Linux Firewall Question

Linux Firewall Question

Post by Kevin Wormingto » Thu, 06 Aug 1998 04:00:00



Hi, I am trying to add input firewall rules to a linux router (with ET sync
board)  to only allow incoming packets to be destined for valid local ip
numbers.  The machine has the interfaces eth0 and etsa111 which is the frame
relay dlci for the T1 incoming link.  I have included a sample of a logged
message (with ip's changed to 123.123.123) along with the ipfwadm commands
that I have issued.  Everything seems fine with these rules, except for
messages such as the sample below.  If I am reading the log entry correctly,
the source address is first and the destination second, so if the source is
123.123.123.1 why does the input filter for etsa111 match when the packet is
coming in on eth0??  This seems to only happen on dns traffic, but not all
of it.  The kernel version is 2.0.33 and ipfwadm is 2.3.0, os is redhat 5.0.
Please reply via e-mail as well.

Thanks

Kevin

Aug  5 10:54:41 gw-x kernel: IP fw-in deny etsa111 UDP 123.123.123.1:53
204.57.67.20:53 L=15360 S=0x00 I=0 F=0x0000 T=0
Aug  5 10:55:01 gw-x kernel: IP fw-in deny etsa111 UDP 123.123.123.1:53
204.57.67.20:53 L=15360 S=0x00 I=0 F=0x0000 T=0

/sbin/ipfwadm -I -f
/sbin/ipfwadm -O -f
/sbin/ipfwadm -I -a accept -S 0.0.0.0/0 -D 123.123.123.0/24 -W etsa111
/sbin/ipfwadm -I -o -a deny -S 0.0.0.0/0 -D 0.0.0.0/0 -W etsa111

 
 
 

1. some Linux/Firewall questions????

Hello,

I set up my RH 6.1 Linux box about two weeks ago and things are up and
running great!!

I plan on implementing ipchains, or perhaps other security stuff, and
I have a couple of questions:

1) After I install ipchains and have it confiuged they way i want it, I
want to test it.  Is there any machines that will let me telnet to them
and then I will telnet back to my Linux box and try out the security
stuff???  i have not been able to find any machines that will let me
telnet to them and try this and then telnet out of them back to my box.
My linux box is at home and all I have is a reg. ISP 56k connection.

2)  Is there any websites out there for people like my self that just
have Linux boxes setup at home and not at a big company or some work
network and want to make it secure as possible???  Sorta like info for
the the guy who has a bxo at home and a reg. ISP connection.  I have
been to LDP and seen all the HOWTOs but I wonder if there is any thing
else like threre on the web for the little guy.

Thanks!!!

2. sol8+dell lat c800=keyboard problem

3. Linux firewall question. Please help!

4. Boot disk

5. RCF Linux Firewall question

6. Browser Question

7. Newbie linux firewall question

8. AGP and X

9. Win2k box behind linux firewall question

10. linux firewalling questions

11. Linux Firewalling Questions

12. linux firewalling questions

13. Linux Firewall Question