[lug] Firewall
Scott A. Herod
herod at interact-tv.com
Tue Aug 7 08:51:52 MDT 2001
rotering at animalcules.com wrote:
>
> On Mon, Aug 06, 2001 at 07:52:58PM -0600, Chad Wasinger wrote:
>
> > [...] I add an ACCEPT only from the source IP I want to 0.0.0.0/0
> > and the port I want like port 80. and move it to the top. Now that
> > works. So now I am trying to use FTP only from a certain IP range
> > using the same ACCEPT line, but I try it from an IP that is not in
> > my source range and I can still get an FTP login!!
>
> It's a bit tough to tell what the problem is without seeing the actual
> rules (use a bogus IP address for your side if you're concerned about
> posting IP addresses).
>
I second this comment and would add that you should check the output
of "ipchains -L -v -n" to verify that your ruleset is doing what you
expect.
Scott
More information about the LUG
mailing list