Re: [pmfirewall] $OUTERNET vs $REMOTENET

Date view	Thread view	Subject view	Author view

From: Andy Wood (network.design@home.com)
Date: Mon Nov 13 2000 - 17:46:27 PST

Next message: MaD MaN: "[pmfirewall] Port Forwarding"
Previous message: Chknlil: "Re: [pmfirewall] Where are the log files?"
In reply to: John Frey: "Re: [pmfirewall] $OUTERNET vs $REMOTENET"
Next in thread: John Frey: "Re: [pmfirewall] $OUTERNET vs $REMOTENET"
Reply: John Frey: "Re: [pmfirewall] $OUTERNET vs $REMOTENET"

So these statements have to do with Internal packs getting out more so than
external packets access in? Well, what I'm really trying to make sure is
lets say that I have the following line:

$IPCHAINS -A input -p tcp -s 1.2.3.4/32 -d $OUTERNET 22 -j ACCEPT

This allows only 1.2.3.4 to SSH in and aeveryone else would be
denied/rejected.

Thanks for the follow up!!

Andy

On Mon, 13 Nov 2000, John Frey wrote:
> Date: Mon, 13 Nov 2000 07:43:11 -0700
> To: <pmfirewall@pointman.org>
> From: "John Frey" <johnf@goldcircuit.com>
> Reply-To: pmfirewall@pointman.org
> Sender: owner-pmfirewall@pointman.org
> Subject: Re: [pmfirewall] $OUTERNET vs $REMOTENET
>
>
> > How do these lines differently effect ipchains
> >
> > $IPCHAINS -A iput -p tcp -s $REMOTET -d $OUTERNET <port> -j ACCEPT
>
> This line will accept only packets addressed to an address that falls
> into
> the same IP Net (Address w/ mask) as your external interface. i.e.: If
> your
> outer IP address is 172.16.5.12/6, then any packet addressed to IP
> Addresses
> 172.16.4.1 - 172.16.7.254 will be allowed THRU the firewall. ( /6
> signifies an IP mask of 255.255.252.0 )
>
>
> >
> > $IPCHAINS -A iput -p tcp -s $REMOTET -d $REMOTENET <port> -i $OUTERIF
> -j
> > ACCEPT
>
> This line will accept packets TO any IP address and allow them THRU the
> firewall.
>
>
> Hope this helps
>
> John
>
>
****************************************************************************
> * To UNSUBSCRIBE from the list, send a message with "unsubscribe
> pmfirewall"
> * in the message body to majordomo@pointman.org. Please direct other
> * questions, comments, or problems to pmfirewall-owner@pointman.org.
> *
> * Need answers fast? Check the list archive located at:
> * http://www.pointman.org/PMFirewall/list-archive/
> *
****************************************************************************
* To UNSUBSCRIBE from the list, send a message with "unsubscribe pmfirewall"
* in the message body to majordomo@pointman.org. Please direct other
* questions, comments, or problems to pmfirewall-owner@pointman.org.
*
* Need answers fast? Check the list archive located at:
* http://www.pointman.org/PMFirewall/list-archive/
*

Next message: MaD MaN: "[pmfirewall] Port Forwarding"
Previous message: Chknlil: "Re: [pmfirewall] Where are the log files?"
In reply to: John Frey: "Re: [pmfirewall] $OUTERNET vs $REMOTENET"
Next in thread: John Frey: "Re: [pmfirewall] $OUTERNET vs $REMOTENET"
Reply: John Frey: "Re: [pmfirewall] $OUTERNET vs $REMOTENET"

Date view	Thread view	Subject view	Author view

This archive was generated by hypermail 2b29 : Sun Jun 10 2001 - 02:37:45 PDT