Joerg Bruenner wrote:
Hi,
my firewall looks like:
Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination
Ping from the firewall-box to box A will be answered. A ping from box A to the firewall reaches but will not be answered.
What do I have to do ?
Thanks a lot for help Joerg
Mit schönen Grüßen von Yahoo! Mail - http://mail.yahoo.de
iptables is easy do iptables --list to see your rules. Looks like yours is default and wide open. My iptables on internet connected box looks like this *aurbain@allYourBaseBelongToUs:~> sudo cat /etc/iptables.conf # Generated by iptables-save v1.2.7a on Fri Aug 22 09:33:18 2003 *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -s x.x.x.0/255.255.254.0 -j ACCEPT -A INPUT -s y.y.y.0/255.255.254.0 -j ACCEPT -A INPUT -s 192.168.0.0/255.255.255.0 -j ACCEPT -A INPUT -i lo -j ACCEPT COMMIT # Completed on Fri Aug 22 09:33:18 2003 I drop all incomming packets, disallow forwarding allow all outgoing now that I think about it, I'm going to do some egress filtering. Thanks for the idea! /etc/init.d/iptables restart will read the above file and load it, check out the script. *