[[lug] IPCHAINS again.]
glowecon at netscape.net
Tue Oct 17 11:28:34 MDT 2000
For what it's worth, I use an online linux firewall builder to start my
firewalls out and edit them once I have them created. It's pretty handy as
everything is gui based in a web cgi and then is generated once you are done.
Check it out at http://www.linux-firewall-tools.com/linux/.
John Starkey <jstarkey at advancecreations.com> wrote:
> I'm setting up a remote machine, so I don't wanna lock myself out, and as
> many of you know I have really bad luck with ipchains.
> ipchains -P input DENY
> ipchains -P output DENY
> ipchains -P forward DENY
> ipchains -A input -p tcp -s xx.xx.xx.xx -d xx.xx.xx.xx 22 -j ACCEPT
> ipchains -A output -p tcp -s xx.xx.xx.xx -d xx.xx.xx.xx 22 -j ACCEPT
> This should allow me to SSH in while I config the rest of the rulesets,
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
Get your own FREE, personal Netscape WebMail account today at http://home.netscape.com/webmail
More information about the LUG