Results 1 to 1 of 1

Thread: iptables question.

12-03-2012, 09:44 PM #1
nondescriptcitizens

View Profile

View Forum Posts

Private Message

Junior Member
Join Date

Dec 2012

Posts

1

Thanks

0

Thanked 0 Times in 0 Posts

Rep Power

0
iptables question.

I am setting up a new squid daemon to run on my server. I want to make sure that everyone inside my network can access squid but I want to make sure everyone on the internet is blocked.

eth0 is connected to my internal LAN via: 192.168.0.5/255.255.255.0
eth1 is connected to the internet via: 1.1.1.1/255.255.255.248
Squid listens on port 3124

So far I have the following script for my iptables.

iptables -F
iptables -t nat -F
iptables -X
iptables -P FORWARD DROP
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -A INPUT -p tcp --dport 3124 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

Is this correct? Will this allow all my LAN users access to squid while blocking outward attempts from the net to my server?

Thanks in advance!

-Ash

Reply With Quote
<a href='http://track.linuxforum.com/openx/www/delivery/ck.php?n=a0b66231' target='_blank'><img src='http://track.linuxforum.com/openx/www/delivery/avw.php?zoneid=6&source=linuxforum&n=a0b66231' border='0' alt='' /></a>

Quick Navigation Server Security Top

« SSH Server and Hash algorithms | LogAnalysis Tool »