[Firestarter-user] Re: How to block all traffic from certain external hosts
Brought to you by:
majix
From: Julian T. <ju...@ne...> - 2006-05-04 13:23:11
|
Hi Don, The Chain you are looking for is the FORWARD and not INPUT. INPUT = Incoming packet destine for the firewall OUTPUT = Packets originating at the firewall FORWARD = Going to another address passing through the firewall. See "RE: does firestarter run with iptables as it's engine? 2nd request" By me for a more detailed explanation. Hope that helps Julian ----- Original Message ----- From: "Don Silvia" <don...@gm...> Newsgroups: gmane.comp.security.firewalls.firestarter.user Sent: Thursday, May 04, 2006 11:18 AM Subject: How to block all traffic from certain external hosts How can I block all traffic from specific external hosts when they hit a port that is forwarded to an internal host? I tried adding something like this to user-pre: $IPT -A INPUT -s 1.2.3.4/19 -j LOG --log-prefix "[dropping] " $IPT -A INPUT -s 1.2.3.4/19 -j DROP and in /etc/firestarter/inbound/forward I have HTTP, 80, 10.0.0.2, 80, but what I'm seeing is that the log message is written but the request still gets through. Is there anything else I need to add to user-pre? Thanks, -- Don ------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=k&kid0709&bid&3057&dat1642 |