I am setting up a new squid daemon to run on my server. I want to make sure that everyone inside my network can access squid but I want to make sure everyone on the internet is blocked.
Code:
eth0 is connected to my internal LAN via: 192.168.0.5/255.255.255.0
eth1 is connected to the internet via: 1.1.1.1/255.255.255.248
Squid listens on port 3124
So far I have the following script for my iptables.
Code:
iptables -F
iptables -t nat -F
iptables -X
iptables -P FORWARD DROP
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -A INPUT -p tcp --dport 3124 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
Is this correct? Will this allow all my LAN users access to squid while blocking outward attempts from the net to my server?
Thanks in advance!
-Ash
Last edited by Scott; 01-28-2013 at 05:51 PM..
Reason: Code tags
I have a question regarding IPTables packet flow, that I am hoping I can get an answer to.
We have a fairly advanced implementation of IPTables that I am trying to convert into a third party product and I am not quite certain on the packet flow in the current IPTables implementation.
We are... (2 Replies)
I have two programs, a datagram socket based sender and a datagram socket based receiver. The sender emits a short UDP message to 192.168.0.100:33333 every second. The receiver creates a datagram socket with a default port number (let's say it is 44444), clears the iptables adds the following rule:... (4 Replies)
Hi,
On the IPTABLES, I did iptables --flush. I want to start fresh. Now I only want two things. Allow one ip address to this server. Allow port 443 as incoming from every where. Please advice how to do this.
This is what I did so for.
iptables -I INPUT -i eth0 -s 1.2.3.4 -j ACCEPT... (5 Replies)
Hope someone can help cus m really stuck.
Im pretty good at making basic IPTables rules to get what i need done, but this one has me beat.
I have only 1 Nic in my linux box , and its setup as a trunk to my switch.
I have 5 vlans setup on it:
eth0.1000
eth0.1001
eth0.1002
eth0.1003... (0 Replies)
Trying to create a whitelist to limit bandwidth. My sync speed is 1536/256 kbps.
Simple rules in order:
1. Do not limit (or set to 1536/256) MAC 00:00:00:00:00 (computer is in 192.168.1.0/24).
2. Do not limit (or set to 1536/256) MAC 00:00:00:00:01 (computer is in 192.168.1.0/24).
3. Do not... (1 Reply)
Description
i used iptables firewall is a month,running is favorable.it is failed when i connecting to my server on time.the servers' web service and all ports did not connect.i remote login the other server and through intranet address login this server then i restart iptables .but through... (0 Replies)
Hey guys, I have just started using IP tables and was wondering if anyone could direct me to any good online resources as I am totally new to this. Thanks. (1 Reply)