Hi Joerg, I don't quite understand your script (I'm not an expert though). Something that worked very well for me can be found at http://www.seligma.com/linux-user/firewalls/ .
For further information, see also http://www.netfilter.org/unreliable-guides/ . On Tue, Oct 14, 2003 at 01:30:12PM +0200, Joerg Johannes wrote: > Hi everybody > > I have configured my kernel with iptables enabled: > # IP: Netfilter Configuration > # CONFIG_IP_NF_CONNTRACK is not set > # CONFIG_IP_NF_QUEUE is not set > CONFIG_IP_NF_IPTABLES=y > CONFIG_IP_NF_MATCH_LIMIT=m > CONFIG_IP_NF_MATCH_MAC=m > CONFIG_IP_NF_MATCH_PKTTYPE=m > CONFIG_IP_NF_MATCH_MARK=m > CONFIG_IP_NF_MATCH_MULTIPORT=m > CONFIG_IP_NF_MATCH_TOS=m > CONFIG_IP_NF_MATCH_RECENT=m > CONFIG_IP_NF_MATCH_ECN=m > CONFIG_IP_NF_MATCH_DSCP=m > CONFIG_IP_NF_MATCH_AH_ESP=m > CONFIG_IP_NF_MATCH_LENGTH=m > CONFIG_IP_NF_MATCH_TTL=m > CONFIG_IP_NF_MATCH_TCPMSS=m > CONFIG_IP_NF_MATCH_UNCLEAN=m > CONFIG_IP_NF_MATCH_OWNER=m > CONFIG_IP_NF_FILTER=m > CONFIG_IP_NF_TARGET_REJECT=m > CONFIG_IP_NF_TARGET_MIRROR=m > CONFIG_IP_NF_MANGLE=m > CONFIG_IP_NF_TARGET_TOS=m > CONFIG_IP_NF_TARGET_ECN=m > CONFIG_IP_NF_TARGET_DSCP=m > CONFIG_IP_NF_TARGET_MARK=m > CONFIG_IP_NF_TARGET_LOG=m > CONFIG_IP_NF_TARGET_ULOG=m > CONFIG_IP_NF_TARGET_TCPMSS=m > CONFIG_IP_NF_ARPTABLES=m > CONFIG_IP_NF_ARPFILTER=m > CONFIG_IP_NF_ARP_MANGLE=m > > Then I went to > http://www.lowth.com/LinWiz/1.09/PersonalFirewall/fw.pl/iptables > and accepted the default settings, downloaded the generated shell script > and ran it. Afterwards, I could not surf the web anymore, could not get > emails with pop / send with smtp => all the net was dead. I have > attached the script, maybe some experts can tell me what to do. > > Thanks, > joerg > > -- > Gib GATES keine Chance! > > Viele Grüße -- Joachim Fahnenmüller # Hi! I'm a .signature virus. Copy me into # your ~/.signature to help me spread! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
