Restricting Internal Users Ports
teknoe_at_gmail.com
Date: 10/29/05
- Previous message: jwc: "wlan...almost there"
- Next in thread: Eric: "Re: Restricting Internal Users Ports"
- Reply: Eric: "Re: Restricting Internal Users Ports"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: 28 Oct 2005 21:43:36 -0700
I am attempting to setup an internal network on my Ubuntu machine. I
have taken a look at the various iptables rules and believe I have a
rather complex setup. I need to use IP Masquerading for the internal
network, but I only want the internal users to be able to use SSH (port
22). Once the users are connected, I want them to be able to access
any established port so that I can use SSH tunneling for web/mail
access to the external network. The main reason behind this is I will
be using a wireless network and wish to use SSH in addition to the
standard WAP protection, because I have "snoopers" in my neighborhood.
For the IP Masquerading, I have used:
iptables --table nat --append POSTROUTING --jump MASQUERADE --source
192.168.0.0/24
I am thinking that before this line I need to use:
iptables -A INPUT -i eth1 -s 192.168.0.0/24 --dport 22 -j ACCEPT
My external device is eth0, and my internal device is eth1. Any help
would be appreciated. Thank you.
- Previous message: jwc: "wlan...almost there"
- Next in thread: Eric: "Re: Restricting Internal Users Ports"
- Reply: Eric: "Re: Restricting Internal Users Ports"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
