Hi Kevin, On 12-Feb-01 Kevin Creason wrote:
I AM using SuSEFirewal 4.2 on SuSE 6.4 I ran the install... and configured it using YaST. Is there a better way? While we're on the subject, YaST appears to have some problems displaying text and descriptions.
I even ran ipchains with these arguments: /sbin/ipchains -A input -p TCP -d 0.0.0.0./0 0:65535 -i ppp0 -l -j DENY /sbin/ipchains -A input -p UDP -d 0.0.0.0./0 0:65535 -i ppp0 -l -j DENY /sbin/ipchains -A input -p ICMP -d 0.0.0.0./0 0:65535 -i ppp0 -l -j DENY but apparently these scans are accepted before the new lines. I figured that those lines would break something for sure.
After booting, do a ipchains -n -L and list all your rules. You may see some input/forward/output chains. If you want to experiment with an empty ipchains ruleset, do ipchains -F, which flushes (deletes) all rules. Then, to achieve a total block, you could do ipchains -P input DENY ipchains -P forward DENY ipchains -P output DENY Likewise, if you want to open up everything, replace DENY with ACCEPT. Also make sure your firewall scripts (SuSE or other) are properly set up. It's best to deny everything and then only let through what is needed (www, ftp, telnet, ssh, etc.).
What is the syntax to redirect a port-- like 80 to squid's incoming port?
try this for transparent proxying:
ipchains -A input -p tcp -d 127.0.0.1/32 www -j ACCEPT
ipchains -A input -p tcp -d your.ip.sub.net/24 www -j ACCEPT
ipchains -A input -p tcp -d 0/0 www -j REDIRECT 3128
These lines redirect local and network traffic destined to www (80) to squid's
port. Don't forget to include transparent proxying in your kernel.
[...]
---
Boris Lorenz