[prev in list] [next in list] [prev in thread] [next in thread] 

List:       firewall-wizards
Subject:    RE: [fw-wiz] IPChains ?
From:       "Chris Beckwith" <chris.beckwith () bogusmove ! com>
Date:       2001-02-21 18:30:07
[Download RAW message or body]

I presume you mean you want to stop incoming SYN's, thus preventing
incoming connections, but allowing outgoing connections... If so...
you can achieve this by "-j ACCEPT ! -y" applied to incoming packets
with a source of 0.0.0.0/0 and a destination of your host or network.
Don't filter the SYN's from your host or network to the internet
though or you won't be able to make outgoing connections.

> -----Original Message-----
> From: firewall-wizards-admin@nfr.com
> [mailto:firewall-wizards-admin@nfr.com]On Behalf Of Darich Runyan
> Sent: 21 February 2001 13:46
> To: firewall-wizards@nfr.com
> Subject: [fw-wiz] IPChains ?
> 
> 
> Is there a way with IPChains to deny inbound packets with 
> flags other than
> SYN if they did not originate from my system?  I have setup a 
> rule that
> disallows SYN connections ( using the -j DENY -y -l options ) to the
> external interface, but in order for the company internet 
> access to work, it
> seems that I needed to allow the other flagged packets in.
> 
> Any assistance with this would be appreciated.
> 
> Thanks in advance for the help.
> Darich
> 
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@nfr.com
> http://www.nfr.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards@nfr.com
http://www.nfr.com/mailman/listinfo/firewall-wizards

[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic