* Kevin Creason wrote on Mon, Feb 12, 2001 at 17:22 -0600:
I even ran ipchains with these arguments: /sbin/ipchains -A input -p TCP -d 0.0.0.0./0 0:65535 -i ppp0 -l -j DENY /sbin/ipchains -A input -p UDP -d 0.0.0.0./0 0:65535 -i ppp0 -l -j DENY /sbin/ipchains -A input -p ICMP -d 0.0.0.0./0 0:65535 -i ppp0 -l -j DENY
That allows still a lot (all other IP protocols). Ports make no sense for ICMP. To drop anything you could use: /sbin/ipchains -A input -i ppp0 -l -j DENY But at least for ident/auth I would suggest to use REJECT to avoid long timeouts. You shouldn't block all IMCP types (at least some type 3 - dest unreach - should be allowed, at least if not fragmented).
but apparently these scans are accepted before the new lines. I figured that those lines would break something for sure.
If you're really paranoid you could use: /sbin/ipchains -A input $ALLOWED_OPTIONS -i ppp0 -l -j ACCEPT to log allowed packets too, but you will get a lot of logs.
What is the syntax to redirect a port-- like 80 to squid's incoming port?
use rindetd or: from man ipasqadm: ipchains -I input -p tcp -y -d yours.com/32 80 -m 1 ipmasqadm mfw -I -m 1 -r hostA 80 (untested) oki, Steffen -- Dieses Schreiben wurde maschinell erstellt, es trägt daher weder Unterschrift noch Siegel.