Internal IP exposed

From: Jennifer (francesca.x_at_libero.it)
Date: 03/11/05

• Next message: Jennifer: "Re: Internal IP exposed"
• Previous message: Mark: "Re: Cable modem poops out on me"
• Next in thread: Davide Bianchi: "Re: Internal IP exposed"
• Reply:(deleted message) Davide Bianchi: "Re: Internal IP exposed"
• Reply: Michael Heiming: "Re: Internal IP exposed"
• Reply: Jim Berwick: "Re: Internal IP exposed"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: 11 Mar 2005 00:19:51 -0800

Hi,
I visited http://www.testmyfirewall.com and I received the following
error:

Internal IP Exposed!
192.168.1.23
Missing A Patch?

What is wrong with my firewall? Thanx

#!/bin/bash
ETH_INT=eth0
ETH_EXT=eth1
IP_INT=192.168.1.200
IP_EXT=x.x.x.x
ANY=0.0.0.0/0
NET_INT=192.168.1.0/24
NET_EXT=x.x.x.x

iptables -F
iptables -t nat -F

iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP

iptables -A INPUT -s $ANY -d 127.0.0.1 -j ACCEPT
iptables -A OUTPUT -s 127.0.0.1 -d $ANY -j ACCEPT

iptables -A INPUT -i $ETH_INT -s $NET_INT -d $ANY -j
ACCEPT
iptables -A INPUT -i $ETH_EXT -s $ANY -d $IP_EXT -j
ACCEPT

iptables -A OUTPUT -o $ETH_INT -s $ANY -d $NET_INT -j
ACCEPT
iptables -A OUTPUT -o $ETH_EXT -s $IP_EXT -d $ANY -j
ACCEPT

iptables -A FORWARD -d $NET_INT -j ACCEPT
iptables -A FORWARD -s $NET_INT -d $ANY -j ACCEPT

iptables -t nat -A POSTROUTING -s $NET_INT -d $ANY -o $ETH_EXT
-j MASQUERADE

• Next message: Jennifer: "Re: Internal IP exposed"
• Previous message: Mark: "Re: Cable modem poops out on me"
• Next in thread: Davide Bianchi: "Re: Internal IP exposed"
• Reply:(deleted message) Davide Bianchi: "Re: Internal IP exposed"
• Reply: Michael Heiming: "Re: Internal IP exposed"
• Reply: Jim Berwick: "Re: Internal IP exposed"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages Re: iptables on kernel 2.6.5 ... > use iptables. ... No idea about what modules might be missing, ... Dunno about IPv6 stuff, but I don't recall iptables v1.2.9 being much ... using modprobe with modules.conf is broken. ... (comp.os.linux.networking) Portsentry with iptables ... I think i'm missing something but i can't find out what. ... and portsentry doesn't have anything to do anymore, ... and my iptables blocked them. ... i not put up a iptables firewall? ... (comp.os.linux.security) RE: iptables question.. ... After you make changes to iptables just run ... > Subject: iptables question.. ... > am i missing something here.. ... -- redhat-list mailing list unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe ... (RedHat) Re: NTP firewall port not being opened up on FC3 ... The question is why is this missing from fedora ... > core 3? ... IPTables made easy. ... (linux.redhat) Re: Feedback solicited - best way to harden a mail/web server? ... Was the system protected by a properly configured firewall? ... it's not a bad "starting point" and it can generate an IPtables rule ... > nor is there a web or ftp server; aside from that I haven't tried to secure ... Before I'll install some nifty application ... (comp.os.linux.security)

• Security
• UNIX
• Linux
• Coding
• Usenet

• Mailing-Lists
• Newsgroups
• About
• Privacy
• Search
• Imprint