Firewalling and packets accounting: A pre-cooked firewall solution

5. A pre-cooked firewall solution

Here is an example for a simple network. Mostly, you have eth0 pointing to the local network. Nothing must be reachable from the outside on this network. eth1 points to a router on the Internet.

5.1 Inputing rules: accepting all icmp packets


        Protocol                icmp
                        -----------From---------------
        Host or Network 0.0.0.0
        Netmask         
        Port range
        Other ports
        Interface               eth1
                        -----------To-----------------
        Host or Network eth1
        Netmask
        Port range
        Other ports
        Interface       Any

5.2 Inputing rules: accepting only DNS packet

Ultimately only port


        Protocol                udp
                        -----------From---------------
        Host or Network 0.0.0.0
        Netmask         0.0.0.0
        Port range
        Other ports
        Interface               eth1
                        -----------To-----------------
        Host or Network eth1
        Netmask
        Port range
        Other ports
        Interface       Any

Next Previous Contents