[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] Move from IPCHAINS to IPTABLES

Subject: [cobalt-security] Move from IPCHAINS to IPTABLES
From: "Jon" <jjma100@xxxxxxxxxxx>
Date: Fri, 7 May 2004 09:37:57 +0100
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hello,

I have moved to a new raq5 and would like to use iptables for my
firewall instead of ipchains (pmfirewall). I've alot of ip
addresses that I have gathered over the last year and I'm not
sure how I would convert these to proper iptable rules. i.e

ipchains -A input -s 65.60.128.0/17 -d $OUTERNET -j DENY

to

iptables -A INPUT -s 65.60.128.0/17 -d $OUTERNET -j DROP

I'm also trying to allow icmp packets to be sent only from my
office address to the server so would this be correct:

IPTABLES -A input -b -i $OUTERIF -p icmp -s [host/net] -d
$OUTERNET -j ACCEPT -l

Thanks in advance

Jon

Prev by Date: [cobalt-security] Declaration of willingness to own the 'new' lists
Next by Date: Re: [cobalt-security] Clearing up some things about the lists
Previous by thread: RE: [cobalt-security] Declaration of willingness to own the 'new' lists
Next by thread: [cobalt-security] Old post archiving proposal

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index