Hi Pramod

Try out Iptables, it has better features than ipchains.

Enable IP forwarding between the interfaces - remember to disable this if you're going to unload the Iptables rules.

                          echo "1" > /proc/sys/net/ipv4/ip_forward

Load the NAT modules - needed only if you compiled as modules

                             modprobe iptable_nat
                             modprobe ip_nat_ftp (needed only if you plan on using FTP)

Enable IP masquerading - Use if your eth0 has a dynamic IP address.

                           iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Enable source NAT - Use if your eth0 has a static IP address.

                            iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to ip_address_of_eth0

Pramod Krishna K wrote:

Hi ,
 
I've got a small network in which my mailserver(sendmail),proxy(squid),webservers & Name servers are placed.
I want to setup a firewall b/w the router & my LAN.
Can anyone send in a ipchains firewall script which i can customize to my requirements  to make it a secure network.
 
Regards,
Pramod



**************************Disclaimer************************************


Information contained in this E-MAIL being proprietary to Wipro Limited
is 'privileged' and 'confidential' and intended for use only by the
individual or entity to which it is addressed. You are notified that any
use, copying or dissemination of the information contained in the E-MAIL
in any manner whatsoever is strictly prohibited.


*****************************************************************************






Reply via email to