Jeroen Geilman <(E-Mail Removed)> wrote in message news:<3f74aadb$0$58706$(E-Mail Removed)>...
> R. Hixon wrote:
>
> > I am running Redhat 7.3. I am trying to set up ipchains that will
> > allow access to the internet. I have tried several things, but
> > nothing is working.
> > Here is what I thought should work for the output chain:
> >
> > ipchains -A output -p tcp -d 0.0.0.0/0 http -j ACCEPT
> >
> > When I remove all of the rules, I can access the internet. So I know
> > that it is my ipchains that won't allow my access. When I flush the
> > input chain, the above command doesn't allow access.
> >
> > I thought the input chain should be:
> >
> > ipchains -A output -p tcp -s myaddr http -j ACCEPT
> >
> > Can someone please help me?
>
> First - WHY use ipchains ?
>
> RH 7.3 comes with a 2.4.x kernel, does it not ?
>
> Then please use iptables - it will make life soo much simpler...
>
> Second, simply put - no.
>
> What are those "rules" you disabled in the above paragraph ?
>
> List them, or do you want me to guess?
>
> The rules as stated will not work, since the outgoing traffic has a SOURCE
> port of 80 (http), but the destination port could be anything - whatever
> the client gave as its source port.
>
> For this to work, then, you have to allow *incoming* traffic to port 80
> (http), but why restrict outgoing traffic ?
> That's generated by you, yes ?
>
> Worries for later.
>
> To test this, set the outgoing policy to ACCEPT, and the incoming policy to
> DENY, then add just the incoming rule.
>
> See if it works.
>
> If it does, then take the next (small) step.
>
> If it doesn't - hey, something's wrong !
I thought that ipchains had replace iptables. I must be wrong. So
can you give me an idea how to get started using iptables? I will
gladly do so, especially if it makes my life easier.
My ipchains currently only allow access to local traffic and nothing
else.
|
Similar Threads
Linear Mode
