LinuxSA Mailing list archives

  From: Benjamin Close <linux@senet.com.au>
  To  : Steve Sloan <steve@lansol.com.au>
  Date: Thu, 11 Nov 1999 12:39:40 +1030 (CST)

Re: Firewall

On Wed, 10 Nov 1999, Steve Sloan wrote:

> I am trying to setup a firewall and I am have quite a bit of trouble with
> IPCHAINS
> My test setup is as follows (stand alone)
> 
> WinNT ----192.168.2.x ----------Linux
> firewall -----------192.168.3.x ------------- Linux Apache
> 
> I have two nic's in the firewall with ip_forward turned on. This allows
> browse the Apache server from the NT box OK
> Next I set the IP Chain policy to DENY and everything stopped as you would
> expect.
> Now I turned on port 80 using the command
> 
> ipchains -A input -p tcp -s 0.0.0.0/0 80 ACCEPT
> 
> which I thought would have opened up port 80 and allow me to browse but
> didn't.

If you set the default policy to deny what are your output rules?
Perhaps your getting the request but don't reply to it.

Cheers,
--

* Benjamin Close
* Benjsc@senet.com.au
* Web Page: http://users.senet.com.au/~benjsc

-- 
LinuxSA WWW: http://www.linuxsa.org.au/  IRC: #linuxsa on irc.linux.org.au
To unsubscribe from the LinuxSA list:
  mail linuxsa-request@linuxsa.org.au with "unsubscribe" as the subject