LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page Problems gettting to local network after setting firewall
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 05-21-2001, 11:34 AM   #1
vendemmian
LQ Newbie
 
Registered: May 2001
Distribution: Debian
Posts: 13

Rep: Reputation: 0

Hi,
Could anyone help, i have set up a small local network (class c) of 3 pc's..well call one bob, another reg and the server uncle.The other workstations both have modems on (ppp0).
i have set it up to allow logins to uncle (server) from the other machines using NIS and NFS (their home directorys are stored on the server, using NIS & NFS).
when i setup the firewall using ipchains ,it disconnects my NIS and NFS ports(thus RPC errors, i have allowed acess to local network from what i can see.See my script below.
I set up the rules to deny all, thus allowing me to specify what *I* want to let from /to the internet.
So i presume that i have blocked the ports running on NIS and NFS, i cannot seem to find what ports these use.could someone please help me out ( as Iam new to ipchains and network; just starting out)

Cheers
Vendemmian

#!/bin/bash
# i------------ Define varables --------------
# High Non Well know ports
HI="1024:65523"

# Define the default network address's
ALL="0.0.0.0/0"

# Define all private network address's
PRIV_NET="192.168.1.0/255.255.255.0"

#Define localhost address
LOCAL_HOME="127.0.0.1"

# Get dynamic PPP IP address (from isp)
PPP_IP=`/sbin/ifconfig ppp0 | grep 'inet addr' | awk '{print $2}' | sed -e "s/addr\://"`

echo $PPP_IP

# ----------- General Rules ------------
#
# Flush out all existing rules
/sbin/ipchains -F

# Flush out all existing chains
/sbin/ipchains -X

# Set default filters to DENY everything
/sbin/ipchains -P input DENY
/sbin/ipchains -P output DENY
/sbin/ipchains -P forward DENY

# Allow all internal loacalhost traffic
/sbin/ipchains -A input -i lo -j ACCEPT
/sbin/ipchains -A output -i lo -j ACCEPT

# Allow all internal network traffic
/sbin/ipchains -A input -i eth0 -j ACCEPT
/sbin/ipchains -A output -i eth0 -j ACCEPT

# Deny spoofed packets
/sbin/ipchains -A input -j DENY -i ppp0 -s $PPP_IP -d $ALL
/sbin/ipchains -A output -j DENY -i ppp0 -s $PRIV_NET -d $ALL

# --- TCP ---
/sbin/ipchains -A output -p tcp -j ACCEPT -i ppp0 -s $PPP_IP -d $ALL
/sbin/ipchains -A input -p tcp -j ACCEPT -i ppp0 ! -y -s $ALL -d $PPP_IP

# --- UDP ---
/sbin/ipchains -A output -p udp -j ACCEPT -i ppp0 -s $PPP_IP -d $ALL
/sbin/ipchains -A input -p udp -j ACCEPT -i ppp0 -s $ALL -d $PPP_IP
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
setting-up an xserver connection with remote host through local firewall. qanopus Linux - Security 5 02-02-2006 10:11 AM
router/firewall can't use local network zoffmann Linux - Networking 13 07-02-2005 01:53 PM
Please help setting local network leonidg Linux - Networking 3 01-20-2005 06:35 AM
Suse 9.2 firewall prevents 'ping' on local network? Steerpike SUSE / openSUSE 5 11-27-2004 05:56 PM
Setting up a local network guyd Linux - Networking 12 08-10-2003 02:00 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 07:18 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration