1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<HTML>
<HEAD>
<META NAME="GENERATOR" CONTENT="SGML-Tools 1.0.9">
<TITLE>Firewalling and packets accounting: A pre-cooked firewall solution</TITLE>
<LINK HREF="firewall-6.html" REL=next>
<LINK HREF="firewall-4.html" REL=previous>
<LINK HREF="firewall.html#toc5" REL=contents>
</HEAD>
<BODY>
<A HREF="firewall-6.html">Next</A>
<A HREF="firewall-4.html">Previous</A>
<A HREF="firewall.html#toc5">Contents</A>
<HR>
<H2><A NAME="s5">5. A pre-cooked firewall solution</A></H2>
<P>Here is an example for a simple network. Mostly, you have eth0 pointing
to the local network. Nothing must be reachable from the outside on
this network. eth1 points to a router on the Internet.
<P>
<H2><A NAME="ss5.1">5.1 Inputing rules: accepting all icmp packets</A>
</H2>
<P>
<P>
<BLOCKQUOTE><CODE>
<PRE>
Protocol icmp
-----------From---------------
Host or Network 0.0.0.0
Netmask
Port range
Other ports
Interface eth1
-----------To-----------------
Host or Network eth1
Netmask
Port range
Other ports
Interface Any
</PRE>
</CODE></BLOCKQUOTE>
<P>
<H2><A NAME="ss5.2">5.2 Inputing rules: accepting only DNS packet</A>
</H2>
<P>Ultimately only port
<P>
<BLOCKQUOTE><CODE>
<PRE>
Protocol udp
-----------From---------------
Host or Network 0.0.0.0
Netmask 0.0.0.0
Port range
Other ports
Interface eth1
-----------To-----------------
Host or Network eth1
Netmask
Port range
Other ports
Interface Any
</PRE>
</CODE></BLOCKQUOTE>
<P>
<HR>
<A HREF="firewall-6.html">Next</A>
<A HREF="firewall-4.html">Previous</A>
<A HREF="firewall.html#toc5">Contents</A>
</BODY>
</HTML>
|
