[lug] iptables
j davis
davis_compz at hotmail.com
Wed Mar 27 17:25:03 MST 2002
hi,
i have never written a firewall for a single computer...or a firewall
running
X . Anyway im confused...:)
so im writing a firewall for a box that will be on a lan and doing dial up.
i want to block all incoming or outgoing X.
I am thinking of trying this..
firewall box 10.0.0.3
iptables -t nat -A PREROUTING -p tcp --dport 6000:7000 -j DROP
iptables -t nat -A PREROUTING -p tcp --sport 6000:7000 -j DROP
iptables -t nat -A POSTROUTING -p tcp --dport 6000:7000 -j DROP
iptables -t nat -A POSTROUTING -p tcp --sport 6000:7000 -j DROP
will this kill X on my firwall box?
Also..my deafault police for forward, pre, and postrouting is drop.
will this take care of everything? i dont want any traffic passing (x
related)
...i have the" -m --state RELATED,ESTABLISHED -j ACCEPT" in forward and
accept all from 10.0.0.0/24 in PREROUTING.
hope this message is coherent
thanks
jd
_________________________________________________________________
Send and receive Hotmail on your mobile device: http://mobile.msn.com
More information about the LUG
mailing list