thr3ads.net - Shorewall users - [Shorewall-users] help me with rules [Dec 2002]

If this information is useful, please help other people find it:
Share via:

Maciek Kurkiewicz

2002-Dec-13 23:19 UTC

[Shorewall-users] help me with rules

I want to reject all ports to 217.17.41.0/24 for one IP 192.168.1.6 and give
only WWW from 217.17.41.87 to client computer 192.168.1.6. Please help me
... I have done it in rules file :

REJECT net:217.17.41.0/24 local:192.168.1.6 tcp
REJECT local:192.168.1.6 net:217.17.41.0/24 tcp
REJECT net:217.17.41.0/24 local:192.168.1.6 udp
REJECT local:192.168.1.6 net:217.17.41.0/24 udp

ACCEPT net:217.17.41.87 local:192.168.1.6 tcp - 80
ACCEPT net:217.17.41.87 local:192.168.1.6 udp - 80
ACCEPT net:217.17.41.87 local:192.168.1.6 tcp 80 -
ACCEPT net:217.17.41.87 local:192.168.1.6 udp 80 -
ACCEPT local:192.168.1.6 net:217.17.41.87 udp - 80
ACCEPT local:192.168.1.6 net:217.17.41.87 tcp - 80
ACCEPT local:192.168.1.6 net:217.17.41.87 udp 80 -
ACCEPT local:192.168.1.6 net:217.17.41.87 tcp 80 -


All ports are rejected but WWW from 217.17.41.87  still not work on
192.168.1.6. I need some help.
Best Wishes from Poland
Maciek



--
----
Oferta jakiej jeszcze nie by³o!
Serwer www 60 MB za 99 z³ rocznie
Szczegó³y: www.oferta.alpha.pl
----

Tom Eastep

2002-Dec-13 23:33 UTC

head link

[Shorewall-users] help me with rules

--On Saturday, December 14, 2002 12:19:16 AM +0100 Maciek Kurkiewicz 
<maciek@alpha.net.pl> wrote:
> I want to reject all ports to 217.17.41.0/24 for one IP 192.168.1.6 and
> give only WWW from 217.17.41.87 to client computer 192.168.1.6. Please
> help me ... I have done it in rules file :
>
> REJECT net:217.17.41.0/24 local:192.168.1.6 tcp
> REJECT local:192.168.1.6 net:217.17.41.0/24 tcp
> REJECT net:217.17.41.0/24 local:192.168.1.6 udp
> REJECT local:192.168.1.6 net:217.17.41.0/24 udp
>
> ACCEPT net:217.17.41.87 local:192.168.1.6 tcp - 80
> ACCEPT net:217.17.41.87 local:192.168.1.6 udp - 80
> ACCEPT net:217.17.41.87 local:192.168.1.6 tcp 80 -
> ACCEPT net:217.17.41.87 local:192.168.1.6 udp 80 -
> ACCEPT local:192.168.1.6 net:217.17.41.87 udp - 80
> ACCEPT local:192.168.1.6 net:217.17.41.87 tcp - 80
> ACCEPT local:192.168.1.6 net:217.17.41.87 udp 80 -
> ACCEPT local:192.168.1.6 net:217.17.41.87 tcp 80 -
>
>
> All ports are rejected but WWW from 217.17.41.87  still not work on
> 192.168.1.6. I need some help.
Two questions:

a) What are your policies?
b) is 192.168.1.0/24 masqueraded to the net?

-Tom
--
Tom Eastep   \ Shorewall - iptables made easy
Shoreline,    \ http://shorewall.sf.net
Washington USA \ teastep@shorewall.net

Maybe Matching Threads

Search for more possibly parallel threads

Shorewall users - Dec 2002 - help me with rules

[Shorewall-users] help me with rules

[Shorewall-users] help me with rules

Maybe Matching Threads