[an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] (none) [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] (none) [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive]
 
[an error occurred while processing this directive] [an error occurred while processing this directive]
Skåne Sjælland Linux User Group - http://www.sslug.dk Home   Subscribe   Mail Archive   Forum   Calendar   Search
MhonArc Date: [Date Prev] [Date Index] [Date Next]   Thread: [Date Prev] [Thread Index] [Date Next]   MhonArc
 

Re: [NETVAERK] ipchain regel



Doc Nielsen skrev:
> On 1/29/07, Peter Rude <sslug@sslug> wrote:
>> Så jeg har blokeret alt, men vil gerne tillade udgående trafik på tcp
>> port 80 og 443. eth0 er det eksterne i/f og eth1 det interne. Subnettet
>> hedder 10.0.0.0/24
> 
> iptables -A INPUT -p tcp --dport 80 -j ACCEPT
> iptables -A INPUT -p tcp --dport 443 -j ACCEPT
> iptables -A OUTPUT -p tcp --dport 80 -j ACCEPT
> iptables -A OUTPUT -p tcp --dport 443 -j ACCEPT
> iptables -A FORWARD -p tcp --dport 80 -j ACCEPT
> iptables -A FORWARD -p tcp --dport 443 -j ACCEPT
> 
> Så er portene åbnet på alle interfaces.
> Hvis forwarding allerede virker som forventet kan du undlade disse:
> 
> iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
> iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
> iptables -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
> 
> Så skulle tingene virke.
> Skal du bruge noget mere specielt siger du bare til.
> 
> -Doc
> 
Tak for hjælpen - Jeg kan ikke få hul igennem, men det må være den
Snapgear box, som fungerer anderledes end forventet.
Så længe der er en block all i de primære regler, er der ingen adgang
ud, uanset hvad jeg tilføjer af tillægsregler.

Jeg prøver med en IPCop installation på en gammel pc i stedet.

/Peter


 
Home   Subscribe   Mail Archive   Index   Calendar   Search

 
 
Questions about the web-pages to <www_admin>. Last modified 2007-02-01, 02:01 CET [an error occurred while processing this directive]
This page is maintained by [an error occurred while processing this directive]MHonArc [an error occurred while processing this directive] # [an error occurred while processing this directive] *