forgot to attach the rc.firewall to the previous email :)
sometimes I type to fast for my own good...
Chuck Pitre 128 Larch Street, Suite 301
Technical Consultant P3E 5J8 Sudbury Ontario
ViaNet Internet Solutions tel: 705-675-0400
*The box said "Windows 95, Windows NT4.0 or better".. so I installed Linux*
#!/bin/sh
# rc.firewall Linux firewalling rules
FW=/sbin/ipfwadm
# FLush rules, for testing purposes
for i in I O F
do
${FW} -$i -f
done
# Default policies:
${FW} -I -p rej # Incoming policy: reject (quick error)
${FW} -O -p accept # Output policy: accept
${FW} -F -p den # Forwarding policy: deny
# Input Rules:
# Loopback Interface:
${FW} -I -a accept -S 127.0.0.1/32 -D 127.0.0.1/32
# Local Ehternet-interface:
# Redirect to Squid proxy server
${FW} -I -a accept -P tcp -D 209.91.128.21/32 80 -r 80
# Accept packets from local network:
${FW} -I -a accept -P all -S 209.91.0.0/16 -D 209.91.128.21/32 -W eth0
# Accept all on loopback
${FW} -I -a accept -W lo
# Accept meths IP to prevent loops
${FW} -I -a accept -P tcp -D 209.91.128.21 80
# Redirect packet from port 80 to 3128
${FW} -I -a accept -P tcp -D 0/0 80 -r 3128
# Only required for toher types of traffic (FTP, TELNET):
# Forward localnet with masquerading (udp and tcp, no icmp!):
${FW} -F -a m -P tcp -S 209.91.0.0/16 -D 209.91.128.21/32
${FW} -F -a m -P udp -S 209.91.0.0/16 -D 209.91.128.21/32
Received on Tue Jul 21 1998 - 13:23:24 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:41:12 MST