender: owner-slug@nospam.newtreno.spectrum.com.au

My problem is I have a small network of 4 computers
with my own gateway using ipmasq for all sub systems now
my firewall script for this gateway i belive is stopping me from
connecting to any of my servers running on my gateway.
I notice when i try to connect from any of the sub systems
through gateway to use auth it wont establish i have identd running when trying irc , but i can connect to irc from gateway itself
Also i have running ssh on the gateway  and some others that i cannot even establish a conneciton from  the gateway or sub systems . Ie i try ssh from gateway to gateway and i cannot connect. Also i try from sub systems no luck cannot connect.
systems

MY sub systems ----> My gateway ------> ISP
Here is my ipchains rules..
Again any help will be great :)
------------------------------------
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter
ipchains -M -S 14400 30 300
ipchains -A input -i ! lo -j DENY
ipchains -A output -i ! lo -j DENY
ipchains -A forward -j DENY
ipchains -A input -i lo -j ACCEPT
ipchains -A output -i lo -j ACCEPT
ipchains -A input -j ACCEPT -i eth0 -s 0/0 67 -d 0/0 68 -p udp
ipchains -P forward DENY
ipchains -A forward -i eth0 -j MASQ
ipchains -N icmp-acc
ipchains -N bad-if
ipchains -N good-if
ipchains -A icmp-acc -p icmp --icmp-type destination-unreachable -j ACCEPT
ipchains -A icmp-acc -p icmp --icmp-type source-quench -j ACCEPT
ipchains -A icmp-acc -p icmp --icmp-type time-exceeded -j ACCEPT
ipchains -A icmp-acc -p icmp --icmp-type parameter-problem -j ACCEPT
ipchains -A forward -j DENY -l
ipchains -A bad-if -i eth1 -j DENY -l
ipchains -A bad-if -p ICMP --icmp-type pong -j ACCEPT
ipchains -A bad-if -p TCP --dport ssh -j ACCEPT
ipchains -A bad-if -j icmp-acc
ipchains -A bad-if -j DENY
ipchains -A good-if -i eth0 -j DENY
ipchains -A good-if -p ICMP --icmp-type ping -j ACCEPT
ipchains -A good-if -p ICMP --icmp-type pong -j ACCEPT
ipchains -A good-if -j icmp-acc
ipchains -A good-if -j DENY -l
#modprobe ip_masq_cuseeme.o
modprobe ip_masq_ftp.o
modprobe ip_masq_irc.o
modprobe ip_masq_icq.o
#modprobe ip_masq_mfw.o
#modprobe ip_masq_portfw.o
#modprobe ip_masq_quake.o
#modprobe ip_masq_raudio.o
#modprobe ip_masq_user.o
#modprobe ip_masq_vdolive.o
ipchains -D input 1
ipchains -D forward 1
ipchains -D output 1
--------------------------------

To: maxmail@nospam.optushome.com.au

Subject: Re:

From: Rick Welykochy <rick@nospam.praxis.com.au>

Date: Sun, 18 Jun 2000 19:28:18 +1000

Organization: Praxis Services Pty Limited

References: <20000618091032.QKFP7578.mail.rdc1.nsw.optushome.com.au@nospam.optushome.com.au>

Sender: rick@nospam.ns1.dot.net.au
maxmail@nospam.optushome.com.au wrote:
> 
> Hello i have a problem which i belive in my firewall script

Sorry I have nothing to say on your problem.
But your subject line was empty ... which will annoy
many on the list since they use a filter
to file away and later retrieve slug postsing.

-rickw


--
Rick Welykochy || Praxis Services Pty Limited

Prev by Date: Re: [SLUG] Scsi CD rom gone missing
Next by Date: Re: [SLUG] Scsi CD rom gone missing
Prev by thread: Re: [SLUG] Scsi CD rom gone missing
Next by thread: [SLUG] Student Suspended Over Suspected Use of PHP
Index(es):
- Date
- Thread