RE: IPCHAINS very simple question

[Cindy Pearce]

Hi Frank,

Try this page: http://www.linuxnewbie.org/nhf/intel/network/ipchains2.html

it helped me.


Cindy

> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On
> Behalf Of Frank Carreiro
> Sent: Friday, March 10, 2000 10:41 AM
> To: [EMAIL PROTECTED]; redhat list
> Subject: IPCHAINS very simple question
> 
> 
> Probably not you... I just wish I knew IPchains a little better.  Their
> docs aren't the best in the world and the howto is a little above me
> still...
> 
> Anyway, I've got your script here and am thinking of playing with it a
> bit.
> 
> Boy I have a long way to go :D
> 
> If anybody knows of better documentation out there please pass it along
> to me.  I could use use it.
> 
> frank
> 
> www.xmission.com/~dmacleod
> 
> 
> 
> 
> 
> Hello list!
> It's me or you guys dont like me???
> Every time that i post some questions,nobody awnser me...snif
> 
> Well,this is not what i came here for!
> 
> I really want to learn more about ipchains and i'm doing good by my
> self,but 
> i still need some light :)
> Question 1:
> Here is my basic script:
> #!/bin/sh
> PATH=/sbin
> 
> ipchains -P input ACCEPT
> ipchains -P output ACCEPT
> ipchains -P forward ACCEPT
> ipchains -F
> ipchains -P input REJECT
> ipchains -P output REJECT
> ipchains -P forward REJECT
> ipchains -A input -p tcp -s 192.168.0.0/24 -d 192.168.1.3 22 -j ACCEPT
> ipchains -A input -p tcp -s 192.168.0.0/24 -d 192.168.1.3 23 -j ACCEPT
> ipchains -A output -p tcp -s 192.168.1.3 22 -d 192.168.0.0/24 -j ACCEPT
> ipchains -A output -p tcp -s 192.168.1.3 23 -d 192.168.0.0/24 -j ACCEPT
> ipchains -A input -s 0/0 -d 0/0 -j REJECT -l
> ipchains -A output -s 0/0 -d 0/0 -j REJECT -l
> 
> The last two lines that i want to know about,if i move then to the top
> of 
> the script even if i open the telnet and ssh like i did,the ipchains
> dont 
> accept connections for telnet and ssh,why???
> I use this last two lines for debug proposes and i know if i comment
> this 
> lines out,everything bellow will work,but i dont understand the why!
> -- 
> 
> This is Linux Country. On a quiet night, you can hear Windows NT reboot.


-- 
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.