Problems with iptables

Nicolas FRANCOIS nicolas.francois at free.fr
Wed Jul 20 14:54:38 PDT 2005


Le Wed, 20 Jul 2005 08:02:39 +0100 Andrew Benton <b3nt at ukonline.co.uk> a
écrit :

> Nicolas FRANCOIS wrote:
> > I've got two computers : mine, working with LFS 6.0 (well, almost,
it's an
> > SVN version, but very close from 6.0, and it doesn't matter here) and
BLFS
> > 6.0, and my wife's, working with Window$ 98.
> > 
> > As you can see, there are a few changes from the BLFS book script.
> > 
> > It does not work, in this precise way :
> > 
> > When arthur goes up, it can't connect to detritus threw Samba. I have
to
> > stop the firewall on detritus, then I can connect, and after I start
the
> > firewall again, everything goes well.
> > 
> > Can you help me ? I've been working on this for a long time now :-(
> > 
> 
> BLFS suggests
http://www.linuxfromscratch.org/blfs/view/stable/postlfs/firewall.html 
> "If you want to add services such as internal samba or name servers that
do not need to access the Internet themselves, the additional statements
are quite simple and should still be acceptable from a security
standpoint. Just add the following lines into the script before the
logging rules."
> 
> iptables -A INPUT  -i ! ppp+  -j ACCEPT
> iptables -A OUTPUT -o ! ppp+  -j ACCEPT

Quite foolish of me : I just took the "personnal firewall" example, and
tried to "adapt it" to my configuration. I didn't notice that the
masquerading example suited my whishes much better.

Thanks for your help. Well, thanks to the BLFS team for the Great Book,
and thank YOU for pointing me to the right place in the Great Book ;-)

\bye

-- 

Nicolas FRANCOIS
http://nicolas.francois.free.fr

We are the Micro$oft.
Resistance is futile.
You will be assimilated.



More information about the blfs-support mailing list