[SLUG] IPTables (was Linux Magazine)
Phil Kershaw
pkershaw at whsmithnet.co.uk
Mon Jun 16 19:47:01 BST 2003
Thanks Paul, I will give it a try and let you know how it went.
Phil
----- Original Message -----
From: "Paul Teasdale" <pdt at rcsuk.fsnet.co.uk>
To: <scarborough at mailman.lug.org.uk>
Sent: Monday, June 16, 2003 6:07 PM
Subject: Re: [SLUG] IPTables (was Linux Magazine)
> Sorry, one of the rules is wrong. See correction below.
>
> Kind regards,
>
> Paul.
>
> ----- Original Message -----
> From: "Paul Teasdale" <pdt at rcsuk.fsnet.co.uk>
> To: <scarborough at mailman.lug.org.uk>
> Sent: Monday, June 16, 2003 5:59 PM
> Subject: Re: [SLUG] IPTables (was Linux Magazine)
>
> <SNIP>
>
> >
> > You will also (probably) want to put a line in your rules something like
> the
> > following:
> >
> > # Allow outgoing packets on your network for new and established
> connections
> > on ports 137, 138, 139
> > # I think that new connections can probably go in both directions hence
> > NEW,ESTABLISHED here too
> > # What I am saying is your Linux box can create a new connection to your
> > Windows box and vice versa
> > iptables -O OUTPUT -o $INTERFACE -d $INTERNAL_NETWORK -p udp --sport
> > 137:139 -m state --state NEW,ESTABLISHED -j ACCEPT
> >
>
> The above line should be:
>
> iptables -A OUTPUT -o $INTERFACE -d $INTERNAL_NETWORK -p udp --sport
> 137:139 -m state --state NEW,ESTABLISHED -j ACCEPT
>
> (ie: replace -O with -A):
>
> <SNIP>
>
>
>
More information about the Scarborough
mailing list