Indunil Jayasooriya
2007-12-07 11:41:38 UTC
Hi All,
I want to create chains to mark bag packets.
my firewall has 3 network cards.
eth0 - connected to internet.
eth1 - connected to DMZ
eth2 - connected to LAN
eth0 only accepts SSH (tcp -port 22) and ICMP for pinging.. If it gets
anything other than that, I want to create a new chain and log and DROP .
what are the suitable rules for it?
what about the below rule?
iptables -A INPUT -i eth0 -j bad_packets
I think I need some more rules as well. Could you pls help me to go ahead.
Similary, I need for FORWARD AND OUTPUT.
But, If I write for INPUT , I will be able to write for FORAWAD AND OUTPUT
chains.
ANY IDEA?
I want to create chains to mark bag packets.
my firewall has 3 network cards.
eth0 - connected to internet.
eth1 - connected to DMZ
eth2 - connected to LAN
eth0 only accepts SSH (tcp -port 22) and ICMP for pinging.. If it gets
anything other than that, I want to create a new chain and log and DROP .
what are the suitable rules for it?
what about the below rule?
iptables -A INPUT -i eth0 -j bad_packets
I think I need some more rules as well. Could you pls help me to go ahead.
Similary, I need for FORWARD AND OUTPUT.
But, If I write for INPUT , I will be able to write for FORAWAD AND OUTPUT
chains.
ANY IDEA?
--
Thank you
Indunil Jayasooriya
Thank you
Indunil Jayasooriya