Re: OT: iptables rules request

From: James Pifer (jep_at_obrien-pifer.com)
Date: 05/31/05

Next message: David Cary Hart: "Re: OT: iptables rules request"

Previous message: Phil: "Re: General routing question?"
In reply to: James Pifer: "OT: iptables rules request"
Next in thread: David Cary Hart: "Re: OT: iptables rules request"
Reply: David Cary Hart: "Re: OT: iptables rules request"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

To: For users of Fedora Core releases <fedora-list@redhat.com>
Date: Tue, 31 May 2005 11:26:27 -0400

On Tue, 2005-05-31 at 11:04, James Pifer wrote:
> I'm looking for some help with iptables. Anyone good in iptables willing
> to assist with (ie write) a few rules?
>
> I have a box running iptables and there are three networks going through
> it.
>
> eth0 is the local network 192.168.192.0
> eth1 is the internet
> ipsec0 is a vpn 172.16.0.0
>
> Everything is good except I'd like to limit what machines on my
> 192.168.192 network can communicate over the ipsec0 connection. Here's
> what I'd like to accomplish:
>
> 1) Allow 192.168.192.2 to only use port 53 (UDP) through ipsec0
> 2) Allow 192.168.192.100 full access through ipsec0
> 3) Allow 192.168.192.10-192.168.192.25 full access through ipsec0
> 4) Disallow anything else through ipsec0
>
> If I have this much, I figure I could use them as a template to do more.
> I've been digging through tutorials and googling for iptables stuff.
> Didn't find a lot dealing with three seperate NICs like this. I can kind
> of see what it might look like, but I really don't want to spend the
> whole day by trial and error getting this to work.
>
> Anyone willing to assist (give) me rules that would do this?
>
> Any help is appreciated.
>
> James

I believe I have a set of working rules. Thanks.

James

-- 
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list

Next message: David Cary Hart: "Re: OT: iptables rules request"

Previous message: Phil: "Re: General routing question?"
In reply to: James Pifer: "OT: iptables rules request"
Next in thread: David Cary Hart: "Re: OT: iptables rules request"
Reply: David Cary Hart: "Re: OT: iptables rules request"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages

Which is firewall generator suitable for new hand?
... debain in my home. ... Since the document about iptables is too complicated ... James Ng ... To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org ...
(Debian-User)
OT: iptables rules request
... I'm looking for some help with iptables. ... Anyone good in iptables willing ... I have a box running iptables and there are three networks going through ... network can communicate over the ipsec0 connection. ...
(Fedora)