ipchains not working in 2.2.1-ac5 ?

Nomad the Wanderer (nomad@orci.com)
Tue, 9 Feb 1999 17:36:06 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Mofeed Shahin: "1/2 oops...."
Previous message: Andreas Kremer: "Re: Slow PPP with 2.2.1 -- FIXED, but I have a question"

I have my firewall up and running on 2.2.1-ac5. Everything looks great.
Ipchains loads the rules nice and pretty. Only problem is it's not doing
anything.

Here's what I've got:
{0}:wally:/home/nomad>sudo ipchains -L
Chain input (policy ACCEPT):
target prot opt source destination ports
ppp-in all ------ anywhere anywhere n/a
ACCEPT all ------ anywhere anywhere n/a
Chain forward (policy ACCEPT):
Chain output (policy ACCEPT):
target prot opt source destination ports
ppp-out all ------ anywhere anywhere n/a
Chain ppp-out (1 references):
target prot opt source destination ports
- udp ------ anywhere anywhere any -> 27900
- udp ------ anywhere anywhere any -> 27910
- udp ------ anywhere anywhere any -> 27912
- tcp ------ anywhere 0.0.0.0 any -> http
- tcp ------ anywhere 0.0.0.0 any -> telnet
- tcp ------ anywhere anywhere any -> ftp-data
- tcp ------ anywhere anywhere any -> nntp
- tcp ------ anywhere anywhere any -> pop-3
Chain ppp-in (1 references):
target prot opt source destination ports
DENY all ----l- 0.0.0.0 anywhere n/a
ACCEPT all ----l- 206.168.154.0/24 anywhere n/a
ACCEPT all ------ dudley.orci.com anywhere n/a
ACCEPT all ------ rocky.orci.com anywhere n/a
ACCEPT all ----l- is-callahan.gwl.com anywhere n/a
ACCEPT tcp ----l- tacoma-narrows.smg.seagatesoftware.com wally.rnd-consulting.com any -> ftp
ACCEPT tcp ----l- 0.0.0.0 wally.rnd-consulting.com any -> 22
ACCEPT tcp ----l- 0.0.0.0 wally.rnd-consulting.com any -> 1022
ACCEPT tcp ----l- 0.0.0.0 dogbert.rnd-consulting.com any -> 22
ACCEPT tcp ----l- 0.0.0.0 dogbert.rnd-consulting.com any -> 1022
ACCEPT tcp ----l- 0.0.0.0 anywhere ftp -> any
ACCEPT tcp ----l- 0.0.0.0 anywhere ftp-data -> any

I can enable just the DENY line for everything and still telnet to my box.
Anyone got any ideas?

Robert

---------------------------------------------------------------------------
Robert L. Harris | Windows is to Unix
Senior System Administrator II | what 'hooked on phonics'
at Great West Life. \_ is to Shakespeare

http://www.orci.com/~nomad

DISCLAIMER:
These are MY OPINIONS ALONE. I speak for no-one else.

FYI:
perl -e 'print $i=pack(c5,(41*2),sqrt(7056),(unpack(c,H)-2),oct(115),10);'

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Mofeed Shahin: "1/2 oops...."
Previous message: Andreas Kremer: "Re: Slow PPP with 2.2.1 -- FIXED, but I have a question"