[ILUG] INPUT chain

From: Subba Rao (subb3 at domain ibm.net)
Date: Fri 27 Aug 1999 - 14:09:34 IST

• Next message: Paul Jakma: "RE: [ILUG] INPUT chain"
• Previous message: Liam Bedford: "Re: [ILUG] Mail problems..."
• Next in thread: Paul Jakma: "RE: [ILUG] INPUT chain"
• Maybe reply: Paul Jakma: "RE: [ILUG] INPUT chain"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

My INPUT chain has the ACCEPT policy, on my linux gateway. This system has
2 interfaces. One is a modem interface (Internet) and the other is a ethernet interface (Intranet).

EXERCISE

For the modem interface, I setup the following rules,

$ ipchains -A input -i ppp0 -p 21 -j DENY
$ ipchains -A input -i ppp0 -p 23 -j DENY
$ ipchains -A input -i ppp0 -p 80 -j DENY

My goal in this exercise is to prevent outside telnet, ftp and www access
to my gateway.

RESULTS

From a remote machine(from a different LAN on the Intranet), I can still access these service.

What is wrong with the above rules? What am I doing wrong?

Thanks you in advance for your input.

Subba Rao
subb3 at domain ibm.net
==============================================================
Disclaimer - I question and speak for myself.

http://pws.prserv.net/truemax/
______________________________________________________________

• Next message: Paul Jakma: "RE: [ILUG] INPUT chain"
• Previous message: Liam Bedford: "Re: [ILUG] Mail problems..."
• Next in thread: Paul Jakma: "RE: [ILUG] INPUT chain"
• Maybe reply: Paul Jakma: "RE: [ILUG] INPUT chain"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2.1.6 : Thu 06 Feb 2003 - 13:04:30 GMT